Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          dwlCfTaG8PX5Sdv2REYwhMYyTHXXkeA6PDMpQmHW9tw=
Subject key identifier:   7B:EA:3E:EA:E1:18:8F:38:59:30:A6:9B:A8:74:FF:C7:1F:A8:74:7D
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       019A72257A987893192EB832258807DDA98B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:49 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: TVD5RZ9uAZR2+lEAAgEzmT9EA0g0yqMFte/tpylHsy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:7a:98:78:93:19:2e:b8:32:25:88:07:dd:a9:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Nov 11 09:00:49 2025 GMT
            Not After : Nov 12 09:00:49 2025 GMT
        Subject: CN=7bea3eeae1188f385930a69ba874ffc71fa8747d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c5:66:bd:98:23:ef:89:4f:47:4b:4e:6d:a8:
                    15:89:6b:99:df:15:31:6e:e3:38:5a:60:b3:2f:63:
                    a2:a7:05:28:a3:56:de:58:1d:bc:2c:cf:1a:19:6a:
                    07:43:86:d1:4c:42:5c:b9:b5:3a:fb:23:c8:e2:b5:
                    a2:b3:13:f5:21:aa:c3:ea:77:6d:5b:2a:91:47:0a:
                    f3:ae:e5:53:f0:0f:9c:b8:56:cb:31:fa:5f:78:33:
                    ca:06:30:3e:52:d8:99:ad:48:b4:3d:7a:95:85:b3:
                    56:b3:68:7d:35:3b:6c:1f:5a:cd:ab:17:20:06:20:
                    e7:23:b3:3a:49:59:52:88:f0:ec:e2:0b:60:a3:90:
                    9a:2c:f4:c7:84:01:7d:5e:53:c2:82:7e:1b:ee:ed:
                    e6:7f:4e:bc:8c:29:d0:f4:bd:3c:85:d0:cb:56:f4:
                    80:f7:01:6b:8f:d8:d8:b3:d2:17:34:e0:e6:47:bc:
                    c1:5e:92:bd:77:9a:2b:e8:0b:c7:a2:42:f4:cc:51:
                    55:2b:a7:c4:e0:2c:90:ae:6d:f3:5d:23:be:14:1a:
                    10:f6:ba:df:95:b3:48:16:4d:c4:81:d3:c2:e0:52:
                    41:a4:0e:ba:29:51:8f:98:4a:33:80:36:57:79:d6:
                    11:ac:88:77:e4:ae:89:a6:0e:7c:f9:e1:ea:95:e8:
                    fd:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EA:3E:EA:E1:18:8F:38:59:30:A6:9B:A8:74:FF:C7:1F:A8:74:7D
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:48:b4:f3:0d:27:ff:5b:bc:9a:fe:d4:e7:47:72:f4:4a:ce:
         fa:20:29:5b:fe:f3:cf:c2:fb:be:90:ce:9f:a3:3c:9d:8e:a7:
         5a:84:ed:88:09:ea:99:33:fe:22:8a:f3:b2:84:86:a9:6c:f7:
         28:7c:0f:69:06:ef:cc:6d:fe:6e:51:86:97:4f:e7:fd:38:bb:
         f3:01:a6:1c:e0:9b:8f:24:7d:8c:48:08:c0:44:c3:55:d3:65:
         e9:50:28:6d:b6:25:e4:1f:e7:3f:03:5d:df:9b:fe:a4:81:89:
         98:81:63:0a:b6:2b:9b:8b:27:c8:65:8d:1d:fb:30:e7:2d:40:
         08:31:34:99:31:4d:63:61:d0:95:da:52:57:7d:3f:4f:1e:56:
         8b:1c:63:ad:4f:b7:eb:f1:08:73:0c:2f:a0:97:00:3e:ea:ed:
         96:76:da:a2:98:cc:ae:04:4e:5a:76:3f:c8:12:84:a7:40:e2:
         30:5a:e4:49:12:7a:78:81:57:53:aa:a9:97:cd:e4:ca:8d:ae:
         57:0b:25:cb:d2:bd:cc:5c:ef:4d:72:b1:a1:2f:62:cc:79:f8:
         f9:cd:04:fe:cd:51:fb:b1:fd:82:4a:5d:21:2b:80:1d:b2:f2:
         52:90:81:a5:ae:ed:65:56:b3:7f:6d:87:06:ad:50:4c:5a:ca:
         b8:ae:7f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXqYeJMZLrgyJYgH3amLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjUxMTExMDkwMDQ5WhcNMjUxMTEyMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg3YmVhM2VlYWUxMTg4ZjM4NTkzMGE2OWJhODc0ZmZjNzFmYTg3NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosVmvZgj74lPR0tObagViWuZ3xUx
buM4WmCzL2OipwUoo1beWB28LM8aGWoHQ4bRTEJcubU6+yPI4rWisxP1IarD6ndt
WyqRRwrzruVT8A+cuFbLMfpfeDPKBjA+UtiZrUi0PXqVhbNWs2h9NTtsH1rNqxcg
BiDnI7M6SVlSiPDs4gtgo5CaLPTHhAF9XlPCgn4b7u3mf068jCnQ9L08hdDLVvSA
9wFrj9jYs9IXNODmR7zBXpK9d5or6AvHokL0zFFVK6fE4CyQrm3zXSO+FBoQ9rrf
lbNIFk3EgdPC4FJBpA66KVGPmEozgDZXedYRrIh35K6Jpg58+eHqlej9WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvqPurhGI84WTCmm6h0/8cfqHR9MB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmEi08w0n
/1u8mv7U50dy9ErO+iApW/7zz8L7vpDOn6M8nY6nWoTtiAnqmTP+IorzsoSGqWz3
KHwPaQbvzG3+blGGl0/n/Ti78wGmHOCbjyR9jEgIwETDVdNl6VAobbYl5B/nPwNd
35v+pIGJmIFjCrYrm4snyGWNHfsw5y1ACDE0mTFNY2HQldpSV30/Tx5WixxjrU+3
6/EIcwwvoJcAPurtlnbaopjMrgROWnY/yBKEp0DiMFrkSRJ6eIFXU6qpl83kyo2u
Vwsly9K9zFzvTXKxoS9izHn4+c0E/s1R+7H9gkpdISuAHbLyUpCBpa7tZVazf22H
Bq1QTFrKuK5/Iw==
-----END CERTIFICATE-----