Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          i3ToYUhXSkfsyRJmXhtP74mMjCxLr8ErGUAMVB5YeLM=
Subject key identifier:   97:67:77:86:D6:3B:0D:55:93:5C:68:6D:E8:EE:FC:19:55:06:EF:5B
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       019A72CA81791EB577CCA493DCEF26DEB9AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          0381
Signing time:             Tue 11 Nov 2025 12:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:05 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: jfOaaZea8ka55+ETPijrwaWrrAsTFqHkcH6ydYKdwJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:81:79:1e:b5:77:cc:a4:93:dc:ef:26:de:b9:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Nov 11 12:01:05 2025 GMT
            Not After : Nov 12 12:01:05 2025 GMT
        Subject: CN=97677786d63b0d55935c686de8eefc195506ef5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:50:46:24:49:95:5d:4c:a7:18:eb:5d:4a:d2:
                    2f:e6:5d:80:8e:93:77:9e:65:50:73:18:dc:c2:20:
                    97:79:bd:81:b3:b6:7e:ee:84:ec:1b:86:85:f2:c0:
                    46:01:0e:b8:8d:3f:49:ac:c3:80:28:29:67:41:cf:
                    cb:84:cc:21:45:24:a1:28:93:88:c4:01:de:cb:d8:
                    b8:2e:7b:18:24:ed:88:7d:4d:77:e9:49:55:26:d3:
                    c0:22:a5:cf:8c:e8:04:74:80:b8:b9:01:87:aa:a2:
                    71:65:7f:12:ed:15:42:fe:cc:7a:69:c5:af:67:03:
                    77:c6:41:22:49:ab:b6:ed:09:6b:be:2e:53:26:b1:
                    a0:f5:39:99:64:c9:dd:f8:e3:1b:22:8f:c5:f1:7b:
                    5e:64:38:be:a6:58:eb:81:32:c8:8a:01:4e:83:ff:
                    04:b1:0c:1c:24:cf:a4:bf:64:07:e6:71:2f:69:b1:
                    b5:03:7f:b4:50:f8:e9:28:dd:22:54:f2:33:95:5e:
                    8d:36:ae:1d:40:01:bb:cb:07:69:a3:19:29:29:31:
                    19:1e:bb:c9:d7:e4:85:b7:f2:d8:ef:da:cf:4b:11:
                    31:e6:82:2b:68:30:61:9d:c6:61:64:80:11:0b:24:
                    a8:be:f0:eb:da:86:e1:80:5f:7a:73:aa:a1:fc:bd:
                    fa:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:67:77:86:D6:3B:0D:55:93:5C:68:6D:E8:EE:FC:19:55:06:EF:5B
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:68:cd:98:ce:95:2b:67:eb:bc:56:b8:21:02:16:38:0f:54:
         0f:4d:aa:73:d7:e9:28:d7:89:32:a8:55:e4:45:5f:1c:71:0a:
         cf:85:ec:dc:a0:a4:25:31:18:32:db:a2:6d:6c:8b:26:d6:f7:
         a8:bc:cd:67:6d:c3:56:ba:ae:e6:9c:8f:b6:ed:08:58:ad:cc:
         27:96:46:b4:05:2a:12:d3:1e:94:44:55:4e:35:9d:3f:2a:69:
         48:57:13:48:09:33:50:21:ba:73:53:ab:11:7e:fb:fb:65:b8:
         ea:b6:02:af:07:ed:a6:57:04:af:96:5b:71:ff:3a:2a:c4:9e:
         a5:97:89:27:a0:e4:c0:58:3f:30:ec:68:a2:1a:1d:6f:8b:87:
         83:b6:cb:09:57:a7:46:e6:2c:2a:fd:30:74:e9:9d:51:ac:0f:
         dc:75:50:32:ae:c8:82:96:fe:92:89:36:2f:a0:b2:9e:05:d8:
         bc:94:19:f3:36:f5:24:9e:2f:6b:d8:8e:01:87:90:3f:45:cb:
         46:3b:f0:d1:24:35:a5:68:96:b7:e6:57:1b:de:05:21:9c:a7:
         65:3c:23:7f:1b:18:4a:03:ec:c5:9a:6c:60:de:82:09:9f:28:
         e9:33:7f:7c:67:6c:51:e7:49:f7:b5:40:bd:3f:df:89:0c:2c:
         c2:95:21:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyoF5HrV3zKST3O8m3rmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjUxMTExMTIwMTA1WhcNMjUxMTEyMTIwMTA1WjAzMTEwLwYDVQQD
Eyg5NzY3Nzc4NmQ2M2IwZDU1OTM1YzY4NmRlOGVlZmMxOTU1MDZlZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFBGJEmVXUynGOtdStIv5l2AjpN3
nmVQcxjcwiCXeb2Bs7Z+7oTsG4aF8sBGAQ64jT9JrMOAKClnQc/LhMwhRSShKJOI
xAHey9i4LnsYJO2IfU136UlVJtPAIqXPjOgEdIC4uQGHqqJxZX8S7RVC/sx6acWv
ZwN3xkEiSau27Qlrvi5TJrGg9TmZZMnd+OMbIo/F8XteZDi+pljrgTLIigFOg/8E
sQwcJM+kv2QH5nEvabG1A3+0UPjpKN0iVPIzlV6NNq4dQAG7ywdpoxkpKTEZHrvJ
1+SFt/LY79rPSxEx5oIraDBhncZhZIARCySovvDr2obhgF96c6qh/L369wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdnd4bWOw1Vk1xobeju/BlVBu9bMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmjNmM6V
K2frvFa4IQIWOA9UD02qc9fpKNeJMqhV5EVfHHEKz4Xs3KCkJTEYMtuibWyLJtb3
qLzNZ23DVrqu5pyPtu0IWK3MJ5ZGtAUqEtMelERVTjWdPyppSFcTSAkzUCG6c1Or
EX77+2W46rYCrwftplcEr5Zbcf86KsSepZeJJ6DkwFg/MOxoohodb4uHg7bLCVen
RuYsKv0wdOmdUawP3HVQMq7Igpb+kok2L6CyngXYvJQZ8zb1JJ4va9iOAYeQP0XL
Rjvw0SQ1pWiWt+ZXG94FIZynZTwjfxsYSgPsxZpsYN6CCZ8o6TN/fGdsUedJ97VA
vT/fiQwswpUhMg==
-----END CERTIFICATE-----