Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
File:                     qrHbDgCCCHbfogvsm3Gap5Wswd4.mft (raw, json)
Hash identifier:          TMxASJfoIlviqvVSMxp3H4TTPEAOofpPdFyPOD06k3Q=
Subject key identifier:   FD:28:45:86:59:57:CB:C6:5D:C8:69:EA:23:08:0E:96:22:7B:24:C5
Authority key identifier: AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
Certificate issuer:       /CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Certificate serial:       019A733834FAFB83B56FB8010EC4E8A9D956
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
Manifest number:          1722
Signing time:             Tue 11 Nov 2025 14:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 14:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 14:00:54 +0000
Files and hashes:         1: qrHbDgCCCHbfogvsm3Gap5Wswd4.crl (hash: f8o/ODOBwQwf96QxZT2dt1YvS/330Q5gMCmjgzAdFZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:38:34:fa:fb:83:b5:6f:b8:01:0e:c4:e8:a9:d9:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aab1db0e00820876dfa20bec9b719aa795acc1de
        Validity
            Not Before: Nov 11 14:00:54 2025 GMT
            Not After : Nov 12 14:00:54 2025 GMT
        Subject: CN=fd2845865957cbc65dc869ea23080e96227b24c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e7:c9:66:ed:ec:ed:62:fa:bf:f8:29:f8:ee:
                    f5:f6:3a:ed:5d:e3:a9:33:40:a7:26:fa:91:d8:3d:
                    b7:ba:bc:d9:2d:0e:f8:c3:b9:8c:7b:58:f5:bb:cf:
                    5b:81:7e:d6:a9:c3:62:88:11:60:d7:e7:d4:7e:74:
                    a8:a9:7d:fa:ea:4b:ed:0b:8c:25:05:a8:e1:7e:ed:
                    73:0b:39:0a:68:02:03:82:54:d4:4a:8f:65:44:57:
                    07:d0:b9:ad:ab:5e:b8:fe:0c:24:0c:fe:5d:25:5e:
                    7f:4a:ed:bb:e0:30:01:36:c6:77:11:07:9c:1b:3c:
                    15:08:ee:56:1a:85:d2:8f:45:ac:00:f3:10:89:9c:
                    75:45:ea:d5:7a:2c:95:66:dc:2a:4a:de:ba:26:51:
                    dd:82:f5:88:77:9f:c5:2b:9a:2a:e3:1b:52:aa:8e:
                    50:21:44:e7:16:49:97:04:f4:c8:1f:fc:db:60:f4:
                    28:06:24:5d:55:c6:76:34:81:db:7f:ac:fe:26:db:
                    0f:47:6f:db:46:eb:9b:c9:5c:06:19:c8:10:7c:60:
                    02:d5:d5:b1:e9:48:48:ba:9f:68:06:48:93:83:ed:
                    cc:ed:70:0e:16:fe:cc:27:3a:ac:e6:57:9a:0e:b8:
                    83:cb:24:60:d6:39:52:9a:62:c1:70:3f:d4:6f:53:
                    1f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:28:45:86:59:57:CB:C6:5D:C8:69:EA:23:08:0E:96:22:7B:24:C5
            X509v3 Authority Key Identifier:
                keyid:AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:c7:f7:7e:92:47:09:cd:fb:aa:b7:b3:a8:1e:f7:7f:77:b0:
         09:6b:4f:de:c4:fa:e8:24:2a:9d:90:76:f4:6c:87:aa:c0:d7:
         a2:70:10:ac:04:1f:27:a2:5b:c4:bc:79:e7:31:92:89:c2:07:
         a3:ec:37:94:a7:14:43:85:94:fd:65:fa:f5:ae:87:e6:9f:33:
         01:e1:1a:23:fb:bd:69:38:a2:b3:71:92:f4:cb:42:1b:e6:ec:
         1b:52:25:5e:0a:26:5f:43:73:3a:df:fd:e2:01:b3:f1:c6:ad:
         8f:f0:7f:bc:da:77:62:91:bd:26:a0:82:f5:f0:4a:d5:d2:f5:
         b1:95:1b:92:c9:43:c6:5d:b8:4a:8e:a4:ee:21:24:99:c7:0f:
         75:43:ec:f0:4f:e3:43:51:7f:1c:96:c6:16:94:9c:6f:07:db:
         6d:b5:99:17:79:35:57:bd:17:75:28:b2:4f:a1:ce:79:bb:27:
         cc:a7:5a:4d:c7:16:88:56:ad:92:77:91:e6:af:34:74:50:54:
         e1:c9:fa:d4:5e:49:fa:aa:10:09:7a:98:f0:de:f4:0b:1f:51:
         33:2a:20:9f:cc:48:83:75:d2:22:86:77:a6:f1:e2:af:5a:f1:
         88:08:29:24:a9:cc:ba:92:f5:07:02:e1:5f:d3:e1:97:42:65:
         43:4a:7c:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzODT6+4O1b7gBDsToqdlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYjFkYjBlMDA4MjA4NzZkZmEyMGJlYzliNzE5YWE3OTVh
Y2MxZGUwHhcNMjUxMTExMTQwMDU0WhcNMjUxMTEyMTQwMDU0WjAzMTEwLwYDVQQD
EyhmZDI4NDU4NjU5NTdjYmM2NWRjODY5ZWEyMzA4MGU5NjIyN2IyNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOfJZu3s7WL6v/gp+O719jrtXeOp
M0CnJvqR2D23urzZLQ74w7mMe1j1u89bgX7WqcNiiBFg1+fUfnSoqX366kvtC4wl
Bajhfu1zCzkKaAIDglTUSo9lRFcH0Lmtq164/gwkDP5dJV5/Su274DABNsZ3EQec
GzwVCO5WGoXSj0WsAPMQiZx1RerVeiyVZtwqSt66JlHdgvWId5/FK5oq4xtSqo5Q
IUTnFkmXBPTIH/zbYPQoBiRdVcZ2NIHbf6z+JtsPR2/bRuubyVwGGcgQfGAC1dWx
6UhIup9oBkiTg+3M7XAOFv7MJzqs5leaDriDyyRg1jlSmmLBcD/Ub1MfRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0oRYZZV8vGXchp6iMIDpYieyTFMB8GA1UdIwQY
MBaAFKqx2w4Aggh236IL7JtxmqeVrMHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGIt
MjNlMzgxMzY1MWQ0LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGItMjNlMzgxMzY1MWQ0
LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPMf3fpJH
Cc37qrezqB73f3ewCWtP3sT66CQqnZB29GyHqsDXonAQrAQfJ6JbxLx55zGSicIH
o+w3lKcUQ4WU/WX69a6H5p8zAeEaI/u9aTiis3GS9MtCG+bsG1IlXgomX0NzOt/9
4gGz8catj/B/vNp3YpG9JqCC9fBK1dL1sZUbkslDxl24So6k7iEkmccPdUPs8E/j
Q1F/HJbGFpScbwfbbbWZF3k1V70XdSiyT6HOebsnzKdaTccWiFatkneR5q80dFBU
4cn61F5J+qoQCXqY8N70Cx9RMyogn8xIg3XSIoZ3pvHir1rxiAgpJKnMupL1BwLh
X9Phl0JlQ0p8DQ==
-----END CERTIFICATE-----