Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          4wMr+zNQfItBVjVbPEc8UAuthavGx398VWRMxey5OvQ=
Subject key identifier:   BE:E8:6F:41:84:4B:EC:8B:01:83:65:C0:7D:17:E4:A0:69:CA:F6:1C
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       019CABD94B58AE3DFC20766DE1E909A1FC3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 00:01:10 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:10 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:10 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: pmzSENwSHCabrvzGsX0IKL5FbWGcpOZXUiVPY8g/2Ic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:4b:58:ae:3d:fc:20:76:6d:e1:e9:09:a1:fc:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: Mar  2 00:01:10 2026 GMT
            Not After : Mar  3 00:01:10 2026 GMT
        Subject: CN=bee86f41844bec8b018365c07d17e4a069caf61c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f6:31:2f:d5:61:50:48:1e:1b:db:07:76:0a:
                    d8:b7:d7:ca:21:db:b5:7b:cb:49:89:e5:b5:6f:1f:
                    42:63:ca:f6:b7:c0:dc:ed:d1:59:0c:cd:c4:86:33:
                    97:23:2f:81:87:9c:b7:3d:21:b4:3b:b5:a9:6f:77:
                    7b:a0:17:2c:e9:b9:27:b6:ef:62:26:18:3b:2e:8b:
                    2e:b7:68:3a:49:06:9a:61:6b:b2:5a:92:ab:f3:af:
                    32:47:79:45:fa:bd:a7:3c:77:62:09:34:29:2a:6b:
                    b6:79:b3:81:1c:e8:b1:b8:ac:6f:d3:62:da:74:35:
                    54:e8:93:df:95:3a:67:18:e5:8e:8c:1c:7b:00:a0:
                    ae:63:14:63:f1:4a:08:15:95:b9:71:56:0a:cc:cb:
                    d4:be:54:d4:12:05:d6:a8:ce:76:2b:68:d3:7e:c3:
                    7d:8e:6a:12:26:f9:33:29:99:74:d3:99:da:9a:51:
                    0c:d3:eb:65:b2:87:b9:68:0a:85:02:36:c1:df:cb:
                    55:9b:e5:0a:c5:2d:b9:c2:3d:e2:46:c8:14:b2:63:
                    4f:57:f4:8c:d5:c3:fb:04:95:af:39:26:70:0d:b0:
                    3c:32:66:cd:0e:33:88:53:69:0f:68:16:8c:f7:b7:
                    a7:ee:7a:b5:4d:85:27:c1:be:03:83:7a:12:5e:e7:
                    bd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E8:6F:41:84:4B:EC:8B:01:83:65:C0:7D:17:E4:A0:69:CA:F6:1C
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:ca:9f:86:44:de:7d:f4:45:26:1d:b1:8a:d3:35:7d:3e:77:
         10:8c:4f:db:81:9c:3b:66:9c:7a:4e:f8:a1:85:bb:06:e2:ce:
         94:b5:06:a6:ba:dd:cb:42:d6:8b:2f:b5:d7:34:54:22:ef:23:
         d5:4f:59:91:f3:5c:33:75:22:72:19:42:1b:79:2a:2e:75:e2:
         ea:0b:b1:a8:11:c9:12:a0:a1:fa:98:12:ff:83:eb:f9:cd:cb:
         2e:09:01:4a:b1:08:51:06:f6:aa:d1:01:54:dd:99:55:d7:d6:
         df:52:84:0b:4d:dd:76:ed:74:ca:7a:bc:1e:45:25:38:3b:31:
         ae:22:7b:6c:b7:fb:e4:94:d1:12:f4:e5:ec:63:b1:0a:17:09:
         15:d3:99:27:b2:98:12:26:5b:56:a8:49:fc:f3:af:fa:3c:e1:
         c9:19:d8:9e:ff:9d:7d:99:bb:83:de:c5:14:e8:b9:52:c7:ff:
         b1:c1:a8:d7:d0:89:e5:66:3e:89:70:9e:20:e3:f6:a7:59:44:
         91:a4:7e:e5:66:25:3b:6e:73:55:a4:88:b1:77:e5:1d:6e:36:
         75:74:77:3b:a3:ab:e9:02:18:36:6f:9f:42:13:95:7a:22:d5:
         c1:e5:e3:62:ea:4e:e6:5f:7d:06:17:12:e1:bb:52:c4:f9:6a:
         d1:21:26:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2UtYrj38IHZt4ekJofw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjYwMzAyMDAwMTEwWhcNMjYwMzAzMDAwMTEwWjAzMTEwLwYDVQQD
EyhiZWU4NmY0MTg0NGJlYzhiMDE4MzY1YzA3ZDE3ZTRhMDY5Y2FmNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/YxL9VhUEgeG9sHdgrYt9fKIdu1
e8tJieW1bx9CY8r2t8Dc7dFZDM3EhjOXIy+Bh5y3PSG0O7Wpb3d7oBcs6bkntu9i
Jhg7Losut2g6SQaaYWuyWpKr868yR3lF+r2nPHdiCTQpKmu2ebOBHOixuKxv02La
dDVU6JPflTpnGOWOjBx7AKCuYxRj8UoIFZW5cVYKzMvUvlTUEgXWqM52K2jTfsN9
jmoSJvkzKZl005namlEM0+tlsoe5aAqFAjbB38tVm+UKxS25wj3iRsgUsmNPV/SM
1cP7BJWvOSZwDbA8MmbNDjOIU2kPaBaM97en7nq1TYUnwb4Dg3oSXue9ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7ob0GES+yLAYNlwH0X5KBpyvYcMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMqfhkTe
ffRFJh2xitM1fT53EIxP24GcO2acek74oYW7BuLOlLUGprrdy0LWiy+11zRUIu8j
1U9ZkfNcM3UichlCG3kqLnXi6guxqBHJEqCh+pgS/4Pr+c3LLgkBSrEIUQb2qtEB
VN2ZVdfW31KEC03ddu10ynq8HkUlODsxriJ7bLf75JTREvTl7GOxChcJFdOZJ7KY
EiZbVqhJ/POv+jzhyRnYnv+dfZm7g97FFOi5Usf/scGo19CJ5WY+iXCeIOP2p1lE
kaR+5WYlO25zVaSIsXflHW42dXR3O6Or6QIYNm+fQhOVeiLVweXjYupO5l99BhcS
4btSxPlq0SEmjg==
-----END CERTIFICATE-----