Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
File:                     QAlHG9muvWlFaoNaP7CjUbBSZgI.mft (raw, json)
Hash identifier:          wlyubuZAFGRcBEPdr+2tfLNiwV7FaDN1UJ/soCI1bQw=
Subject key identifier:   39:85:ED:D1:FE:94:9E:47:9E:91:CF:A2:E4:71:C9:73:B2:15:72:8A
Authority key identifier: 40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02
Certificate issuer:       /CN=4009471bd9aebd69456a835a3fb0a351b0526602
Certificate serial:       019A71EEF2B8E14BD65371CB6A3CE1F425FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
Manifest number:          013B
Signing time:             Tue 11 Nov 2025 08:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:16 +0000
Files and hashes:         1: QAlHG9muvWlFaoNaP7CjUbBSZgI.crl (hash: DvzPu5yIB8lRTCOK9639o2JZEVpbHZVIhT2lMCkRFlc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:f2:b8:e1:4b:d6:53:71:cb:6a:3c:e1:f4:25:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009471bd9aebd69456a835a3fb0a351b0526602
        Validity
            Not Before: Nov 11 08:01:16 2025 GMT
            Not After : Nov 12 08:01:16 2025 GMT
        Subject: CN=3985edd1fe949e479e91cfa2e471c973b215728a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:86:61:d9:fc:4e:b0:5b:c1:f8:75:8e:c9:85:
                    45:bd:1f:8c:c5:b9:ae:e4:25:84:96:20:bf:9e:ee:
                    27:7a:59:d6:50:19:fd:b7:70:0c:0e:90:34:0b:2d:
                    01:39:ce:de:0c:21:52:d6:b4:64:88:8e:38:fc:db:
                    10:3b:e3:05:86:d9:64:91:af:f8:72:f4:f0:f3:95:
                    4f:9b:2d:44:67:30:85:3d:6a:b2:1b:d1:53:b3:14:
                    2a:54:0c:81:96:45:a2:3e:b7:44:87:cd:e7:03:a5:
                    40:cb:9b:48:3f:bb:2c:fd:67:e3:0f:9a:0e:b8:b9:
                    80:d3:53:f4:e2:2c:65:d3:8f:59:a6:ac:bf:7c:a5:
                    e3:a5:6c:6b:d8:2b:7d:b2:1f:80:48:8c:a1:7e:2b:
                    91:8c:7f:1d:69:b0:b7:82:5c:ae:78:26:b3:47:96:
                    1f:20:23:b8:02:4f:1a:e7:5f:4b:2f:5d:5e:7d:2a:
                    81:2f:54:21:13:3e:7c:26:2e:d9:92:1a:c9:22:3b:
                    55:eb:3f:f3:57:a0:f4:a6:c4:1f:2d:87:cd:f2:a6:
                    44:37:7b:21:5b:32:50:18:73:a7:e4:89:0a:b6:fa:
                    01:21:42:84:ef:c6:d8:5d:3e:f0:2f:d0:40:e6:7f:
                    ab:c2:1b:85:56:ec:fe:8c:1a:83:e6:7e:8b:d2:44:
                    95:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:85:ED:D1:FE:94:9E:47:9E:91:CF:A2:E4:71:C9:73:B2:15:72:8A
            X509v3 Authority Key Identifier:
                keyid:40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:2f:4e:f6:21:86:eb:02:bf:d0:94:64:1f:ee:b9:8f:56:d3:
         0c:08:9a:3b:64:44:2e:e8:bc:6a:8e:3f:21:a6:45:db:33:a9:
         f8:75:01:59:45:99:14:9f:0a:19:36:b6:48:a9:d2:19:9a:5f:
         91:be:49:83:4c:1a:34:10:a2:47:5e:c4:54:d7:ca:61:d9:3a:
         33:2a:aa:41:50:36:49:66:ae:a0:d1:73:0c:dc:03:5e:20:23:
         41:00:ba:94:dc:00:0d:f4:1b:6a:3d:5b:b6:ce:f5:86:bc:c3:
         bf:d8:0e:20:dd:e4:15:08:ba:fa:f3:ec:8f:ba:4c:fb:47:aa:
         fe:72:8a:12:05:75:91:d7:1a:e2:56:b3:00:5d:5f:24:7a:b3:
         34:30:25:99:06:75:d8:80:e8:45:36:fd:f7:29:fd:d6:04:62:
         30:c1:01:d6:45:1f:16:19:3a:af:39:44:88:bc:d5:b6:28:d9:
         10:a4:f2:aa:42:75:93:bc:e8:57:23:c4:7d:5b:94:15:ea:6a:
         00:0f:ec:41:09:b0:d1:0a:00:bd:e2:68:5d:0f:34:63:5a:9f:
         73:94:17:fa:3f:17:5a:d4:b5:25:c9:55:9b:53:43:c7:1c:15:
         72:aa:bf:b9:0c:ea:f4:42:35:af:ac:a0:75:02:58:fd:3e:af:
         22:f7:e4:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7vK44UvWU3HLajzh9CX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDk0NzFiZDlhZWJkNjk0NTZhODM1YTNmYjBhMzUxYjA1
MjY2MDIwHhcNMjUxMTExMDgwMTE2WhcNMjUxMTEyMDgwMTE2WjAzMTEwLwYDVQQD
EygzOTg1ZWRkMWZlOTQ5ZTQ3OWU5MWNmYTJlNDcxYzk3M2IyMTU3MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIZh2fxOsFvB+HWOyYVFvR+Mxbmu
5CWEliC/nu4nelnWUBn9t3AMDpA0Cy0BOc7eDCFS1rRkiI44/NsQO+MFhtlkka/4
cvTw85VPmy1EZzCFPWqyG9FTsxQqVAyBlkWiPrdEh83nA6VAy5tIP7ss/WfjD5oO
uLmA01P04ixl049Zpqy/fKXjpWxr2Ct9sh+ASIyhfiuRjH8dabC3glyueCazR5Yf
ICO4Ak8a519LL11efSqBL1QhEz58Ji7ZkhrJIjtV6z/zV6D0psQfLYfN8qZEN3sh
WzJQGHOn5IkKtvoBIUKE78bYXT7wL9BA5n+rwhuFVuz+jBqD5n6L0kSVTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmF7dH+lJ5HnpHPouRxyXOyFXKKMB8GA1UdIwQY
MBaAFEAJRxvZrr1pRWqDWj+wo1GwUmYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2It
NDNlY2RjM2Y0YmVmLzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2ItNDNlY2RjM2Y0YmVm
LzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiS9O9iGG
6wK/0JRkH+65j1bTDAiaO2RELui8ao4/IaZF2zOp+HUBWUWZFJ8KGTa2SKnSGZpf
kb5Jg0waNBCiR17EVNfKYdk6MyqqQVA2SWauoNFzDNwDXiAjQQC6lNwADfQbaj1b
ts71hrzDv9gOIN3kFQi6+vPsj7pM+0eq/nKKEgV1kdca4lazAF1fJHqzNDAlmQZ1
2IDoRTb99yn91gRiMMEB1kUfFhk6rzlEiLzVtijZEKTyqkJ1k7zoVyPEfVuUFepq
AA/sQQmw0QoAveJoXQ80Y1qfc5QX+j8XWtS1JclVm1NDxxwVcqq/uQzq9EI1r6yg
dQJY/T6vIvfkBg==
-----END CERTIFICATE-----