Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          U+78cJA11c/pohwA18bGnX4CD7DYuC/8Yu9Zn4vSgD0=
Subject key identifier:   99:D6:45:61:2C:00:FB:8B:66:2E:95:93:5F:13:A7:CD:B4:FA:E8:EB
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       019A711320E38CD0DFBBCE95C516143DF5D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          092E
Signing time:             Tue 11 Nov 2025 04:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:10 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: l8b6n+CRcR/+SsyUhgnPWmzbp/ywYXeuW4Jx0oKdvYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:20:e3:8c:d0:df:bb:ce:95:c5:16:14:3d:f5:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Nov 11 04:01:10 2025 GMT
            Not After : Nov 12 04:01:10 2025 GMT
        Subject: CN=99d645612c00fb8b662e95935f13a7cdb4fae8eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:12:b5:78:a3:b5:91:fd:84:f9:21:3c:99:dc:
                    ed:78:b1:48:1d:c4:a6:af:b9:4b:fb:ed:30:56:80:
                    30:3b:d4:58:92:45:7d:5e:1e:b6:d0:80:43:41:d4:
                    fd:6a:96:4b:86:bd:4a:9a:f2:c6:87:1e:34:b0:6e:
                    e9:3d:b5:16:a0:e2:8f:25:bc:c5:16:d1:a4:d1:a1:
                    d2:0c:28:ac:45:74:65:7b:dd:c1:bd:a0:af:18:15:
                    aa:fb:ff:0c:88:59:6b:c0:6a:32:ea:70:e4:45:02:
                    7a:77:e9:72:1f:88:c1:76:08:b2:0a:06:f2:a6:74:
                    51:c8:6a:c6:ec:ae:e9:91:a3:1b:18:9f:39:ff:fe:
                    f4:27:1d:00:8b:94:f9:0d:5d:82:9b:85:53:12:e7:
                    d6:40:6b:49:ea:51:aa:f9:e8:50:14:2b:f4:04:bc:
                    42:f9:0d:2e:61:5e:b0:20:d6:6e:bd:23:81:82:ec:
                    bc:98:d0:48:ef:c2:37:08:95:d0:ad:2f:d6:c3:8b:
                    86:2c:2e:cf:f4:02:6e:e9:b7:37:cf:0c:0b:11:59:
                    b3:4d:37:58:a1:df:c3:e4:10:6d:c5:97:fe:75:b7:
                    92:46:5f:19:47:8e:3e:5c:1a:0b:5f:ae:04:4e:3a:
                    c9:ed:75:08:14:cf:64:1a:a3:47:ee:3e:b9:36:62:
                    10:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D6:45:61:2C:00:FB:8B:66:2E:95:93:5F:13:A7:CD:B4:FA:E8:EB
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:8e:06:1a:2b:4e:82:87:19:c5:47:cb:44:3c:0b:8f:d6:b3:
         aa:13:0a:8e:d7:76:f2:3f:6f:90:e5:15:39:f9:05:d4:21:9b:
         9a:05:df:b0:06:7a:44:5d:8c:84:63:5a:81:82:8a:b9:e8:c8:
         e5:b0:40:b4:f2:9a:cb:a5:fe:ce:ce:91:94:af:59:90:31:d0:
         34:f6:f1:68:c1:67:f3:fe:6c:bf:af:86:2f:83:a4:6c:06:34:
         6a:c4:c6:a0:57:9b:19:2a:88:be:a5:58:71:3e:62:36:7f:f7:
         8d:ac:8f:38:18:fc:9d:45:3f:a5:4d:5b:e3:a7:66:02:80:a1:
         4a:38:74:4b:1c:e7:23:fa:d7:2c:5a:26:4c:aa:8e:e3:f5:18:
         db:3b:0d:8b:c8:37:1a:c8:16:2d:b2:85:30:8b:32:68:fb:e5:
         65:46:8d:77:1b:bd:a8:dc:c8:7a:c4:dd:76:02:19:d6:e7:f3:
         28:ad:64:33:49:cf:ef:fc:7e:26:27:f8:03:6f:c5:b4:0a:c2:
         71:13:1c:9f:a5:97:bb:74:b9:95:55:6d:33:16:86:47:66:25:
         41:f0:69:3f:cf:5c:35:53:8a:a7:c5:c4:ef:c8:11:05:20:2a:
         b0:0d:94:e7:c8:54:f7:99:4c:c1:8f:c1:bd:2b:68:09:3e:ef:
         30:d0:77:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyDjjNDfu86VxRYUPfXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjUxMTExMDQwMTEwWhcNMjUxMTEyMDQwMTEwWjAzMTEwLwYDVQQD
Eyg5OWQ2NDU2MTJjMDBmYjhiNjYyZTk1OTM1ZjEzYTdjZGI0ZmFlOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxK1eKO1kf2E+SE8mdzteLFIHcSm
r7lL++0wVoAwO9RYkkV9Xh620IBDQdT9apZLhr1KmvLGhx40sG7pPbUWoOKPJbzF
FtGk0aHSDCisRXRle93BvaCvGBWq+/8MiFlrwGoy6nDkRQJ6d+lyH4jBdgiyCgby
pnRRyGrG7K7pkaMbGJ85//70Jx0Ai5T5DV2Cm4VTEufWQGtJ6lGq+ehQFCv0BLxC
+Q0uYV6wINZuvSOBguy8mNBI78I3CJXQrS/Ww4uGLC7P9AJu6bc3zwwLEVmzTTdY
od/D5BBtxZf+dbeSRl8ZR44+XBoLX64ETjrJ7XUIFM9kGqNH7j65NmIQwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnWRWEsAPuLZi6Vk18Tp820+ujrMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACI4GGitO
gocZxUfLRDwLj9azqhMKjtd28j9vkOUVOfkF1CGbmgXfsAZ6RF2MhGNagYKKuejI
5bBAtPKay6X+zs6RlK9ZkDHQNPbxaMFn8/5sv6+GL4OkbAY0asTGoFebGSqIvqVY
cT5iNn/3jayPOBj8nUU/pU1b46dmAoChSjh0SxznI/rXLFomTKqO4/UY2zsNi8g3
GsgWLbKFMIsyaPvlZUaNdxu9qNzIesTddgIZ1ufzKK1kM0nP7/x+Jif4A2/FtArC
cRMcn6WXu3S5lVVtMxaGR2YlQfBpP89cNVOKp8XE78gRBSAqsA2U58hU95lMwY/B
vStoCT7vMNB3SQ==
-----END CERTIFICATE-----