Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          c14wcw6h8iDMB3lrVAYOHC1t0eZJuxpmHGCkocg4+Hk=
Subject key identifier:   F9:DF:5A:4C:54:18:46:D6:78:3F:C1:46:61:BD:08:76:8F:E6:D5:93
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       019D98F4B2716DE98715324D12D3C3BA3C36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:06 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: oV4lZYGjxt9O9W4LDtPuNYz/23VoaO8EkRZAc4Albhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:b2:71:6d:e9:87:15:32:4d:12:d3:c3:ba:3c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Apr 17 01:01:06 2026 GMT
            Not After : Apr 18 01:01:06 2026 GMT
        Subject: CN=f9df5a4c541846d6783fc14661bd08768fe6d593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:35:2b:f7:5c:cf:81:e3:1c:17:6e:e0:9a:22:
                    03:2a:76:ac:13:f8:1f:4b:f3:dd:6f:b5:9f:1d:0c:
                    1c:28:96:38:c1:03:03:b0:3e:9b:27:ad:d0:ff:5c:
                    f3:de:87:6b:32:fd:d9:4e:d7:a0:04:69:53:88:fb:
                    33:a3:f5:b4:79:ca:9a:38:92:dd:4a:a5:f1:29:a9:
                    b6:5e:05:af:09:f2:3b:27:e2:73:2b:49:96:3d:ec:
                    a3:36:e7:bb:cb:22:80:79:79:5c:50:8c:0a:47:8e:
                    51:40:ff:99:64:84:3d:97:c1:2b:0a:8a:37:49:2d:
                    78:69:1b:b4:83:ec:fb:1a:a5:5b:d5:3e:76:93:a1:
                    93:d7:08:99:54:21:73:8f:6c:b1:8c:83:83:45:e6:
                    ca:28:76:1a:49:3f:1c:76:9d:37:bc:41:5c:21:ee:
                    3a:de:55:3e:e5:e4:cd:8b:2e:84:88:42:a1:3a:33:
                    42:32:1e:c5:66:02:d1:ca:52:25:7f:7e:f1:4c:af:
                    91:77:95:0d:e0:e2:42:20:b5:26:44:41:e6:31:ff:
                    d0:39:e6:fe:de:c7:25:2d:ce:ad:72:f5:0b:d9:4d:
                    f6:50:63:7e:9c:5e:88:d6:bf:53:6d:04:f7:78:53:
                    74:fd:ed:5c:17:52:8d:d1:ea:0b:59:7f:99:b6:0d:
                    a9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DF:5A:4C:54:18:46:D6:78:3F:C1:46:61:BD:08:76:8F:E6:D5:93
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:96:a9:e8:c0:11:b9:c1:f9:20:cd:ea:4c:d9:78:94:88:82:
         91:f7:f4:d4:c4:51:f6:f2:f1:11:ec:56:19:11:02:85:40:ee:
         e1:c9:9e:78:c2:5d:fc:15:7c:ea:08:ce:81:a4:4c:9b:7f:9b:
         78:7f:d1:2f:49:ca:12:9c:dd:02:0a:73:ac:a1:86:a8:2c:9b:
         ad:82:5c:13:71:f8:0e:8b:83:44:cc:0c:36:78:18:35:95:fd:
         90:21:9a:53:13:32:bc:23:43:a2:25:0e:06:5b:b7:72:18:b3:
         08:14:03:f2:28:9e:27:99:06:10:0c:f4:43:bd:f0:02:65:a9:
         dd:ac:37:5f:eb:6a:b5:07:fc:68:40:cf:c9:0a:16:2d:e7:83:
         fd:56:44:db:6d:75:af:7f:e4:9d:79:30:9c:e9:45:7b:53:75:
         e3:15:41:89:76:54:3b:f3:20:12:c1:c6:86:b7:67:b9:54:71:
         85:72:f7:9a:f2:4a:5a:7b:e5:aa:11:5b:d8:b1:29:90:fd:55:
         a0:13:24:86:7d:39:f2:cd:1d:d2:df:63:01:4e:a7:04:2f:9f:
         5d:4a:3d:e7:13:7c:ca:7b:33:4f:0b:17:62:81:c1:3c:58:fc:
         f0:83:40:dd:58:83:9f:2c:d5:a7:71:f5:4b:a5:b0:f5:a6:78:
         f6:0c:fd:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LJxbemHFTJNEtPDujw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjYwNDE3MDEwMTA2WhcNMjYwNDE4MDEwMTA2WjAzMTEwLwYDVQQD
EyhmOWRmNWE0YzU0MTg0NmQ2NzgzZmMxNDY2MWJkMDg3NjhmZTZkNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjUr91zPgeMcF27gmiIDKnasE/gf
S/Pdb7WfHQwcKJY4wQMDsD6bJ63Q/1zz3odrMv3ZTtegBGlTiPszo/W0ecqaOJLd
SqXxKam2XgWvCfI7J+JzK0mWPeyjNue7yyKAeXlcUIwKR45RQP+ZZIQ9l8ErCoo3
SS14aRu0g+z7GqVb1T52k6GT1wiZVCFzj2yxjIODRebKKHYaST8cdp03vEFcIe46
3lU+5eTNiy6EiEKhOjNCMh7FZgLRylIlf37xTK+Rd5UN4OJCILUmREHmMf/QOeb+
3sclLc6tcvUL2U32UGN+nF6I1r9TbQT3eFN0/e1cF1KN0eoLWX+Ztg2pPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnfWkxUGEbWeD/BRmG9CHaP5tWTMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpap6MAR
ucH5IM3qTNl4lIiCkff01MRR9vLxEexWGREChUDu4cmeeMJd/BV86gjOgaRMm3+b
eH/RL0nKEpzdAgpzrKGGqCybrYJcE3H4DouDRMwMNngYNZX9kCGaUxMyvCNDoiUO
Blu3chizCBQD8iieJ5kGEAz0Q73wAmWp3aw3X+tqtQf8aEDPyQoWLeeD/VZE2211
r3/knXkwnOlFe1N14xVBiXZUO/MgEsHGhrdnuVRxhXL3mvJKWnvlqhFb2LEpkP1V
oBMkhn058s0d0t9jAU6nBC+fXUo95xN8ynszTwsXYoHBPFj88INA3ViDnyzVp3H1
S6Ww9aZ49gz9mg==
-----END CERTIFICATE-----