Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
File:                     qwJca7PczxsWUUnChzwEsabH2no.mft (raw, json)
Hash identifier:          u+s6C/NddindKcBCak4EGndC/3NEQMgSpEQv8aEf+xk=
Subject key identifier:   64:A5:99:68:8D:F8:1D:D2:67:DF:8D:F2:E2:C3:D6:74:8B:EB:0D:3D
Authority key identifier: AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A
Certificate issuer:       /CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
Certificate serial:       019CAB6BA93EED9294899252DC2DE42110F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
Manifest number:          0D02
Signing time:             Sun 01 Mar 2026 22:01:25 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:25 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:25 +0000
Files and hashes:         1: qwJca7PczxsWUUnChzwEsabH2no.crl (hash: Vz73i2ZiwDpY2c7UjSFXPVu7kGgkcDtY9zFexavNl4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a9:3e:ed:92:94:89:92:52:dc:2d:e4:21:10:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
        Validity
            Not Before: Mar  1 22:01:25 2026 GMT
            Not After : Mar  2 22:01:25 2026 GMT
        Subject: CN=64a599688df81dd267df8df2e2c3d6748beb0d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:47:6a:19:a0:e3:5b:de:34:bf:04:7a:80:ba:
                    07:20:5b:22:f5:31:61:12:61:ae:e3:45:04:09:61:
                    3f:6b:20:62:b5:b5:e8:8a:46:d3:58:94:7c:ee:d6:
                    a5:58:69:fb:55:c0:d4:83:a9:af:47:ab:20:64:1b:
                    58:82:ab:e3:ec:73:a6:6d:f6:22:b6:fa:25:fd:9e:
                    93:b0:37:2e:61:8a:5c:e4:a4:9a:0a:36:f8:57:a2:
                    2a:2b:1b:50:c0:64:4f:b7:a9:67:2e:88:0a:ca:ea:
                    b5:40:b9:ef:ab:e8:21:0d:b5:69:e7:0a:71:14:4c:
                    8a:4b:3d:1a:24:8f:b3:80:8e:33:11:bb:54:70:b2:
                    4f:79:88:9d:17:20:cb:c7:ed:1c:c7:22:ed:64:24:
                    dd:56:c3:a4:62:8c:c1:ae:fe:f6:7e:4d:31:6b:b1:
                    a3:2b:c3:da:e7:27:7d:10:64:a0:09:c3:df:e8:bd:
                    d4:d1:2c:04:0b:bb:b1:8e:e8:21:59:de:32:b5:2d:
                    f5:fa:48:20:51:c0:f1:3e:68:cf:a0:70:b5:2f:c4:
                    e6:c5:10:02:25:b5:3d:96:d0:b8:70:f7:5e:88:bb:
                    9b:ee:4b:90:08:90:59:e1:40:26:13:da:d6:a2:9a:
                    87:1a:19:ff:44:9a:7c:db:34:61:e7:34:31:7e:3b:
                    9a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:A5:99:68:8D:F8:1D:D2:67:DF:8D:F2:E2:C3:D6:74:8B:EB:0D:3D
            X509v3 Authority Key Identifier:
                keyid:AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:49:b4:8d:4a:7d:83:4b:1e:1e:88:51:e6:18:f4:e5:b9:9e:
         7c:2d:35:46:fc:fd:26:a9:1b:4f:ff:f4:aa:d8:b6:1f:a4:51:
         93:c1:c7:d6:1d:67:f8:99:6d:71:a2:4a:27:e1:a1:c5:00:b2:
         32:1a:47:49:a5:99:39:ce:55:80:d7:9c:b2:67:f6:a0:1d:43:
         1c:e1:37:86:32:82:99:82:90:3e:65:46:9e:ae:18:3b:67:1f:
         fe:ae:db:06:6f:7c:e8:7b:53:91:1f:68:9d:bc:82:dd:5f:53:
         d3:3d:03:38:b0:99:e8:06:ec:65:a9:10:2b:19:04:f7:34:16:
         62:7c:71:f8:6a:ff:48:80:b5:83:db:74:29:db:00:9f:51:db:
         d1:a3:27:aa:e4:6c:9e:ed:9a:39:7f:8a:e6:fe:ac:dd:e0:28:
         dd:07:b2:cb:20:42:ec:aa:1c:8f:fd:bb:98:6d:bc:9b:5c:e3:
         fb:b8:6a:77:af:ed:4d:a9:9e:a9:87:c7:15:13:e9:b6:53:bb:
         d2:10:e0:78:1d:46:09:e9:a6:55:60:6d:e6:5a:a4:7d:52:af:
         49:8d:b0:d8:fc:f2:8c:c4:da:8d:df:5c:ba:04:ac:fc:31:2d:
         e6:72:53:ef:fe:d8:68:2f:0d:71:26:3f:3f:b8:a3:db:18:0a:
         cc:73:4a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6k+7ZKUiZJS3C3kIRD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDI1YzZiYjNkY2NmMWIxNjUxNDljMjg3M2MwNGIxYTZj
N2RhN2EwHhcNMjYwMzAxMjIwMTI1WhcNMjYwMzAyMjIwMTI1WjAzMTEwLwYDVQQD
Eyg2NGE1OTk2ODhkZjgxZGQyNjdkZjhkZjJlMmMzZDY3NDhiZWIwZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEdqGaDjW940vwR6gLoHIFsi9TFh
EmGu40UECWE/ayBitbXoikbTWJR87talWGn7VcDUg6mvR6sgZBtYgqvj7HOmbfYi
tvol/Z6TsDcuYYpc5KSaCjb4V6IqKxtQwGRPt6lnLogKyuq1QLnvq+ghDbVp5wpx
FEyKSz0aJI+zgI4zEbtUcLJPeYidFyDLx+0cxyLtZCTdVsOkYozBrv72fk0xa7Gj
K8Pa5yd9EGSgCcPf6L3U0SwEC7uxjughWd4ytS31+kggUcDxPmjPoHC1L8TmxRAC
JbU9ltC4cPdeiLub7kuQCJBZ4UAmE9rWopqHGhn/RJp82zRh5zQxfjuabQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSlmWiN+B3SZ9+N8uLD1nSL6w09MB8GA1UdIwQY
MBaAFKsCXGuz3M8bFlFJwoc8BLGmx9p6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAt
ZmU3NzQ3M2UzZGNmLzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAtZmU3NzQ3M2UzZGNm
LzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu0m0jUp9
g0seHohR5hj05bmefC01Rvz9JqkbT//0qti2H6RRk8HH1h1n+JltcaJKJ+GhxQCy
MhpHSaWZOc5VgNecsmf2oB1DHOE3hjKCmYKQPmVGnq4YO2cf/q7bBm986HtTkR9o
nbyC3V9T0z0DOLCZ6AbsZakQKxkE9zQWYnxx+Gr/SIC1g9t0KdsAn1Hb0aMnquRs
nu2aOX+K5v6s3eAo3QeyyyBC7Kocj/27mG28m1zj+7hqd6/tTameqYfHFRPptlO7
0hDgeB1GCemmVWBt5lqkfVKvSY2w2PzyjMTajd9cugSs/DEt5nJT7/7YaC8NcSY/
P7ij2xgKzHNKnw==
-----END CERTIFICATE-----