Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          nRwggUQ9cCBSlqMIWNLV7hK8fZmqA45axnmmg5JjJJQ=
Subject key identifier:   3D:B3:40:68:C9:D0:A9:4B:19:04:C0:C6:35:74:C3:9E:1B:15:D3:A8
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       019D9AE3950179077F12DE7B27023A59C4FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          09D1
Signing time:             Fri 17 Apr 2026 10:01:39 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:39 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:39 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: sw9Vgsb2Vynl5bkzf+XIpsBHYQUF1pEL9qpo17s5jJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:95:01:79:07:7f:12:de:7b:27:02:3a:59:c4:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Apr 17 10:01:39 2026 GMT
            Not After : Apr 18 10:01:39 2026 GMT
        Subject: CN=3db34068c9d0a94b1904c0c63574c39e1b15d3a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3f:b6:a3:af:9b:72:1f:6f:29:4c:44:8c:4e:
                    97:a7:2e:21:46:ef:27:9c:84:0e:6e:df:32:ff:62:
                    a8:d4:60:5b:08:b5:e2:dc:04:85:d2:79:f6:1f:4c:
                    3e:9d:8c:5b:cb:8a:e9:87:4f:ed:a0:2c:6c:f5:60:
                    78:a0:b9:23:73:6f:af:e4:35:15:68:c4:70:9d:dc:
                    1d:18:5a:d3:09:ca:3c:46:6d:67:b7:f8:02:3f:6a:
                    77:9b:39:a5:23:68:4d:de:eb:23:ca:fa:1d:3c:d4:
                    0c:aa:27:51:8c:c4:04:8b:f6:62:2c:46:7b:08:92:
                    3a:c3:1b:b2:47:07:c7:f8:46:29:f5:93:90:89:56:
                    bf:26:ca:9e:1d:7f:d0:e0:d6:05:d4:f9:db:6e:41:
                    4c:d7:01:23:c1:b1:f3:b1:d1:75:d1:ca:bf:5a:c0:
                    2f:a6:9e:6b:fc:a0:65:4d:28:78:bf:22:57:e7:82:
                    16:0e:46:0e:e4:83:15:2c:3b:51:b8:dd:51:67:93:
                    4e:db:77:65:7e:22:70:71:f1:b0:30:08:12:8b:40:
                    91:49:cf:be:e1:96:d9:e6:a5:2e:16:88:9f:e8:12:
                    76:4e:0d:3e:1f:14:ae:60:18:67:1e:db:ac:ac:a0:
                    be:6c:46:9c:49:98:35:9c:fa:21:1a:93:2c:b9:de:
                    68:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:B3:40:68:C9:D0:A9:4B:19:04:C0:C6:35:74:C3:9E:1B:15:D3:A8
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:1f:cd:21:6f:ec:1c:6c:3d:37:3a:ba:9e:79:f6:8e:db:1f:
         44:85:dc:9c:a9:c0:fe:99:ed:d5:50:ed:f0:34:b0:a6:24:c4:
         19:78:57:49:d2:89:18:fa:f9:89:d4:46:fa:a3:d8:41:7f:7c:
         fa:92:a1:0a:b8:0e:27:4d:0f:63:1d:32:2e:19:ff:b8:e1:2b:
         70:23:fe:6c:5a:2c:2c:4f:d9:e1:ae:1d:09:51:27:c8:12:90:
         7d:cb:90:f7:e1:c0:08:a7:2c:85:95:2b:87:49:99:b9:df:3f:
         73:e6:7c:fd:f0:77:af:15:79:ab:27:e8:96:6c:4b:a1:0b:95:
         b0:76:53:a5:3d:30:62:3f:b3:ba:6a:bc:42:03:e1:8c:9b:69:
         9e:bb:08:3f:5f:0a:41:08:69:65:83:b5:7a:8a:e9:66:59:59:
         eb:ef:fe:af:76:f5:b8:b5:7e:22:80:61:82:19:75:10:f8:59:
         24:57:55:8b:08:af:7c:32:70:11:7b:49:b3:c2:2e:f5:ab:ac:
         c3:a4:99:14:76:a7:88:19:8f:83:82:b9:52:1b:11:02:8d:d0:
         b6:8b:5a:bf:d4:4a:ad:3a:45:3b:70:47:b9:f1:e4:25:9d:a9:
         be:59:25:3e:a7:b4:17:1a:6f:8b:e6:77:76:46:84:53:29:39:
         35:de:19:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a45UBeQd/Et57JwI6WcT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjYwNDE3MTAwMTM5WhcNMjYwNDE4MTAwMTM5WjAzMTEwLwYDVQQD
EygzZGIzNDA2OGM5ZDBhOTRiMTkwNGMwYzYzNTc0YzM5ZTFiMTVkM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD+2o6+bch9vKUxEjE6Xpy4hRu8n
nIQObt8y/2Ko1GBbCLXi3ASF0nn2H0w+nYxby4rph0/toCxs9WB4oLkjc2+v5DUV
aMRwndwdGFrTCco8Rm1nt/gCP2p3mzmlI2hN3usjyvodPNQMqidRjMQEi/ZiLEZ7
CJI6wxuyRwfH+EYp9ZOQiVa/JsqeHX/Q4NYF1PnbbkFM1wEjwbHzsdF10cq/WsAv
pp5r/KBlTSh4vyJX54IWDkYO5IMVLDtRuN1RZ5NO23dlfiJwcfGwMAgSi0CRSc++
4ZbZ5qUuFoif6BJ2Tg0+HxSuYBhnHtusrKC+bEacSZg1nPohGpMsud5owwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2zQGjJ0KlLGQTAxjV0w54bFdOoMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIR/NIW/s
HGw9Nzq6nnn2jtsfRIXcnKnA/pnt1VDt8DSwpiTEGXhXSdKJGPr5idRG+qPYQX98
+pKhCrgOJ00PYx0yLhn/uOErcCP+bFosLE/Z4a4dCVEnyBKQfcuQ9+HACKcshZUr
h0mZud8/c+Z8/fB3rxV5qyfolmxLoQuVsHZTpT0wYj+zumq8QgPhjJtpnrsIP18K
QQhpZYO1eorpZllZ6+/+r3b1uLV+IoBhghl1EPhZJFdViwivfDJwEXtJs8Iu9aus
w6SZFHaniBmPg4K5UhsRAo3Qtotav9RKrTpFO3BHufHkJZ2pvlklPqe0Fxpvi+Z3
dkaEUyk5Nd4Zdg==
-----END CERTIFICATE-----