Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          GTe76RfSMXV+dAfkELSJqobeMaIs/BCyAKXd6Ee5Gvg=
Subject key identifier:   AB:CF:C3:EA:4B:41:B8:79:85:C1:27:0A:1E:A9:E1:D2:7A:51:82:25
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       019CAB6AD43521CEE5C705550B905AD88ED5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          122C
Signing time:             Sun 01 Mar 2026 22:00:30 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:30 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:30 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: G5/ak8Y+IXEr7IcWirASYj71Lw1e78RcWmFhg61Y/to=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:d4:35:21:ce:e5:c7:05:55:0b:90:5a:d8:8e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Mar  1 22:00:30 2026 GMT
            Not After : Mar  2 22:00:30 2026 GMT
        Subject: CN=abcfc3ea4b41b87985c1270a1ea9e1d27a518225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:19:3f:ea:fb:3a:5b:15:8b:f0:52:7c:93:f3:
                    7c:c5:eb:01:f8:52:19:bd:2a:2b:6c:8e:dd:05:b2:
                    e0:20:84:88:12:34:8b:9d:05:98:cd:16:05:5c:86:
                    7a:b3:1c:04:34:26:b4:19:a7:6d:38:85:a3:8c:b7:
                    5a:0c:58:58:c1:3b:10:37:05:2d:05:b3:8b:34:7e:
                    8a:e7:cd:48:8b:7e:3e:4f:56:14:5b:97:76:ce:03:
                    74:39:76:8c:19:ce:91:61:43:4c:ac:55:01:92:d0:
                    2f:95:58:20:3d:89:e4:fe:4c:b6:25:a1:c7:85:d6:
                    97:82:07:ef:98:77:6f:ca:d0:2c:a9:9c:9c:79:4c:
                    52:0f:50:0f:d1:61:f6:af:89:d6:d6:04:4a:50:0e:
                    e1:fe:f1:da:77:3e:05:af:51:fe:9b:51:9a:3d:14:
                    02:4a:3f:e5:d2:2a:11:2b:00:97:cd:22:ff:d1:dc:
                    91:29:f6:ef:f6:08:bd:bd:69:eb:33:9e:b7:d4:5a:
                    ee:b9:cf:06:6a:d5:e5:bc:d1:61:eb:12:6a:09:09:
                    f5:77:0d:5f:f1:6e:31:64:40:f3:98:5e:0f:de:9d:
                    37:52:45:67:7a:66:c4:a6:d3:2a:de:4d:2c:72:7a:
                    9b:0f:da:13:38:a1:b3:d2:73:8d:0d:a5:4a:48:a9:
                    3b:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:CF:C3:EA:4B:41:B8:79:85:C1:27:0A:1E:A9:E1:D2:7A:51:82:25
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:28:41:07:6d:5b:cc:1e:75:94:57:ac:5d:3f:5e:6c:3f:ba:
         4c:cb:06:10:ec:c7:cf:2a:4f:81:ee:00:de:e4:c3:43:cf:8b:
         6f:0c:f2:a7:3f:0a:bb:8b:30:51:65:d9:03:52:b2:6a:5b:d8:
         ab:5c:b6:fb:29:50:f4:3c:4f:af:00:00:3b:00:f0:19:9c:a0:
         ed:cb:83:b6:b1:bb:e6:0a:49:b5:c1:a4:93:ea:94:2c:96:a4:
         65:cb:62:65:7d:3e:a3:32:9d:3a:6d:4f:18:fd:3a:17:83:a0:
         ff:35:53:4d:9c:32:8b:c2:5f:3f:e8:4c:48:20:86:79:54:22:
         73:72:c9:19:54:be:ae:23:ec:41:57:4a:5f:4b:54:cc:61:8d:
         c4:75:b5:c2:33:c9:19:ca:18:e5:75:61:c3:ff:6d:98:f9:17:
         d8:60:19:24:96:3d:d4:70:dd:7b:f6:42:b6:22:07:56:b8:ac:
         cf:a9:09:bb:2d:a7:82:ed:c2:21:d6:90:66:17:1f:11:de:5a:
         4e:16:42:02:66:25:35:4a:4b:67:ff:be:2c:55:93:d8:5a:ab:
         64:c5:b1:88:b9:9c:20:e3:43:08:53:de:62:f8:3e:1d:e5:27:
         f1:86:f0:a1:97:73:c6:cb:0b:08:20:62:98:ee:9a:81:40:0f:
         42:99:11:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyratQ1Ic7lxwVVC5Ba2I7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjYwMzAxMjIwMDMwWhcNMjYwMzAyMjIwMDMwWjAzMTEwLwYDVQQD
EyhhYmNmYzNlYTRiNDFiODc5ODVjMTI3MGExZWE5ZTFkMjdhNTE4MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBk/6vs6WxWL8FJ8k/N8xesB+FIZ
vSorbI7dBbLgIISIEjSLnQWYzRYFXIZ6sxwENCa0GadtOIWjjLdaDFhYwTsQNwUt
BbOLNH6K581Ii34+T1YUW5d2zgN0OXaMGc6RYUNMrFUBktAvlVggPYnk/ky2JaHH
hdaXggfvmHdvytAsqZyceUxSD1AP0WH2r4nW1gRKUA7h/vHadz4Fr1H+m1GaPRQC
Sj/l0ioRKwCXzSL/0dyRKfbv9gi9vWnrM5631Fruuc8GatXlvNFh6xJqCQn1dw1f
8W4xZEDzmF4P3p03UkVnembEptMq3k0scnqbD9oTOKGz0nONDaVKSKk7sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvPw+pLQbh5hcEnCh6p4dJ6UYIlMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbChBB21b
zB51lFesXT9ebD+6TMsGEOzHzypPge4A3uTDQ8+Lbwzypz8Ku4swUWXZA1KyalvY
q1y2+ylQ9DxPrwAAOwDwGZyg7cuDtrG75gpJtcGkk+qULJakZctiZX0+ozKdOm1P
GP06F4Og/zVTTZwyi8JfP+hMSCCGeVQic3LJGVS+riPsQVdKX0tUzGGNxHW1wjPJ
GcoY5XVhw/9tmPkX2GAZJJY91HDde/ZCtiIHVrisz6kJuy2ngu3CIdaQZhcfEd5a
ThZCAmYlNUpLZ/++LFWT2FqrZMWxiLmcIONDCFPeYvg+HeUn8YbwoZdzxssLCCBi
mO6agUAPQpkRDw==
-----END CERTIFICATE-----