Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          PfcJYK1OMPX4jV+51Z/Kl22TP+txbTg9MChe0js8bV0=
Subject key identifier:   B2:B9:91:2F:E8:AC:A6:62:DD:F8:67:5D:16:1F:87:F4:CA:DC:9C:DB
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       019A71B812C0C374783B8AAC36E5577CF465
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          07BB
Signing time:             Tue 11 Nov 2025 07:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:20 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: pSSDrdc5l6WRu7kZhczFBd22sTgUl9vjJBrFCZ914TI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:12:c0:c3:74:78:3b:8a:ac:36:e5:57:7c:f4:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Nov 11 07:01:20 2025 GMT
            Not After : Nov 12 07:01:20 2025 GMT
        Subject: CN=b2b9912fe8aca662ddf8675d161f87f4cadc9cdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:37:1f:6d:51:eb:fe:ec:83:a9:a4:63:b4:9a:
                    10:3e:4f:00:72:40:b5:85:9f:c3:e4:48:27:88:23:
                    d9:51:c1:87:f2:37:bd:24:f8:62:42:7a:79:56:0b:
                    a4:e5:c0:2c:0d:01:2d:17:4b:71:62:6f:d2:58:c6:
                    6d:be:fe:76:32:6f:a7:0d:45:24:cf:fa:fc:a4:d5:
                    94:7b:a8:a3:35:e2:a0:1c:ec:ed:16:80:4d:5f:d6:
                    36:23:4f:39:07:d5:01:7c:31:fe:24:86:1c:74:89:
                    39:26:c5:83:6c:58:50:a8:27:8a:c7:88:f4:c3:d3:
                    f7:ff:05:16:91:20:7c:76:2c:e9:36:33:5f:88:87:
                    2d:72:5e:db:a9:57:e6:00:aa:c7:47:a5:39:55:17:
                    42:60:9c:e9:3e:76:bc:10:49:f8:1c:32:57:7e:cd:
                    f1:5c:10:5d:5f:7e:d7:c3:d6:90:57:8a:f4:13:d1:
                    83:d5:b6:5f:af:e3:75:c2:e9:3e:6b:fc:5a:31:c1:
                    5a:05:c4:e1:64:0d:34:f3:72:d2:cd:f2:ee:c7:fb:
                    e2:88:a4:e3:61:4d:49:ac:01:90:e8:0b:91:ce:3b:
                    fd:21:96:2b:18:c6:e3:86:4a:93:f7:83:2b:c2:6f:
                    e2:1f:8f:50:e9:a9:5d:63:c4:f8:65:21:19:e4:20:
                    90:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B9:91:2F:E8:AC:A6:62:DD:F8:67:5D:16:1F:87:F4:CA:DC:9C:DB
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:55:93:e4:db:21:4a:24:ea:58:74:23:9d:b6:af:87:92:18:
         aa:6e:52:4f:99:d7:70:1a:56:d2:ae:64:7a:a1:c7:5a:63:55:
         18:c1:bc:f7:e6:90:97:9d:00:5f:80:a4:af:d0:b3:e0:f2:8d:
         90:a4:55:e1:1e:06:7d:70:87:fd:07:ff:73:07:60:20:24:df:
         9b:ff:e0:f2:82:13:51:e1:e5:ac:14:56:4e:57:19:8b:2f:c6:
         0a:39:b2:e8:c3:69:01:1a:69:f3:35:22:bf:93:d4:cf:2a:2c:
         80:0e:13:33:84:36:f6:36:b8:25:37:b5:1e:82:44:2c:da:ff:
         7c:4e:17:ac:e8:cf:b6:c4:c4:92:23:2b:f7:8f:60:8c:1d:2b:
         32:86:99:22:e8:ba:bc:7e:16:6e:8e:96:48:e5:49:df:b5:4f:
         32:d7:93:15:a9:c0:90:e9:ba:78:10:cb:28:23:f9:c7:8c:f9:
         a9:af:13:a9:4a:19:ab:0f:a3:57:d9:76:fe:0c:c1:fa:0e:e9:
         d8:5b:5e:9a:bf:83:78:5b:06:20:d9:46:25:13:64:04:80:05:
         80:db:05:a1:0b:3d:d4:fc:65:7b:00:38:fb:aa:41:d1:5c:ac:
         d2:68:29:12:12:3a:b8:21:74:21:50:48:6a:57:1a:4e:53:63:
         34:ac:ec:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBLAw3R4O4qsNuVXfPRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
EyhiMmI5OTEyZmU4YWNhNjYyZGRmODY3NWQxNjFmODdmNGNhZGM5Y2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zcfbVHr/uyDqaRjtJoQPk8AckC1
hZ/D5EgniCPZUcGH8je9JPhiQnp5Vguk5cAsDQEtF0txYm/SWMZtvv52Mm+nDUUk
z/r8pNWUe6ijNeKgHOztFoBNX9Y2I085B9UBfDH+JIYcdIk5JsWDbFhQqCeKx4j0
w9P3/wUWkSB8dizpNjNfiIctcl7bqVfmAKrHR6U5VRdCYJzpPna8EEn4HDJXfs3x
XBBdX37Xw9aQV4r0E9GD1bZfr+N1wuk+a/xaMcFaBcThZA0083LSzfLux/viiKTj
YU1JrAGQ6AuRzjv9IZYrGMbjhkqT94Mrwm/iH49Q6aldY8T4ZSEZ5CCQjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLK5kS/orKZi3fhnXRYfh/TK3JzbMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuFWT5Nsh
SiTqWHQjnbavh5IYqm5ST5nXcBpW0q5keqHHWmNVGMG89+aQl50AX4Ckr9Cz4PKN
kKRV4R4GfXCH/Qf/cwdgICTfm//g8oITUeHlrBRWTlcZiy/GCjmy6MNpARpp8zUi
v5PUzyosgA4TM4Q29ja4JTe1HoJELNr/fE4XrOjPtsTEkiMr949gjB0rMoaZIui6
vH4Wbo6WSOVJ37VPMteTFanAkOm6eBDLKCP5x4z5qa8TqUoZqw+jV9l2/gzB+g7p
2Ftemr+DeFsGINlGJRNkBIAFgNsFoQs91PxlewA4+6pB0Vys0mgpEhI6uCF0IVBI
alcaTlNjNKzsyw==
-----END CERTIFICATE-----