Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          bmuBcS4XGVFXSEwHcKXCpZvb96QD8S3XrHitBK6LbQ8=
Subject key identifier:   69:DD:E4:AB:B9:69:50:73:BF:C2:82:AA:52:45:7B:4C:24:B3:39:AB
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019A71B82C7960302155FC46BEC7286515C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0EC0
Signing time:             Tue 11 Nov 2025 07:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:26 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: DIeBI+QjkFWA+yMTicypkhOMJm4/XydzNf9Ax1BQUs4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2c:79:60:30:21:55:fc:46:be:c7:28:65:15:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Nov 11 07:01:26 2025 GMT
            Not After : Nov 12 07:01:26 2025 GMT
        Subject: CN=69dde4abb9695073bfc282aa52457b4c24b339ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:11:e1:89:83:19:35:55:8e:fd:19:6f:30:05:
                    a6:29:4c:f0:9f:61:39:0f:f0:26:cb:a8:08:aa:7f:
                    52:84:8b:87:f7:55:f9:8a:f5:43:68:74:ca:1f:4a:
                    5d:29:34:9d:61:dd:19:7e:97:18:32:2d:a2:1b:56:
                    2d:cd:0f:0a:49:71:39:35:0a:f3:4d:21:61:43:46:
                    ac:a3:7b:9f:e9:8d:47:0d:e3:ee:7f:65:66:88:17:
                    a9:ad:3b:bc:f6:c7:d4:b3:54:44:d4:e0:8f:ef:77:
                    e6:98:37:8b:c6:53:06:b2:b6:c3:b8:f2:a0:68:1f:
                    08:27:13:fe:78:7d:74:d4:c6:43:d0:17:3e:4c:6c:
                    5e:a1:af:1f:80:22:c9:f3:a9:64:a4:65:e7:76:45:
                    6a:96:58:a5:bc:3e:bd:59:35:de:c7:50:39:d4:f6:
                    5b:01:3d:2f:54:09:e6:43:b8:2a:46:7e:aa:08:d5:
                    09:55:9d:22:ad:8a:99:25:c1:9d:5b:a4:8a:b7:ea:
                    be:73:86:46:82:23:37:6d:00:2d:a2:02:6c:f2:f4:
                    ff:1b:6f:94:bd:f0:ef:64:94:ef:e2:e4:20:32:3b:
                    42:28:9e:37:5d:6c:34:0e:7b:c4:d2:8c:01:53:87:
                    57:9e:f7:9b:4f:19:50:88:f5:5d:af:45:6a:c8:01:
                    c0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:DD:E4:AB:B9:69:50:73:BF:C2:82:AA:52:45:7B:4C:24:B3:39:AB
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:7e:d3:11:e9:55:4b:ca:c4:5d:da:0a:09:d0:d7:c1:1a:d2:
         23:51:55:81:8a:eb:0f:10:5f:88:73:77:ef:d2:62:59:e6:48:
         9e:73:d5:2d:41:a0:67:0d:e2:8b:d3:27:72:07:5d:b4:0a:ab:
         e5:cc:63:ee:7a:89:f5:fc:e4:33:71:d3:ee:3b:94:32:98:cf:
         b7:f3:48:d6:ff:0f:ca:96:21:29:ba:4d:ff:37:dd:56:99:7a:
         3b:c3:c2:cd:ae:c9:86:42:d7:12:4b:14:ba:89:b9:98:1f:46:
         60:61:42:18:c3:a9:27:3a:f8:d9:dd:c9:d8:c6:49:23:2a:9b:
         30:11:c9:2d:49:fc:f8:fd:d9:e2:df:bb:fd:ec:5a:06:7b:df:
         e3:2b:8d:bb:f8:0e:24:05:5a:83:11:89:bb:51:12:bb:d3:e7:
         7b:3a:fe:8b:f4:3e:69:bd:99:62:e7:f6:3b:54:c2:6b:01:fe:
         5d:cc:2f:38:df:81:81:45:1b:39:56:6d:7a:0d:62:c0:03:6e:
         07:5e:6a:43:21:b3:9c:f6:2b:b5:51:24:ad:08:e2:86:e1:ec:
         3d:6a:0b:fc:1e:f2:10:70:c9:a0:cc:3d:65:47:66:4c:33:56:
         19:08:d9:30:d4:62:fe:4c:93:a4:fe:c7:a6:44:c4:27:07:3e:
         a4:e5:19:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCx5YDAhVfxGvscoZRXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
Eyg2OWRkZTRhYmI5Njk1MDczYmZjMjgyYWE1MjQ1N2I0YzI0YjMzOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRHhiYMZNVWO/RlvMAWmKUzwn2E5
D/Amy6gIqn9ShIuH91X5ivVDaHTKH0pdKTSdYd0ZfpcYMi2iG1YtzQ8KSXE5NQrz
TSFhQ0aso3uf6Y1HDePuf2VmiBeprTu89sfUs1RE1OCP73fmmDeLxlMGsrbDuPKg
aB8IJxP+eH101MZD0Bc+TGxeoa8fgCLJ86lkpGXndkVqllilvD69WTXex1A51PZb
AT0vVAnmQ7gqRn6qCNUJVZ0irYqZJcGdW6SKt+q+c4ZGgiM3bQAtogJs8vT/G2+U
vfDvZJTv4uQgMjtCKJ43XWw0DnvE0owBU4dXnvebTxlQiPVdr0VqyAHA4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnd5Ku5aVBzv8KCqlJFe0wkszmrMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUX7TEelV
S8rEXdoKCdDXwRrSI1FVgYrrDxBfiHN379JiWeZInnPVLUGgZw3ii9MncgddtAqr
5cxj7nqJ9fzkM3HT7juUMpjPt/NI1v8PypYhKbpN/zfdVpl6O8PCza7JhkLXEksU
uom5mB9GYGFCGMOpJzr42d3J2MZJIyqbMBHJLUn8+P3Z4t+7/exaBnvf4yuNu/gO
JAVagxGJu1ESu9Pnezr+i/Q+ab2ZYuf2O1TCawH+XcwvON+BgUUbOVZteg1iwANu
B15qQyGznPYrtVEkrQjihuHsPWoL/B7yEHDJoMw9ZUdmTDNWGQjZMNRi/kyTpP7H
pkTEJwc+pOUZlA==
-----END CERTIFICATE-----