Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
File:                     QpBWwzjRbJLN_aHlXQk2givFDNI.mft (raw, json)
Hash identifier:          76LMVr7PWjdypOmaYugDJVm10HUWAvrJ7IhOtThtk58=
Subject key identifier:   34:90:E3:16:E9:0D:AF:06:1A:C6:C4:D1:1C:91:A7:3E:FC:5B:AA:58
Authority key identifier: 42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2
Certificate issuer:       /CN=429056c338d16c92cdfda1e55d0936822bc50cd2
Certificate serial:       019A725CCC2DEB5900F146D0174F1CEF209A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
Manifest number:          05B4
Signing time:             Tue 11 Nov 2025 10:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:15 +0000
Files and hashes:         1: QpBWwzjRbJLN_aHlXQk2givFDNI.crl (hash: gMNO9MSEab9fYuLXeZOn9cB/tOTd0/vm7RJiVlCWBa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:cc:2d:eb:59:00:f1:46:d0:17:4f:1c:ef:20:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429056c338d16c92cdfda1e55d0936822bc50cd2
        Validity
            Not Before: Nov 11 10:01:15 2025 GMT
            Not After : Nov 12 10:01:15 2025 GMT
        Subject: CN=3490e316e90daf061ac6c4d11c91a73efc5baa58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:a8:d1:ec:54:06:e2:f4:83:2e:40:25:19:10:
                    e2:28:3e:10:66:cd:85:d2:1b:41:e6:56:a7:01:ed:
                    46:bf:61:5d:fe:5e:16:7b:27:56:9b:a9:4d:44:fe:
                    5f:c7:52:c4:b3:40:3e:43:66:61:df:82:48:70:21:
                    31:78:25:8d:03:8b:f5:75:f4:ec:41:00:eb:e7:98:
                    f3:2c:75:84:53:4a:a3:dd:4d:ee:53:25:61:7c:6d:
                    14:57:2b:ee:60:8a:65:63:67:e0:fa:f0:0d:f3:83:
                    ac:8a:ad:8d:81:07:55:fb:4d:a5:84:73:dd:a9:78:
                    67:5b:4c:7a:50:23:89:38:55:97:1c:a1:4f:cf:bb:
                    bb:52:85:f9:3d:6c:58:51:80:c9:d5:50:59:7e:22:
                    42:a7:89:37:cf:a7:3c:50:3f:33:9a:1f:6c:d1:b4:
                    37:0b:63:bd:29:ac:4e:2d:2a:dc:6f:3d:40:c2:a2:
                    b6:77:9f:37:9e:ee:d5:b8:06:e5:e9:04:16:d4:38:
                    09:af:45:ff:78:a5:07:f2:ff:37:58:ab:4f:d0:cb:
                    48:49:4c:4a:ef:d2:5f:d8:c4:8c:c0:3a:11:52:be:
                    18:2e:c7:25:50:4b:67:5b:5e:de:59:40:04:13:dc:
                    41:5b:42:b0:08:73:49:d1:9f:16:e9:37:90:93:c5:
                    15:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:90:E3:16:E9:0D:AF:06:1A:C6:C4:D1:1C:91:A7:3E:FC:5B:AA:58
            X509v3 Authority Key Identifier:
                keyid:42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:e2:e1:81:b2:d9:be:4c:d0:04:af:e9:1a:64:5a:50:26:d6:
         3d:b6:75:47:4b:0d:04:7c:bd:33:76:af:5e:11:f9:c4:a0:71:
         24:e7:eb:8e:99:a3:14:6d:37:27:84:69:4d:4a:fa:aa:f9:ed:
         f4:ab:f5:af:f1:e8:ac:eb:8d:56:0f:c6:18:29:e8:f8:ae:78:
         21:ac:9c:e1:72:08:92:b7:e0:58:c7:ec:83:4d:b9:78:70:b8:
         81:0c:d7:d1:40:8d:5c:58:3c:5b:a8:a1:82:32:4c:bd:1e:d9:
         60:c4:f2:73:fe:64:15:30:48:d6:35:d5:ab:ad:8b:f9:fc:a6:
         ad:53:5e:8d:2f:2f:69:4a:a5:4c:37:00:32:5a:90:88:28:d9:
         10:07:83:28:ba:9f:1d:13:e7:58:8f:32:00:88:48:02:67:3d:
         e0:87:ff:e5:ca:e9:29:da:24:72:c2:c9:02:9d:f6:4f:6b:a0:
         c3:57:78:22:02:f0:37:dd:37:f6:09:19:6a:2c:ba:9b:35:8d:
         a4:85:c2:65:2e:fa:31:c9:70:5e:c8:35:99:dd:36:30:20:4a:
         0d:91:2e:65:e9:00:1e:34:d8:0e:b1:58:eb:5d:78:b7:a6:b7:
         0a:3f:1e:08:7f:81:0b:1e:c6:4d:86:c4:e9:0c:95:2a:00:00:
         21:cf:e1:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMwt61kA8UbQF08c7yCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTA1NmMzMzhkMTZjOTJjZGZkYTFlNTVkMDkzNjgyMmJj
NTBjZDIwHhcNMjUxMTExMTAwMTE1WhcNMjUxMTEyMTAwMTE1WjAzMTEwLwYDVQQD
EygzNDkwZTMxNmU5MGRhZjA2MWFjNmM0ZDExYzkxYTczZWZjNWJhYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qjR7FQG4vSDLkAlGRDiKD4QZs2F
0htB5lanAe1Gv2Fd/l4WeydWm6lNRP5fx1LEs0A+Q2Zh34JIcCExeCWNA4v1dfTs
QQDr55jzLHWEU0qj3U3uUyVhfG0UVyvuYIplY2fg+vAN84Osiq2NgQdV+02lhHPd
qXhnW0x6UCOJOFWXHKFPz7u7UoX5PWxYUYDJ1VBZfiJCp4k3z6c8UD8zmh9s0bQ3
C2O9KaxOLSrcbz1AwqK2d583nu7VuAbl6QQW1DgJr0X/eKUH8v83WKtP0MtISUxK
79Jf2MSMwDoRUr4YLsclUEtnW17eWUAEE9xBW0KwCHNJ0Z8W6TeQk8UV0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSQ4xbpDa8GGsbE0RyRpz78W6pYMB8GA1UdIwQY
MBaAFEKQVsM40WySzf2h5V0JNoIrxQzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUt
N2YyMWQ5YmVmYzJjLzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUtN2YyMWQ5YmVmYzJj
LzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+LhgbLZ
vkzQBK/pGmRaUCbWPbZ1R0sNBHy9M3avXhH5xKBxJOfrjpmjFG03J4RpTUr6qvnt
9Kv1r/HorOuNVg/GGCno+K54Iayc4XIIkrfgWMfsg025eHC4gQzX0UCNXFg8W6ih
gjJMvR7ZYMTyc/5kFTBI1jXVq62L+fymrVNejS8vaUqlTDcAMlqQiCjZEAeDKLqf
HRPnWI8yAIhIAmc94If/5crpKdokcsLJAp32T2ugw1d4IgLwN9039gkZaiy6mzWN
pIXCZS76MclwXsg1md02MCBKDZEuZekAHjTYDrFY6114t6a3Cj8eCH+BCx7GTYbE
6QyVKgAAIc/h9w==
-----END CERTIFICATE-----