Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          tKzk21g5JhIDKu/6TTgz4gLx36JCS53xDKuqacC4MWM=
Subject key identifier:   EA:FB:37:1B:A1:3F:60:F3:DC:56:75:E9:04:0F:27:79:52:48:39:D9
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       019CAB6B3C838353D8BBA1AE3C52253B3016
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:00:57 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:57 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:57 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: icff2bbu4YnRBP7cZiG9cFz+Lg4MMzGaHUWy8RnHH9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:3c:83:83:53:d8:bb:a1:ae:3c:52:25:3b:30:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Mar  1 22:00:57 2026 GMT
            Not After : Mar  2 22:00:57 2026 GMT
        Subject: CN=eafb371ba13f60f3dc5675e9040f2779524839d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b3:2d:cc:07:2e:2d:a7:0b:d5:4c:af:f6:0c:
                    9e:53:e2:de:e4:3c:09:e9:e7:8a:e4:53:5c:71:b1:
                    f1:34:53:6d:9a:c9:ed:49:96:91:16:25:c4:ee:5f:
                    5c:51:50:e5:d5:3b:0f:ec:ac:dc:15:5e:4a:cf:02:
                    08:58:fb:84:89:fa:8d:c0:3b:61:12:3c:5b:89:db:
                    f2:91:05:f2:36:92:75:6f:eb:40:94:9e:9d:2e:0d:
                    50:cd:16:ec:eb:ce:89:cb:1b:08:07:79:bb:7b:be:
                    ac:7d:58:6f:e3:5d:47:8d:03:c5:3a:92:42:7a:4d:
                    45:3d:71:7c:fe:48:33:8a:1b:c0:c0:15:59:26:7f:
                    8f:2e:55:a0:b0:a7:c2:f9:bb:32:d3:2c:9a:3c:f1:
                    e4:37:04:94:f9:f8:ed:81:9f:1e:00:1f:fa:ea:2e:
                    66:f1:c4:c8:24:24:84:73:69:52:24:f1:6f:87:c0:
                    49:6c:c6:ca:b9:d7:2b:d0:71:3f:8b:9e:f0:17:64:
                    5a:44:c4:13:2a:26:d8:83:ae:97:d7:9b:4b:c4:a2:
                    e0:4d:f1:20:76:ec:ce:c1:4d:20:f8:e5:f8:3d:f0:
                    ea:3a:0e:af:0c:b2:c7:45:d4:4a:ed:92:33:60:31:
                    87:7e:46:32:66:c3:bf:8c:51:a6:14:5c:03:41:9f:
                    f7:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:FB:37:1B:A1:3F:60:F3:DC:56:75:E9:04:0F:27:79:52:48:39:D9
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:68:f0:e1:64:99:e0:e3:5b:c8:a2:02:85:21:46:56:f9:02:
         86:d6:2e:93:da:15:c2:c7:77:a7:23:b5:f0:a4:16:5e:e7:11:
         93:f0:d0:aa:d5:03:7b:56:7d:29:3d:db:10:6d:08:d9:89:22:
         92:05:f8:43:e6:8a:c3:3f:96:1f:27:ca:b4:ee:61:d1:05:42:
         9e:fa:01:e9:c8:22:b8:72:3d:41:4a:30:e0:5b:d0:40:8d:67:
         48:73:b3:fa:a4:e2:8c:14:75:05:dd:5f:f0:c7:1e:4a:ef:38:
         91:2f:89:9d:0f:06:64:b4:5a:c9:6f:8e:db:89:60:51:13:d9:
         28:80:39:28:48:81:e6:0d:17:42:35:9e:10:34:15:92:11:4e:
         8e:62:cc:95:fb:47:55:8c:f3:3e:89:a1:62:a8:ca:98:e5:08:
         23:f1:d7:c6:0c:41:0f:12:bd:ca:f6:a2:f5:22:c5:98:06:65:
         fc:50:d3:21:ef:73:0f:4c:41:49:9f:ee:d0:77:82:2e:83:b8:
         4f:0c:43:c8:44:9b:ba:1b:3b:e4:0f:cd:72:33:52:54:54:e1:
         fa:c0:03:2d:b7:e0:21:63:3b:0e:04:17:2b:db:17:ad:de:72:
         df:4c:ab:04:99:a4:67:eb:eb:fc:5c:37:1a:7c:f1:07:07:c5:
         a4:60:fa:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrazyDg1PYu6GuPFIlOzAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjYwMzAxMjIwMDU3WhcNMjYwMzAyMjIwMDU3WjAzMTEwLwYDVQQD
EyhlYWZiMzcxYmExM2Y2MGYzZGM1Njc1ZTkwNDBmMjc3OTUyNDgzOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLMtzAcuLacL1Uyv9gyeU+Le5DwJ
6eeK5FNccbHxNFNtmsntSZaRFiXE7l9cUVDl1TsP7KzcFV5KzwIIWPuEifqNwDth
EjxbidvykQXyNpJ1b+tAlJ6dLg1QzRbs686JyxsIB3m7e76sfVhv411HjQPFOpJC
ek1FPXF8/kgzihvAwBVZJn+PLlWgsKfC+bsy0yyaPPHkNwSU+fjtgZ8eAB/66i5m
8cTIJCSEc2lSJPFvh8BJbMbKudcr0HE/i57wF2RaRMQTKibYg66X15tLxKLgTfEg
duzOwU0g+OX4PfDqOg6vDLLHRdRK7ZIzYDGHfkYyZsO/jFGmFFwDQZ/3QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOr7NxuhP2Dz3FZ16QQPJ3lSSDnZMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMGjw4WSZ
4ONbyKIChSFGVvkChtYuk9oVwsd3pyO18KQWXucRk/DQqtUDe1Z9KT3bEG0I2Yki
kgX4Q+aKwz+WHyfKtO5h0QVCnvoB6cgiuHI9QUow4FvQQI1nSHOz+qTijBR1Bd1f
8MceSu84kS+JnQ8GZLRayW+O24lgURPZKIA5KEiB5g0XQjWeEDQVkhFOjmLMlftH
VYzzPomhYqjKmOUII/HXxgxBDxK9yvai9SLFmAZl/FDTIe9zD0xBSZ/u0HeCLoO4
TwxDyESbuhs75A/NcjNSVFTh+sADLbfgIWM7DgQXK9sXrd5y30yrBJmkZ+vr/Fw3
GnzxBwfFpGD6LA==
-----END CERTIFICATE-----