Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          TTIXKoJPaoYbcmXwZIQN14cSMsZREnuyH4RAK/jg6aY=
Subject key identifier:   3F:91:84:F2:D1:EC:7C:91:2E:5C:6A:B4:E2:6F:E1:65:58:9D:8E:39
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       019A7293CF9511F400137CFA37A4FE8C522E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          0423
Signing time:             Tue 11 Nov 2025 11:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:20 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: l4OxR/PFHET+LCYzSwgEkbG28x3vvYwnHv8e/YFTFc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:cf:95:11:f4:00:13:7c:fa:37:a4:fe:8c:52:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Nov 11 11:01:20 2025 GMT
            Not After : Nov 12 11:01:20 2025 GMT
        Subject: CN=3f9184f2d1ec7c912e5c6ab4e26fe165589d8e39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2e:7f:cf:ab:2b:c2:63:7c:c2:e6:a2:e0:a5:
                    1f:ac:67:54:4d:11:b9:0a:4e:18:9e:8a:a1:19:c4:
                    d1:25:f2:72:3a:39:aa:b1:13:e7:5e:57:52:98:63:
                    57:db:84:30:b1:0f:11:c5:e0:7e:5e:d4:a9:38:06:
                    d6:fb:09:62:9a:99:79:46:c2:f8:53:97:93:ec:77:
                    67:38:36:76:84:0a:9b:71:35:85:b4:39:ce:cf:d9:
                    dd:f0:c9:35:2d:b0:84:58:7d:86:c8:a7:d4:fe:da:
                    d4:19:d3:71:ae:7b:fa:b5:be:22:c4:f4:10:b7:b2:
                    6f:f8:f2:18:df:73:80:22:56:84:75:fa:c8:e7:18:
                    c8:1b:30:0c:54:21:3e:d6:76:dc:cb:31:ed:82:a8:
                    27:a5:c7:b0:4c:2b:17:3b:db:a2:9b:61:d8:6d:7c:
                    de:67:eb:7c:36:2a:db:e0:b0:a1:c6:d7:03:80:70:
                    b1:dc:4a:0a:1d:cc:8c:c2:46:c1:9f:26:91:6a:fc:
                    42:e6:3a:d8:f5:1d:80:80:46:e9:fc:b2:d0:6b:a0:
                    d3:c4:35:57:cd:66:13:ff:51:33:07:e2:a2:0b:e7:
                    54:23:cd:da:16:9e:b6:a6:56:a9:89:a4:8a:75:e2:
                    b7:07:cc:98:00:55:87:61:46:77:42:53:5c:b0:10:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:91:84:F2:D1:EC:7C:91:2E:5C:6A:B4:E2:6F:E1:65:58:9D:8E:39
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:db:c1:30:5d:e6:08:c0:54:22:06:e2:9f:be:bb:eb:a2:cf:
         58:63:ea:63:96:54:7e:5b:0d:57:3c:23:75:56:70:09:64:b7:
         d1:f2:36:dc:f3:3d:6a:a8:35:72:71:c4:d6:51:48:b4:8a:91:
         0f:a6:b3:05:84:3d:85:45:ea:33:8b:c9:c9:f1:90:c6:f0:ee:
         61:3a:81:e9:e4:f9:4b:d5:7f:38:c7:be:c8:e6:5e:4c:6f:20:
         02:37:8e:93:b0:80:7e:e3:61:d2:8c:bc:77:5d:54:03:ac:fd:
         d1:1a:a4:db:86:0a:91:05:25:04:2d:aa:f6:04:0b:68:a3:94:
         ed:00:b2:a8:4c:13:7b:b4:96:01:53:b5:57:a1:ad:38:51:37:
         47:96:17:96:7b:3a:15:07:e4:eb:06:2f:4c:ce:b8:67:d9:3d:
         99:9c:af:2c:87:d2:b9:59:80:78:bd:1c:e2:9a:22:ca:b3:7f:
         20:10:7a:70:aa:7a:36:97:10:83:c3:32:9e:4c:db:5d:e3:47:
         fe:e7:b8:fd:39:8e:08:27:b7:c0:23:b7:00:db:53:a0:0d:a7:
         b3:94:d9:f8:07:05:7b:8c:d5:c4:0e:77:1e:af:3a:ef:e1:fd:
         26:8a:a2:22:a0:0f:c8:75:e3:5e:77:d2:68:24:99:0a:e0:7c:
         66:51:58:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk8+VEfQAE3z6N6T+jFIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUxMTExMTEwMTIwWhcNMjUxMTEyMTEwMTIwWjAzMTEwLwYDVQQD
EygzZjkxODRmMmQxZWM3YzkxMmU1YzZhYjRlMjZmZTE2NTU4OWQ4ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3y5/z6srwmN8wuai4KUfrGdUTRG5
Ck4YnoqhGcTRJfJyOjmqsRPnXldSmGNX24QwsQ8RxeB+XtSpOAbW+wlimpl5RsL4
U5eT7HdnODZ2hAqbcTWFtDnOz9nd8Mk1LbCEWH2GyKfU/trUGdNxrnv6tb4ixPQQ
t7Jv+PIY33OAIlaEdfrI5xjIGzAMVCE+1nbcyzHtgqgnpcewTCsXO9uim2HYbXze
Z+t8Nirb4LChxtcDgHCx3EoKHcyMwkbBnyaRavxC5jrY9R2AgEbp/LLQa6DTxDVX
zWYT/1EzB+KiC+dUI83aFp62plapiaSKdeK3B8yYAFWHYUZ3QlNcsBAd4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+RhPLR7HyRLlxqtOJv4WVYnY45MB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9vBMF3m
CMBUIgbin76766LPWGPqY5ZUflsNVzwjdVZwCWS30fI23PM9aqg1cnHE1lFItIqR
D6azBYQ9hUXqM4vJyfGQxvDuYTqB6eT5S9V/OMe+yOZeTG8gAjeOk7CAfuNh0oy8
d11UA6z90Rqk24YKkQUlBC2q9gQLaKOU7QCyqEwTe7SWAVO1V6GtOFE3R5YXlns6
FQfk6wYvTM64Z9k9mZyvLIfSuVmAeL0c4poiyrN/IBB6cKp6NpcQg8MynkzbXeNH
/ue4/TmOCCe3wCO3ANtToA2ns5TZ+AcFe4zVxA53Hq867+H9JoqiIqAPyHXjXnfS
aCSZCuB8ZlFYaw==
-----END CERTIFICATE-----