Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          l+KqdVX7dy3symuQYGpgADJIS9w+Lv6iq0eSWVavoAk=
Subject key identifier:   0E:21:70:84:B1:EC:2F:4C:B4:41:C7:89:3C:1E:FF:4C:92:E6:81:E0
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019A729408E9F3BCDA6E7DADDD29642F587C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          067C
Signing time:             Tue 11 Nov 2025 11:01:35 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:35 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:35 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: BxD4pH/04CdeGdB/K3nu/QgshOswDMcXH+9pRmwxank=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:94:08:e9:f3:bc:da:6e:7d:ad:dd:29:64:2f:58:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Nov 11 11:01:35 2025 GMT
            Not After : Nov 12 11:01:35 2025 GMT
        Subject: CN=0e217084b1ec2f4cb441c7893c1eff4c92e681e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f6:e2:f6:19:4b:45:a3:4c:d3:f6:7a:18:43:
                    5e:d0:c8:4e:cc:a3:d0:be:b3:88:70:64:ae:9b:a9:
                    bf:bf:6b:0f:80:f2:30:f3:cf:2b:70:b3:c4:a5:f1:
                    8f:8e:0f:ce:b7:73:4a:8d:8a:8c:cd:1d:b5:94:e5:
                    2c:b4:7c:6f:cc:c4:68:a8:73:36:7e:98:c8:c9:4a:
                    51:e1:b8:f6:1f:17:c4:e8:3a:aa:c5:0a:fe:3a:f4:
                    40:68:ab:c6:bc:75:bb:0f:f5:c9:1c:6e:e0:d4:b5:
                    d2:3d:e8:6d:1c:63:2b:ee:fa:81:b9:23:2c:2d:e6:
                    fb:09:fa:ea:a2:c9:f2:97:48:98:64:62:97:0a:dd:
                    96:ce:ff:27:cf:16:7d:f4:1d:59:62:21:b3:07:f6:
                    f3:92:c4:c2:d7:37:a6:7d:b1:0c:b4:8d:fc:36:46:
                    30:34:ec:22:aa:9b:98:75:53:ac:18:05:85:23:d7:
                    03:66:71:88:5e:64:db:fd:e3:7a:55:87:d6:85:8a:
                    68:96:d1:ad:04:f0:e2:a8:9a:83:87:c4:4f:75:88:
                    19:23:29:65:8e:67:26:b2:1c:2b:35:5b:b2:f4:5b:
                    22:8b:b7:f7:cd:62:56:d8:0c:4a:ca:3e:cd:60:c5:
                    78:04:9c:6e:ac:c6:f6:73:88:11:2f:5a:fa:b8:b3:
                    c6:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:21:70:84:B1:EC:2F:4C:B4:41:C7:89:3C:1E:FF:4C:92:E6:81:E0
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:9a:8b:79:d2:7d:a3:87:6c:19:bf:24:ff:8b:6e:b5:7a:02:
         09:01:45:e3:13:f3:1c:2a:42:7c:55:86:e9:2b:13:54:cf:21:
         ee:98:b7:38:79:2f:e2:1e:98:0b:c8:6c:7e:21:79:e2:40:af:
         6d:ac:48:34:25:0f:d4:98:6d:d7:32:a4:65:c3:8a:a9:4f:44:
         b6:14:fb:1e:d0:81:a6:29:68:90:10:f3:b2:00:75:3b:a0:c6:
         be:3e:98:af:cf:04:b0:fc:4b:7d:1c:6a:70:fb:c2:a0:ad:a4:
         77:01:fc:ac:1f:d6:b9:7d:bb:6b:04:a4:71:e3:46:e5:20:ce:
         ee:63:4f:55:e5:46:28:d8:4a:f7:e1:ce:63:6d:c9:ce:6b:01:
         e0:44:d0:10:a7:81:09:39:16:82:1d:14:52:6d:72:27:ef:fb:
         44:29:5a:2d:f7:71:d9:2c:81:b1:99:32:42:65:d1:fb:bd:0f:
         4c:c3:38:f0:0e:00:ff:9a:61:7a:db:2f:43:76:fe:29:e6:c8:
         4d:ce:27:58:a4:fc:21:25:f1:2a:6f:fd:ba:0f:2f:f1:9d:72:
         16:36:8e:8f:6b:13:59:60:a2:75:84:8f:be:df:b9:04:92:be:
         2d:a0:a6:09:80:0b:cf:39:12:77:3f:2d:36:3a:1e:f7:54:7b:
         b0:9b:fb:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylAjp87zabn2t3SlkL1h8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjUxMTExMTEwMTM1WhcNMjUxMTEyMTEwMTM1WjAzMTEwLwYDVQQD
EygwZTIxNzA4NGIxZWMyZjRjYjQ0MWM3ODkzYzFlZmY0YzkyZTY4MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vbi9hlLRaNM0/Z6GENe0MhOzKPQ
vrOIcGSum6m/v2sPgPIw888rcLPEpfGPjg/Ot3NKjYqMzR21lOUstHxvzMRoqHM2
fpjIyUpR4bj2HxfE6DqqxQr+OvRAaKvGvHW7D/XJHG7g1LXSPehtHGMr7vqBuSMs
Leb7Cfrqosnyl0iYZGKXCt2Wzv8nzxZ99B1ZYiGzB/bzksTC1zemfbEMtI38NkYw
NOwiqpuYdVOsGAWFI9cDZnGIXmTb/eN6VYfWhYpoltGtBPDiqJqDh8RPdYgZIyll
jmcmshwrNVuy9Fsii7f3zWJW2AxKyj7NYMV4BJxurMb2c4gRL1r6uLPG2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4hcISx7C9MtEHHiTwe/0yS5oHgMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS5qLedJ9
o4dsGb8k/4tutXoCCQFF4xPzHCpCfFWG6SsTVM8h7pi3OHkv4h6YC8hsfiF54kCv
baxINCUP1Jht1zKkZcOKqU9EthT7HtCBpilokBDzsgB1O6DGvj6Yr88EsPxLfRxq
cPvCoK2kdwH8rB/WuX27awSkceNG5SDO7mNPVeVGKNhK9+HOY23JzmsB4ETQEKeB
CTkWgh0UUm1yJ+/7RClaLfdx2SyBsZkyQmXR+70PTMM48A4A/5phetsvQ3b+KebI
Tc4nWKT8ISXxKm/9ug8v8Z1yFjaOj2sTWWCidYSPvt+5BJK+LaCmCYALzzkSdz8t
Njoe91R7sJv7IQ==
-----END CERTIFICATE-----