Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          H4/nt7cqoaP7EzFbVCbuwhDDxlNULFJBfPeAn4wCvm8=
Subject key identifier:   3B:DD:F8:A8:B4:A1:74:39:AB:4D:9E:0A:B1:86:F8:5E:28:EE:F6:F3
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       019A714A1D0A2F123349D929F2DEAD79FB67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          02F8
Signing time:             Tue 11 Nov 2025 05:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:13 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: jImfoV7TsuY1jU7bZS4SNJxT8XRxMT0SHzIb7BNmNlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:1d:0a:2f:12:33:49:d9:29:f2:de:ad:79:fb:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Nov 11 05:01:13 2025 GMT
            Not After : Nov 12 05:01:13 2025 GMT
        Subject: CN=3bddf8a8b4a17439ab4d9e0ab186f85e28eef6f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:38:33:b2:3a:bd:8b:56:d8:cf:6c:90:9f:6c:
                    8d:36:39:22:2d:4d:77:e7:b0:05:e4:82:a5:2a:17:
                    81:ba:99:b2:09:d3:b2:8a:c5:50:f7:32:7c:da:b7:
                    ae:ad:bc:f1:8b:25:31:0b:84:b3:23:59:f1:7f:cd:
                    ef:cc:ff:ab:83:5e:01:44:4f:1e:14:59:bc:d3:c2:
                    9d:14:a2:e1:e2:b6:81:6a:58:82:28:85:ba:96:92:
                    f4:0a:4c:8e:24:f2:33:12:ec:45:55:d5:42:57:46:
                    c9:79:8b:d4:e1:b3:6b:d6:d3:bd:93:20:3a:5e:bf:
                    35:cf:1b:b0:d3:64:37:15:3a:a1:85:d8:be:78:a5:
                    3a:77:cb:77:fc:2e:a4:36:57:6a:86:f4:cf:dd:24:
                    5b:ec:db:9f:f3:ac:32:fb:ba:53:41:21:cf:8c:4c:
                    6f:66:a0:8b:b9:b2:82:77:53:cc:44:2c:c1:85:fe:
                    f3:03:51:25:af:15:3f:74:9a:88:71:1b:cc:26:e8:
                    5d:3c:58:0e:b2:53:27:1d:a6:5d:67:b3:87:dd:e8:
                    85:ea:57:ed:58:fe:12:48:6d:10:1b:8a:cf:34:30:
                    4a:1f:c7:ea:43:3e:6b:91:06:8b:68:ca:ff:75:34:
                    9b:3d:59:c0:dd:d1:77:f0:3a:68:15:7f:fb:ef:40:
                    01:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:DD:F8:A8:B4:A1:74:39:AB:4D:9E:0A:B1:86:F8:5E:28:EE:F6:F3
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:a4:e5:07:53:3e:65:61:ff:7f:6e:24:6b:bf:b3:f6:07:bc:
         a1:b2:f5:17:62:02:56:96:e7:f1:00:e0:ad:09:1c:cb:33:61:
         39:6b:1d:c2:4a:4c:cb:b4:19:1e:bc:3e:a7:4e:f4:d8:37:cb:
         a7:af:54:f1:38:e2:c1:1a:bf:a4:8c:d8:2a:ab:ec:52:8c:02:
         87:df:b8:75:ef:ba:5f:05:20:e0:3e:2b:1a:65:83:25:4d:bc:
         9b:8c:63:58:2b:69:77:12:3d:ca:da:d9:b7:ea:fd:ea:ee:82:
         4d:3c:48:28:73:25:85:05:d0:17:21:19:b7:ec:f1:a4:c2:5b:
         57:2a:f1:5e:53:bd:c2:cc:ef:b5:1e:06:a8:2a:61:c1:2b:6c:
         f1:d1:ed:7c:cf:c5:af:fb:fd:a6:fc:ba:59:6e:ef:1c:9c:9c:
         75:2b:a4:60:12:a9:88:ef:8f:f5:5f:51:82:40:25:00:a3:ac:
         68:4e:80:f1:26:3b:d6:c8:a4:fc:7c:31:93:b5:f8:88:6f:df:
         ea:94:dc:a9:d2:16:fe:2b:a4:4f:ef:36:d7:c6:92:74:45:a4:
         6a:95:35:33:0e:21:25:3c:8f:a4:02:3c:0a:ea:55:67:a4:f9:
         0f:77:3a:75:61:e7:f5:8f:7e:02:da:e0:01:2d:3a:86:1d:e4:
         17:da:2d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSh0KLxIzSdkp8t6teftnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjUxMTExMDUwMTEzWhcNMjUxMTEyMDUwMTEzWjAzMTEwLwYDVQQD
EygzYmRkZjhhOGI0YTE3NDM5YWI0ZDllMGFiMTg2Zjg1ZTI4ZWVmNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjgzsjq9i1bYz2yQn2yNNjkiLU13
57AF5IKlKheBupmyCdOyisVQ9zJ82reurbzxiyUxC4SzI1nxf83vzP+rg14BRE8e
FFm808KdFKLh4raBaliCKIW6lpL0CkyOJPIzEuxFVdVCV0bJeYvU4bNr1tO9kyA6
Xr81zxuw02Q3FTqhhdi+eKU6d8t3/C6kNldqhvTP3SRb7Nuf86wy+7pTQSHPjExv
ZqCLubKCd1PMRCzBhf7zA1ElrxU/dJqIcRvMJuhdPFgOslMnHaZdZ7OH3eiF6lft
WP4SSG0QG4rPNDBKH8fqQz5rkQaLaMr/dTSbPVnA3dF38DpoFX/770ABeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvd+Ki0oXQ5q02eCrGG+F4o7vbzMB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaTlB1M+
ZWH/f24ka7+z9ge8obL1F2ICVpbn8QDgrQkcyzNhOWsdwkpMy7QZHrw+p0702DfL
p69U8TjiwRq/pIzYKqvsUowCh9+4de+6XwUg4D4rGmWDJU28m4xjWCtpdxI9ytrZ
t+r96u6CTTxIKHMlhQXQFyEZt+zxpMJbVyrxXlO9wszvtR4GqCphwSts8dHtfM/F
r/v9pvy6WW7vHJycdSukYBKpiO+P9V9RgkAlAKOsaE6A8SY71sik/Hwxk7X4iG/f
6pTcqdIW/iukT+8218aSdEWkapU1Mw4hJTyPpAI8CupVZ6T5D3c6dWHn9Y9+Atrg
AS06hh3kF9otsg==
-----END CERTIFICATE-----