Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          qRMs121SG7CJo574fhkEi3rgEGo3X+5/d2BD+rkvz5k=
Subject key identifier:   0F:E7:DA:3E:BB:04:E5:1B:DD:47:64:9D:12:3E:CD:D8:63:70:F8:AD
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       0199247A91FBE824FEC79405BA85E395010F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          1393
Signing time:             Sun 07 Sep 2025 14:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 14:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 14:00:36 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: yb8uVd27DmHwkL0lVnZ/B9w4ARvpsifY0Mw2QM2IvDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:7a:91:fb:e8:24:fe:c7:94:05:ba:85:e3:95:01:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Sep  7 14:00:36 2025 GMT
            Not After : Sep  8 14:00:36 2025 GMT
        Subject: CN=0fe7da3ebb04e51bdd47649d123ecdd86370f8ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3b:87:44:09:04:76:3e:fc:f2:cd:74:49:03:
                    17:5f:96:21:da:2e:90:e6:0d:f0:2e:66:34:46:f7:
                    72:80:55:13:56:18:c1:ed:51:7f:82:de:c6:93:62:
                    6b:3e:ac:ad:0b:52:6f:d2:02:96:ea:b3:d4:6e:fd:
                    1b:6f:88:70:9b:e0:df:bf:27:fb:12:38:46:97:4e:
                    f6:a4:39:db:7a:98:a1:8d:a9:0b:d0:86:96:91:b3:
                    2e:98:35:6c:eb:ed:17:d3:7c:d5:32:4a:1b:62:d3:
                    36:b0:de:5f:78:6e:9f:e2:f7:30:58:20:bd:0a:01:
                    26:cb:2f:31:28:e0:93:a9:5c:0e:10:13:ce:7e:85:
                    34:c3:76:e8:e9:af:01:21:5b:3f:c4:fc:c5:45:a2:
                    c2:62:48:f7:c7:cd:c3:74:5a:41:b1:de:ca:63:f5:
                    4d:df:90:6a:d6:78:0b:35:a6:f5:ff:d0:5f:32:58:
                    08:be:1e:90:fa:67:26:55:e6:80:11:91:73:58:51:
                    5e:77:e8:26:8a:08:31:4e:56:49:4d:1b:7e:a3:40:
                    6b:93:b4:83:78:ab:d4:bd:57:6c:97:ae:03:62:93:
                    f9:14:bd:cb:93:1b:42:5a:6f:a5:ce:0f:d5:e8:b4:
                    86:60:67:f4:d4:1c:c7:d9:79:52:92:0e:26:f7:93:
                    7f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E7:DA:3E:BB:04:E5:1B:DD:47:64:9D:12:3E:CD:D8:63:70:F8:AD
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:29:ac:7a:62:4f:c1:d2:81:ee:2b:96:52:34:03:0e:74:45:
         6e:f6:01:1d:bb:b9:50:b3:9b:42:34:f8:2e:1f:ca:40:ae:08:
         6e:fa:87:2f:17:0e:c1:45:d9:13:01:c1:a5:1e:97:96:7d:c6:
         cf:a0:6d:6c:c6:19:60:51:33:af:f1:1e:3c:ad:8c:2f:7a:ee:
         79:7b:88:1d:bc:ec:d4:35:d9:fc:ba:ad:bd:dd:76:95:4d:80:
         09:8d:5c:f0:60:d4:47:97:a8:b8:86:51:c5:5f:f9:8a:85:a0:
         f6:0c:a1:c1:a8:7b:d1:b1:43:8b:47:a6:7f:3a:48:76:99:db:
         b8:f4:7b:27:b5:16:27:27:6f:a6:f9:4b:a3:4a:3f:f1:f6:a0:
         e0:46:0e:41:8a:a0:96:fd:ee:66:14:c1:91:fb:d7:a2:1f:d8:
         a3:41:e1:81:02:fe:d5:50:cf:0a:4d:32:eb:de:2a:35:57:02:
         be:3f:c4:5e:95:45:12:b0:28:73:0d:78:32:52:17:e3:62:ca:
         37:a0:da:18:5c:82:45:a1:be:00:01:34:4a:1b:ec:8b:75:56:
         28:e6:69:10:83:1a:e2:49:fb:14:6c:27:de:6d:92:96:95:e8:
         c1:12:d9:02:01:06:92:f5:6b:ef:85:b4:51:44:f7:3d:d0:ec:
         c2:bd:63:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkepH76CT+x5QFuoXjlQEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjUwOTA3MTQwMDM2WhcNMjUwOTA4MTQwMDM2WjAzMTEwLwYDVQQD
EygwZmU3ZGEzZWJiMDRlNTFiZGQ0NzY0OWQxMjNlY2RkODYzNzBmOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDuHRAkEdj788s10SQMXX5Yh2i6Q
5g3wLmY0RvdygFUTVhjB7VF/gt7Gk2JrPqytC1Jv0gKW6rPUbv0bb4hwm+Dfvyf7
EjhGl072pDnbepihjakL0IaWkbMumDVs6+0X03zVMkobYtM2sN5feG6f4vcwWCC9
CgEmyy8xKOCTqVwOEBPOfoU0w3bo6a8BIVs/xPzFRaLCYkj3x83DdFpBsd7KY/VN
35Bq1ngLNab1/9BfMlgIvh6Q+mcmVeaAEZFzWFFed+gmiggxTlZJTRt+o0Brk7SD
eKvUvVdsl64DYpP5FL3LkxtCWm+lzg/V6LSGYGf01BzH2XlSkg4m95N/ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/n2j67BOUb3UdknRI+zdhjcPitMB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApSmsemJP
wdKB7iuWUjQDDnRFbvYBHbu5ULObQjT4Lh/KQK4IbvqHLxcOwUXZEwHBpR6Xln3G
z6BtbMYZYFEzr/EePK2ML3rueXuIHbzs1DXZ/Lqtvd12lU2ACY1c8GDUR5eouIZR
xV/5ioWg9gyhwah70bFDi0emfzpIdpnbuPR7J7UWJydvpvlLo0o/8fag4EYOQYqg
lv3uZhTBkfvXoh/Yo0HhgQL+1VDPCk0y694qNVcCvj/EXpVFErAocw14MlIX42LK
N6DaGFyCRaG+AAE0Shvsi3VWKOZpEIMa4kn7FGwn3m2SlpXowRLZAgEGkvVr74W0
UUT3PdDswr1jZw==
-----END CERTIFICATE-----