Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          uL8VeISqlRxVDI3dEmh4LBquICUQqlBlWZc/LyJVqIc=
Subject key identifier:   D2:42:D7:2E:C6:DC:20:E5:1B:4E:D5:8E:26:E8:B4:29:61:24:50:FD
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019A711338EF56CCC2B68805B5468C5CA5B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          15C3
Signing time:             Tue 11 Nov 2025 04:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:16 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: XNfG93UQtw9oFCh/Ra3HOZwJEQhl7xCvhflZ7ES/rHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:38:ef:56:cc:c2:b6:88:05:b5:46:8c:5c:a5:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Nov 11 04:01:16 2025 GMT
            Not After : Nov 12 04:01:16 2025 GMT
        Subject: CN=d242d72ec6dc20e51b4ed58e26e8b429612450fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ae:6a:41:b3:b4:22:8c:2d:0a:74:c0:69:7f:
                    cc:73:3f:1e:d9:58:38:00:b1:2b:e2:09:38:a2:36:
                    74:41:89:46:a8:33:c8:ee:1d:ff:8e:5f:13:05:60:
                    f2:2d:b5:8b:ae:32:ec:c2:51:b6:09:fa:25:9f:e4:
                    57:83:b8:14:af:74:77:44:00:99:bd:c8:75:f1:07:
                    45:73:3b:d7:bc:f6:48:19:55:af:c2:89:f5:3d:38:
                    5f:33:a1:ce:90:91:f9:89:de:98:36:57:dd:d4:e1:
                    00:b8:ed:e2:ed:b1:4a:7e:61:9e:1f:af:69:88:14:
                    ad:aa:14:1a:12:bc:7b:3f:b2:27:07:1c:35:c0:a1:
                    77:9b:07:34:a2:47:b3:e2:0f:1b:42:2b:a1:e5:c1:
                    f6:18:d9:02:cc:71:f5:87:55:88:93:44:e8:de:6c:
                    56:96:c2:e7:76:b9:b7:83:fb:d0:f1:6d:05:b2:24:
                    22:ae:84:7e:6b:a2:ce:ef:cc:3e:bd:30:19:a6:c6:
                    40:e0:69:f2:ff:f7:01:9d:9f:5a:19:d3:a1:9f:6f:
                    04:49:db:b5:05:8c:83:45:0a:32:3c:5d:18:24:96:
                    ed:fb:72:dc:9a:c5:da:2d:57:f6:c0:9a:52:a4:e7:
                    4d:3c:81:eb:02:41:aa:37:fa:22:8c:cd:e1:83:ec:
                    02:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:42:D7:2E:C6:DC:20:E5:1B:4E:D5:8E:26:E8:B4:29:61:24:50:FD
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:f4:52:9a:f6:af:80:32:3c:5d:cc:2f:3a:a1:36:0e:7c:b7:
         69:e1:9e:e5:f8:aa:d0:21:dc:5b:36:8f:05:78:36:71:34:05:
         09:af:97:7c:a3:e5:98:e0:6a:ff:a9:57:22:d2:e2:07:1d:54:
         d6:97:76:f0:4a:70:30:36:97:10:e6:87:c6:1f:53:74:c5:00:
         f0:7b:bb:4f:9a:8f:e4:08:eb:a0:06:64:b8:28:a0:98:49:49:
         bc:ea:5d:9a:f3:35:e5:65:f1:c0:67:2e:f0:cd:e4:56:8b:e3:
         42:70:f7:cb:00:e3:53:0e:7c:a5:34:3e:8d:45:56:9d:e0:c9:
         91:49:15:e6:da:c0:d0:7c:0c:04:25:a7:4d:b6:50:54:81:74:
         73:36:34:11:63:21:41:c3:67:c7:d7:ed:83:f5:f8:3b:7a:cd:
         ce:d7:4b:ed:03:8e:07:e9:87:f6:5b:89:0f:9d:01:7f:06:16:
         66:28:d5:80:8e:35:9b:b5:52:44:1d:d4:9c:89:d9:0f:28:e7:
         95:a7:ca:5a:cf:c4:83:51:b8:4f:47:7d:07:0d:2c:7f:d9:a9:
         3f:b2:05:bf:18:58:fa:e9:27:50:1e:cc:fa:4a:71:e0:ec:6b:
         40:7e:26:b7:60:98:e7:09:8b:18:3b:05:cf:29:2a:c1:d2:da:
         69:cf:9b:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEzjvVszCtogFtUaMXKWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUxMTExMDQwMTE2WhcNMjUxMTEyMDQwMTE2WjAzMTEwLwYDVQQD
EyhkMjQyZDcyZWM2ZGMyMGU1MWI0ZWQ1OGUyNmU4YjQyOTYxMjQ1MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq5qQbO0IowtCnTAaX/Mcz8e2Vg4
ALEr4gk4ojZ0QYlGqDPI7h3/jl8TBWDyLbWLrjLswlG2Cfoln+RXg7gUr3R3RACZ
vch18QdFczvXvPZIGVWvwon1PThfM6HOkJH5id6YNlfd1OEAuO3i7bFKfmGeH69p
iBStqhQaErx7P7InBxw1wKF3mwc0okez4g8bQiuh5cH2GNkCzHH1h1WIk0To3mxW
lsLndrm3g/vQ8W0FsiQiroR+a6LO78w+vTAZpsZA4Gny//cBnZ9aGdOhn28ESdu1
BYyDRQoyPF0YJJbt+3LcmsXaLVf2wJpSpOdNPIHrAkGqN/oijM3hg+wCPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJC1y7G3CDlG07VjibotClhJFD9MB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPRSmvav
gDI8XcwvOqE2Dny3aeGe5fiq0CHcWzaPBXg2cTQFCa+XfKPlmOBq/6lXItLiBx1U
1pd28EpwMDaXEOaHxh9TdMUA8Hu7T5qP5AjroAZkuCigmElJvOpdmvM15WXxwGcu
8M3kVovjQnD3ywDjUw58pTQ+jUVWneDJkUkV5trA0HwMBCWnTbZQVIF0czY0EWMh
QcNnx9ftg/X4O3rNztdL7QOOB+mH9luJD50BfwYWZijVgI41m7VSRB3UnInZDyjn
lafKWs/Eg1G4T0d9Bw0sf9mpP7IFvxhY+uknUB7M+kpx4OxrQH4mt2CY5wmLGDsF
zykqwdLaac+bCw==
-----END CERTIFICATE-----