Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          MyiphmRL4nCXnFriicXuVip/9qNyAA5Z/nodXt9FMYE=
Subject key identifier:   80:96:DB:92:A3:F5:C8:27:9D:FF:62:57:30:41:5D:39:23:08:23:A5
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       019CAA8FD2DCDED0CD55DA241A6E5C643E19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          04A7
Signing time:             Sun 01 Mar 2026 18:01:18 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:18 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:18 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: 6XRjvKVKK4JGN7dFIM+a31QLIYjyMxFewjBQ68gU2k8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:d2:dc:de:d0:cd:55:da:24:1a:6e:5c:64:3e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Mar  1 18:01:18 2026 GMT
            Not After : Mar  2 18:01:18 2026 GMT
        Subject: CN=8096db92a3f5c8279dff625730415d39230823a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f8:8e:a7:29:a3:72:1b:27:d6:e7:e2:04:07:
                    20:d3:9e:be:1c:7a:52:8f:43:94:59:da:e5:12:1d:
                    54:f4:22:44:b8:7a:f4:04:e9:5f:c6:3e:91:b3:ec:
                    27:64:6e:34:be:e9:22:be:9f:26:7f:7f:a9:1b:e9:
                    04:d6:ff:4b:17:49:ad:4d:3b:5b:20:93:e0:21:c2:
                    79:99:4d:c1:59:3c:7e:c4:be:da:f9:a8:a0:f8:40:
                    b7:22:e1:3b:61:40:76:d0:7e:57:01:73:d7:2c:dd:
                    08:70:26:c1:f1:36:c5:5a:1a:bd:85:4a:ad:cc:52:
                    b4:a0:ac:90:38:41:65:a2:7b:2c:94:4e:2c:10:5c:
                    3e:f9:0b:15:05:07:20:13:d7:47:3c:91:a5:5e:80:
                    16:e0:cb:42:c1:62:5b:ee:51:b1:84:aa:f2:fd:44:
                    31:09:5e:66:bf:23:9d:ab:db:3e:8c:3b:e0:f0:54:
                    b6:56:39:c2:4f:c6:75:05:a4:58:3c:19:2c:e1:33:
                    28:10:bf:e0:87:3b:0a:3c:a6:0f:d8:ca:a7:ad:00:
                    7d:85:19:07:db:18:90:1e:29:2c:f4:f3:89:b5:27:
                    94:52:18:20:66:7e:f3:68:37:61:f6:76:9a:7c:79:
                    9b:6a:83:ff:da:b1:03:1e:7a:d6:0a:7b:45:f0:60:
                    cb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:96:DB:92:A3:F5:C8:27:9D:FF:62:57:30:41:5D:39:23:08:23:A5
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f0:7e:77:62:96:c8:45:03:97:29:19:c4:f3:08:7d:ad:be:
         95:aa:f8:6a:cf:d4:24:96:13:15:28:0a:9d:45:87:7f:24:24:
         9b:b9:3d:a0:d1:77:9f:9f:c8:28:ff:64:01:b4:55:df:9a:31:
         6b:d9:4b:b5:b6:9c:71:9e:c7:a3:04:86:af:6d:96:57:a8:a0:
         a5:6e:ab:86:ac:76:78:9a:0b:8d:20:b6:11:b5:44:f3:97:32:
         12:98:1e:6f:d7:40:f1:a0:7d:d9:8d:80:69:31:88:f0:c3:95:
         5b:af:d2:13:3c:4d:27:04:04:c5:1e:a5:2f:ae:ec:27:5b:90:
         bb:79:0d:ad:02:33:0d:3b:d6:29:c2:4d:c7:a4:38:05:e0:4b:
         13:54:b0:67:ad:7f:9b:75:4c:6e:63:0e:57:9d:f1:d3:72:b7:
         75:a9:9e:ea:d3:8b:09:50:38:17:5a:aa:9f:9e:60:41:a2:e1:
         92:b0:77:ed:f6:b1:86:c1:7d:a3:35:62:f0:df:1b:b8:45:19:
         d7:61:27:b9:52:06:97:a5:e3:07:26:42:80:33:de:3c:f4:0d:
         ef:e4:8d:3c:5d:12:b8:99:24:77:15:30:15:d5:ad:d9:bb:39:
         38:ea:bd:8e:ad:47:9c:1d:b7:7a:b7:c3:3c:3b:54:45:f4:a9:
         5f:ff:35:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj9Lc3tDNVdokGm5cZD4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjYwMzAxMTgwMTE4WhcNMjYwMzAyMTgwMTE4WjAzMTEwLwYDVQQD
Eyg4MDk2ZGI5MmEzZjVjODI3OWRmZjYyNTczMDQxNWQzOTIzMDgyM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPiOpymjchsn1ufiBAcg056+HHpS
j0OUWdrlEh1U9CJEuHr0BOlfxj6Rs+wnZG40vukivp8mf3+pG+kE1v9LF0mtTTtb
IJPgIcJ5mU3BWTx+xL7a+aig+EC3IuE7YUB20H5XAXPXLN0IcCbB8TbFWhq9hUqt
zFK0oKyQOEFlonsslE4sEFw++QsVBQcgE9dHPJGlXoAW4MtCwWJb7lGxhKry/UQx
CV5mvyOdq9s+jDvg8FS2VjnCT8Z1BaRYPBks4TMoEL/ghzsKPKYP2MqnrQB9hRkH
2xiQHiks9POJtSeUUhggZn7zaDdh9naafHmbaoP/2rEDHnrWCntF8GDLQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICW25Kj9cgnnf9iVzBBXTkjCCOlMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfB+d2KW
yEUDlykZxPMIfa2+lar4as/UJJYTFSgKnUWHfyQkm7k9oNF3n5/IKP9kAbRV35ox
a9lLtbaccZ7HowSGr22WV6igpW6rhqx2eJoLjSC2EbVE85cyEpgeb9dA8aB92Y2A
aTGI8MOVW6/SEzxNJwQExR6lL67sJ1uQu3kNrQIzDTvWKcJNx6Q4BeBLE1SwZ61/
m3VMbmMOV53x03K3dame6tOLCVA4F1qqn55gQaLhkrB37faxhsF9ozVi8N8buEUZ
12EnuVIGl6XjByZCgDPePPQN7+SNPF0SuJkkdxUwFdWt2bs5OOq9jq1HnB23erfD
PDtURfSpX/81gg==
-----END CERTIFICATE-----