Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          83sELgwEkh6ANaj6LbdlN4S6Hst1HJHtufSg0h4psXY=
Subject key identifier:   DB:73:93:90:56:9F:E6:1D:86:00:E4:DB:50:B7:DA:D1:46:A6:65:65
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       019D9962E7024AC6A4DF197275896B4ADD40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 03:01:28 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:28 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:28 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: 2gVd586eMSfKVwF6xffmoq75Z37u1ffuEfqezW5HPVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:e7:02:4a:c6:a4:df:19:72:75:89:6b:4a:dd:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: Apr 17 03:01:28 2026 GMT
            Not After : Apr 18 03:01:28 2026 GMT
        Subject: CN=db739390569fe61d8600e4db50b7dad146a66565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:83:74:4b:40:f9:da:16:7e:32:94:a5:65:1b:
                    98:d8:57:89:e6:46:09:7c:36:53:9d:8d:98:d4:b3:
                    1b:09:ed:21:82:8d:c0:c4:62:a9:99:cf:32:8c:4f:
                    ab:30:76:d1:e2:ca:cd:39:df:4d:f2:2e:c7:ea:09:
                    aa:69:ba:bc:68:17:0c:a0:5b:d9:11:12:d3:1b:ca:
                    64:cb:8b:8a:df:fa:dd:42:53:83:73:c7:eb:c9:93:
                    22:40:e5:c9:9a:d1:8a:bc:39:d5:ec:91:78:87:94:
                    a8:04:ea:ea:b1:e9:98:1c:37:79:89:c5:47:95:19:
                    40:e2:a1:80:ad:b0:f0:fb:68:34:c3:7f:41:bd:b2:
                    15:c3:64:75:4f:bf:16:0e:91:3c:ca:d6:c3:37:01:
                    54:35:55:76:2c:0f:5d:96:12:e7:d8:1f:f7:5c:d3:
                    de:bc:9a:49:20:82:df:c8:97:35:3e:6e:c8:79:bd:
                    7a:e3:c0:4a:9a:ea:c8:2e:a0:45:68:83:2c:54:8f:
                    64:f4:2a:17:12:b9:01:8c:a2:88:f1:b8:7a:bd:bd:
                    6f:36:9b:d5:7e:27:d7:0c:0f:a9:11:a5:f7:e6:c8:
                    96:05:c7:d5:fa:cc:36:1e:89:74:94:f8:c5:6b:70:
                    f6:43:ae:6d:c4:e4:b7:19:66:82:dc:64:12:9b:fe:
                    6e:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:73:93:90:56:9F:E6:1D:86:00:E4:DB:50:B7:DA:D1:46:A6:65:65
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:3c:e5:74:21:37:2b:4e:8b:4b:ac:7b:9f:9d:9a:d5:b3:2c:
         b4:97:df:97:03:3b:92:57:20:f9:2f:18:70:b2:2a:fb:1a:15:
         37:4a:1e:ca:5a:c8:09:47:2b:3c:61:07:7f:6d:58:2b:7b:98:
         ba:22:8b:90:4d:e4:f5:cf:b7:cc:64:ee:e5:da:5c:9f:13:11:
         8f:66:d4:1f:22:28:f3:9b:71:d2:52:20:09:20:d2:eb:e8:f4:
         de:97:4c:1e:4c:7c:a2:c8:57:b1:37:76:25:7d:4e:c8:19:51:
         7f:61:4f:51:14:48:df:23:ec:d7:9c:80:fd:b9:c8:b0:5b:38:
         21:6b:a0:c6:43:bd:00:c8:73:0c:1e:52:65:92:ce:ef:63:6c:
         26:ab:d5:be:2d:33:87:28:18:26:91:f1:8e:7e:af:5b:87:db:
         89:e0:d4:83:cc:39:9d:10:45:66:b5:b1:43:04:ec:21:61:1a:
         14:90:64:2f:82:4e:5e:ba:94:63:a3:13:f7:c0:56:6b:72:aa:
         74:34:06:85:5b:4e:e7:ae:63:5d:8b:69:65:86:cd:b0:c8:e7:
         0f:36:d1:dc:30:d8:3e:1e:d3:60:63:85:e1:78:c1:4b:7e:4c:
         f7:6b:f5:08:e4:1d:47:4a:85:2d:10:16:72:11:73:a7:85:2f:
         d6:45:a5:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYucCSsak3xlydYlrSt1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjYwNDE3MDMwMTI4WhcNMjYwNDE4MDMwMTI4WjAzMTEwLwYDVQQD
EyhkYjczOTM5MDU2OWZlNjFkODYwMGU0ZGI1MGI3ZGFkMTQ2YTY2NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIN0S0D52hZ+MpSlZRuY2FeJ5kYJ
fDZTnY2Y1LMbCe0hgo3AxGKpmc8yjE+rMHbR4srNOd9N8i7H6gmqabq8aBcMoFvZ
ERLTG8pky4uK3/rdQlODc8fryZMiQOXJmtGKvDnV7JF4h5SoBOrqsemYHDd5icVH
lRlA4qGArbDw+2g0w39BvbIVw2R1T78WDpE8ytbDNwFUNVV2LA9dlhLn2B/3XNPe
vJpJIILfyJc1Pm7Ieb1648BKmurILqBFaIMsVI9k9CoXErkBjKKI8bh6vb1vNpvV
fifXDA+pEaX35siWBcfV+sw2Hol0lPjFa3D2Q65txOS3GWaC3GQSm/5u4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtzk5BWn+YdhgDk21C32tFGpmVlMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEjzldCE3
K06LS6x7n52a1bMstJfflwM7klcg+S8YcLIq+xoVN0oeylrICUcrPGEHf21YK3uY
uiKLkE3k9c+3zGTu5dpcnxMRj2bUHyIo85tx0lIgCSDS6+j03pdMHkx8oshXsTd2
JX1OyBlRf2FPURRI3yPs15yA/bnIsFs4IWugxkO9AMhzDB5SZZLO72NsJqvVvi0z
hygYJpHxjn6vW4fbieDUg8w5nRBFZrWxQwTsIWEaFJBkL4JOXrqUY6MT98BWa3Kq
dDQGhVtO565jXYtpZYbNsMjnDzbR3DDYPh7TYGOF4XjBS35M92v1COQdR0qFLRAW
chFzp4Uv1kWlxQ==
-----END CERTIFICATE-----