Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          ofF+7RurdVvMKr3Sldr6xxLCOtiuiH4wJNYfIbrh1Is=
Subject key identifier:   BC:9F:C9:79:79:3C:B2:22:2B:3C:22:15:30:F3:36:38:5A:59:AA:60
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019D9850CB6ECC5D0B3DDFD1C82C8586658B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1765
Signing time:             Thu 16 Apr 2026 22:02:04 +0000
Manifest this update:     Thu 16 Apr 2026 22:02:04 +0000
Manifest next update:     Fri 17 Apr 2026 22:02:04 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: AMuo1ZLZs44puqJcOFvVOQQLYHhPBrr3nATHSogZ7vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:cb:6e:cc:5d:0b:3d:df:d1:c8:2c:85:86:65:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Apr 16 22:02:04 2026 GMT
            Not After : Apr 17 22:02:04 2026 GMT
        Subject: CN=bc9fc979793cb2222b3c221530f336385a59aa60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d6:c3:60:fb:0c:0c:0a:03:e8:f0:22:d2:a4:
                    12:ac:66:c3:b0:af:92:30:b5:88:a4:86:40:31:88:
                    d7:50:00:12:44:74:fa:ed:a4:03:30:f5:84:2b:27:
                    e4:01:9b:76:60:16:45:92:3a:9c:16:c5:2f:22:10:
                    d4:fe:60:98:36:ee:fd:93:24:04:50:40:3b:ee:95:
                    0f:67:78:78:41:3b:04:bd:0a:7b:ba:36:b9:26:c2:
                    b0:09:a0:9e:f3:93:3e:04:80:85:49:2f:f3:e9:0d:
                    44:b2:9f:bc:1f:61:9b:0d:1d:83:ee:ad:f6:de:1b:
                    3a:aa:f6:18:95:e3:be:53:55:ef:d7:07:80:8d:16:
                    81:b7:af:d9:82:62:15:40:41:bc:e0:05:c3:bc:1c:
                    9c:f4:30:7f:ce:09:29:6a:2e:29:57:e5:46:60:49:
                    dc:ed:5f:d1:3c:37:e3:d5:86:4d:8d:52:5a:c1:98:
                    60:9e:b9:cf:b1:64:70:e5:d5:53:2c:f5:00:5f:f6:
                    d6:e0:8d:17:b9:89:d3:3d:e3:e0:58:34:41:10:66:
                    46:60:89:41:d1:43:4a:73:58:fc:e3:e2:94:4a:6c:
                    99:12:71:50:e5:d9:cb:8f:17:bb:3b:3c:50:67:98:
                    3e:7b:c5:68:7a:24:5b:7b:5c:6a:d9:ab:8f:c2:a7:
                    fc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:9F:C9:79:79:3C:B2:22:2B:3C:22:15:30:F3:36:38:5A:59:AA:60
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:9a:13:a0:36:f7:20:bb:ad:6e:3d:c3:8d:8f:fb:3a:ef:ba:
         c8:08:5b:5c:97:99:f1:0c:7b:cb:cd:84:5f:17:76:06:8d:db:
         32:69:f2:d0:9f:d3:cd:d8:3d:83:fc:e3:a0:3a:42:f3:d2:8c:
         8a:35:b2:b3:48:92:61:5c:c7:61:8d:77:0e:c4:5d:6a:48:7e:
         59:b8:0b:d6:99:22:38:4e:82:dd:bc:59:c4:b1:61:0c:c6:1b:
         8a:84:5a:d4:21:64:34:fd:b5:f0:8a:dd:72:2e:e4:1d:76:4e:
         f1:63:f2:33:ac:1d:12:6c:89:57:f8:1a:ca:6a:08:e7:11:48:
         99:ab:86:0b:ac:cc:6f:a5:19:21:94:f5:e1:e2:46:dd:88:da:
         3a:84:88:b4:c0:2a:17:7e:08:6e:23:7a:7a:f5:69:4d:e5:a9:
         f9:fd:e3:ca:38:37:1c:a0:29:b7:9c:ec:d8:c8:7e:ea:bf:0f:
         bb:0b:5f:66:83:f8:0d:df:68:f5:6a:09:6c:7a:50:3f:99:be:
         4d:91:4a:19:dc:21:87:ea:16:17:29:36:93:24:d6:df:60:00:
         64:8b:dd:6d:ff:de:de:ac:0d:fb:ab:b5:28:4f:3c:91:e6:7a:
         ac:fa:41:b9:aa:bf:92:64:ba:87:d0:e6:a0:f3:50:c8:60:87:
         92:0c:8a:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUMtuzF0LPd/RyCyFhmWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjYwNDE2MjIwMjA0WhcNMjYwNDE3MjIwMjA0WjAzMTEwLwYDVQQD
EyhiYzlmYzk3OTc5M2NiMjIyMmIzYzIyMTUzMGYzMzYzODVhNTlhYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdbDYPsMDAoD6PAi0qQSrGbDsK+S
MLWIpIZAMYjXUAASRHT67aQDMPWEKyfkAZt2YBZFkjqcFsUvIhDU/mCYNu79kyQE
UEA77pUPZ3h4QTsEvQp7uja5JsKwCaCe85M+BICFSS/z6Q1Esp+8H2GbDR2D7q32
3hs6qvYYleO+U1Xv1weAjRaBt6/ZgmIVQEG84AXDvByc9DB/zgkpai4pV+VGYEnc
7V/RPDfj1YZNjVJawZhgnrnPsWRw5dVTLPUAX/bW4I0XuYnTPePgWDRBEGZGYIlB
0UNKc1j84+KUSmyZEnFQ5dnLjxe7OzxQZ5g+e8VoeiRbe1xq2auPwqf8jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyfyXl5PLIiKzwiFTDzNjhaWapgMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZoToDb3
ILutbj3DjY/7Ou+6yAhbXJeZ8Qx7y82EXxd2Bo3bMmny0J/Tzdg9g/zjoDpC89KM
ijWys0iSYVzHYY13DsRdakh+WbgL1pkiOE6C3bxZxLFhDMYbioRa1CFkNP218Ird
ci7kHXZO8WPyM6wdEmyJV/gaymoI5xFImauGC6zMb6UZIZT14eJG3YjaOoSItMAq
F34IbiN6evVpTeWp+f3jyjg3HKApt5zs2Mh+6r8PuwtfZoP4Dd9o9WoJbHpQP5m+
TZFKGdwhh+oWFyk2kyTW32AAZIvdbf/e3qwN+6u1KE88keZ6rPpBuaq/kmS6h9Dm
oPNQyGCHkgyKMQ==
-----END CERTIFICATE-----