Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          mwuS2S15zHCXyrUSMYreQt2J5hYMGLumG+bCkxvfmWA=
Subject key identifier:   FF:01:14:28:1D:92:DD:78:E1:74:8C:2C:0C:18:A0:3C:2E:92:1C:AA
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       019CAB6BC58D41633420E1191507293F21E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          0955
Signing time:             Sun 01 Mar 2026 22:01:32 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:32 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:32 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: OcyCXbJ1rCjDJyq1qN37sLHkB1PILzN569C0GFlDvuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:c5:8d:41:63:34:20:e1:19:15:07:29:3f:21:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Mar  1 22:01:32 2026 GMT
            Not After : Mar  2 22:01:32 2026 GMT
        Subject: CN=ff0114281d92dd78e1748c2c0c18a03c2e921caa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:22:c9:5f:dc:10:65:0a:67:9a:f8:79:ec:a8:
                    8a:a0:e7:df:06:89:dd:4e:97:05:4f:97:ff:35:ec:
                    f4:06:e1:d1:8f:5e:d1:22:92:a8:47:69:53:8f:87:
                    eb:f5:48:dc:fb:59:21:fe:77:78:19:89:e3:62:b5:
                    ef:28:25:5e:51:25:64:68:f6:84:3a:7c:71:74:99:
                    c8:82:d4:b2:e5:b8:4f:32:4e:00:b5:63:f7:46:f5:
                    42:a0:6a:9e:bb:72:51:fd:75:1e:f6:34:4c:91:b9:
                    8a:b7:26:e4:c9:f5:17:08:fa:5f:6f:46:09:da:db:
                    66:ec:aa:6f:20:48:cf:15:93:06:90:26:d5:9c:20:
                    82:41:91:4a:90:5d:96:23:ef:d3:40:3c:2b:42:78:
                    0a:d5:ea:e0:81:d7:e9:71:60:02:f5:50:11:e8:af:
                    3a:c5:bc:cf:54:3e:6b:e6:a8:ef:23:41:53:9d:61:
                    ee:a2:c9:7d:ac:ae:c5:b9:6c:38:69:b0:b7:5e:83:
                    c7:06:ba:07:a5:3b:d4:d6:5b:d9:d6:d7:4c:cb:9a:
                    f7:a2:16:c4:0d:14:dd:30:de:ec:11:c4:be:a0:03:
                    73:fd:94:9f:0e:b3:67:37:42:57:98:bf:fe:c3:a6:
                    8c:86:8b:39:fa:22:13:f8:52:41:9c:a6:25:d0:3f:
                    f8:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:01:14:28:1D:92:DD:78:E1:74:8C:2C:0C:18:A0:3C:2E:92:1C:AA
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:9d:d7:8b:68:3f:62:34:64:ae:45:6c:f8:92:be:65:5a:a6:
         2d:ff:57:69:64:12:72:5e:d5:21:e7:f4:3a:80:e6:c2:f0:34:
         b9:4e:d4:b3:c2:76:d2:8d:46:23:47:85:1d:7a:6d:ce:d8:ec:
         52:55:a8:34:f4:e8:b7:8b:8e:02:8f:e6:04:ce:24:5f:b6:d3:
         7f:2b:4f:6b:0e:c9:f4:6c:ee:2c:79:f9:66:8d:6d:6a:bd:11:
         90:e5:40:bd:ba:85:a9:7d:bb:ec:90:b2:f1:81:a4:41:34:4a:
         37:bf:60:e0:3d:04:c8:dc:8a:cc:65:0a:84:48:48:bb:cc:d3:
         55:5b:51:c1:fd:12:83:8a:9c:1b:51:74:eb:4e:e7:08:46:c6:
         19:ac:69:a7:90:d6:7e:7f:fa:0f:51:a9:3d:10:1a:a7:3e:61:
         9b:d5:f9:b0:26:f3:2f:e9:b2:ed:00:63:14:54:49:29:eb:36:
         3f:b8:ab:9f:4f:eb:0f:88:1c:61:ac:6b:6f:e4:0e:75:c9:cb:
         fb:62:b4:90:68:5b:cb:9a:c8:c9:2c:3a:40:92:cb:e1:b2:0b:
         d1:34:93:51:d8:57:f5:16:09:d9:6b:23:97:34:27:7d:b0:10:
         ae:b2:39:69:2a:e2:72:a3:1d:f6:75:b1:5d:2c:ee:00:6c:08:
         ec:71:ed:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8WNQWM0IOEZFQcpPyHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjYwMzAxMjIwMTMyWhcNMjYwMzAyMjIwMTMyWjAzMTEwLwYDVQQD
EyhmZjAxMTQyODFkOTJkZDc4ZTE3NDhjMmMwYzE4YTAzYzJlOTIxY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiLJX9wQZQpnmvh57KiKoOffBond
TpcFT5f/Nez0BuHRj17RIpKoR2lTj4fr9Ujc+1kh/nd4GYnjYrXvKCVeUSVkaPaE
OnxxdJnIgtSy5bhPMk4AtWP3RvVCoGqeu3JR/XUe9jRMkbmKtybkyfUXCPpfb0YJ
2ttm7KpvIEjPFZMGkCbVnCCCQZFKkF2WI+/TQDwrQngK1erggdfpcWAC9VAR6K86
xbzPVD5r5qjvI0FTnWHuosl9rK7FuWw4abC3XoPHBroHpTvU1lvZ1tdMy5r3ohbE
DRTdMN7sEcS+oANz/ZSfDrNnN0JXmL/+w6aMhos5+iIT+FJBnKYl0D/4PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8BFCgdkt144XSMLAwYoDwukhyqMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJ3Xi2g/
YjRkrkVs+JK+ZVqmLf9XaWQScl7VIef0OoDmwvA0uU7Us8J20o1GI0eFHXptztjs
UlWoNPTot4uOAo/mBM4kX7bTfytPaw7J9GzuLHn5Zo1tar0RkOVAvbqFqX277JCy
8YGkQTRKN79g4D0EyNyKzGUKhEhIu8zTVVtRwf0Sg4qcG1F0607nCEbGGaxpp5DW
fn/6D1GpPRAapz5hm9X5sCbzL+my7QBjFFRJKes2P7irn0/rD4gcYaxrb+QOdcnL
+2K0kGhby5rIySw6QJLL4bIL0TSTUdhX9RYJ2WsjlzQnfbAQrrI5aSricqMd9nWx
XSzuAGwI7HHt4g==
-----END CERTIFICATE-----