Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
File:                     qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft (raw, json)
Hash identifier:          vAPZZkwKUlR2Qk1uyQhWXkiCQTs2kDxnleD3RemNlD0=
Subject key identifier:   3B:80:B1:E7:2A:B4:6B:2D:16:8B:A7:EA:6F:7C:40:2B:00:6F:BA:8D
Authority key identifier: A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F
Certificate issuer:       /CN=a9240f027a9409229c59ff630aa2a80f9378a93f
Certificate serial:       019A70DC47C90544C6214EF090BABCE6A639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
Manifest number:          1271
Signing time:             Tue 11 Nov 2025 03:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:15 +0000
Files and hashes:         1: qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl (hash: HCE41ng7ZNYOtwrx9QSqMLa32OE8Rtmxz3rDMsHfiJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:47:c9:05:44:c6:21:4e:f0:90:ba:bc:e6:a6:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9240f027a9409229c59ff630aa2a80f9378a93f
        Validity
            Not Before: Nov 11 03:01:15 2025 GMT
            Not After : Nov 12 03:01:15 2025 GMT
        Subject: CN=3b80b1e72ab46b2d168ba7ea6f7c402b006fba8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d7:bb:36:7e:b3:fe:4d:9d:91:8f:f9:1a:f5:
                    55:79:17:96:7a:f4:5d:b3:c1:8c:56:40:d3:b3:14:
                    36:8e:f2:2e:cf:dd:df:41:53:b8:e1:57:15:18:9a:
                    86:b2:bb:b6:d4:0a:a1:09:ab:a5:bc:be:62:f3:96:
                    43:4f:a8:59:1f:3f:ce:7e:5b:6f:e5:76:ba:1a:ab:
                    43:32:32:d5:15:cc:3d:af:94:35:2d:d3:1d:9a:39:
                    ec:89:13:7e:f2:ec:dc:d5:db:18:35:3a:d9:e2:79:
                    ae:f7:a8:10:24:f3:9e:df:8b:5e:0d:08:65:e8:db:
                    9f:4c:68:36:56:8e:e2:a6:9a:1e:98:8c:18:08:94:
                    96:76:61:d2:51:08:ab:34:05:2d:5d:12:63:33:3f:
                    13:eb:61:9c:a1:e1:ad:4d:8a:68:35:09:58:d1:37:
                    0c:9c:bd:11:93:37:83:e6:35:08:57:ad:18:dd:d2:
                    61:9a:c3:85:b2:3e:fb:85:f6:88:3d:e3:cc:c7:dd:
                    ea:12:02:ae:9b:9b:1a:3e:12:8b:b2:86:70:bf:b5:
                    86:fc:45:05:9d:80:ad:03:2a:83:25:cd:74:06:48:
                    33:b2:79:3c:01:fe:35:dc:d8:7b:08:49:a7:1c:a9:
                    ec:81:7e:18:e0:0d:a2:fb:92:83:d2:e0:96:91:65:
                    08:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:80:B1:E7:2A:B4:6B:2D:16:8B:A7:EA:6F:7C:40:2B:00:6F:BA:8D
            X509v3 Authority Key Identifier:
                keyid:A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:96:57:34:8b:95:02:e2:49:6e:d6:b1:62:91:4c:95:a5:6c:
         04:9a:52:b3:ae:48:4a:32:33:7b:46:0a:8b:ed:35:88:ed:f4:
         94:39:dc:6f:a8:85:7b:08:7f:84:40:e6:04:44:c6:f9:54:f0:
         36:e7:f6:e3:c8:f4:ca:67:38:23:55:9c:66:62:c1:8c:89:3f:
         85:71:8c:bf:9c:f4:06:ab:b6:0b:bd:21:05:57:4f:a8:9a:df:
         7d:7a:2f:53:8b:49:c0:a8:24:72:0b:8c:d5:c7:70:ab:1f:22:
         fd:52:a1:f7:41:85:11:f1:b4:82:65:fa:65:e6:81:45:2e:44:
         02:b4:c6:b0:e6:6d:b9:be:19:fb:8e:18:f2:6f:3c:8a:d1:b3:
         0f:98:d0:30:43:e4:25:d7:53:ed:9a:a1:85:db:90:96:9d:5d:
         b8:bd:14:95:8f:b8:7e:bf:c6:85:41:c7:59:a3:0c:25:b4:af:
         a5:cf:0f:0c:53:5d:fe:be:79:16:9a:bb:cf:8d:cd:59:da:12:
         0c:cc:c8:04:4b:17:d1:3c:96:2c:69:00:1b:0b:06:b2:88:73:
         2e:2a:53:65:5e:6b:e8:4a:76:04:91:00:df:1d:40:74:e5:d0:
         18:a9:4d:1f:41:ab:74:a7:01:a0:f9:03:4a:51:ba:e7:5f:03:
         3f:44:3b:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3EfJBUTGIU7wkLq85qY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjQwZjAyN2E5NDA5MjI5YzU5ZmY2MzBhYTJhODBmOTM3
OGE5M2YwHhcNMjUxMTExMDMwMTE1WhcNMjUxMTEyMDMwMTE1WjAzMTEwLwYDVQQD
EygzYjgwYjFlNzJhYjQ2YjJkMTY4YmE3ZWE2ZjdjNDAyYjAwNmZiYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvte7Nn6z/k2dkY/5GvVVeReWevRd
s8GMVkDTsxQ2jvIuz93fQVO44VcVGJqGsru21AqhCaulvL5i85ZDT6hZHz/Ofltv
5Xa6GqtDMjLVFcw9r5Q1LdMdmjnsiRN+8uzc1dsYNTrZ4nmu96gQJPOe34teDQhl
6NufTGg2Vo7ippoemIwYCJSWdmHSUQirNAUtXRJjMz8T62GcoeGtTYpoNQlY0TcM
nL0RkzeD5jUIV60Y3dJhmsOFsj77hfaIPePMx93qEgKum5saPhKLsoZwv7WG/EUF
nYCtAyqDJc10Bkgzsnk8Af413Nh7CEmnHKnsgX4Y4A2i+5KD0uCWkWUIiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuAsecqtGstFoun6m98QCsAb7qNMB8GA1UdIwQY
MBaAFKkkDwJ6lAkinFn/YwqiqA+TeKk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2Qt
M2QxYjNhODZjZTg3LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2QtM2QxYjNhODZjZTg3
LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABpZXNIuV
AuJJbtaxYpFMlaVsBJpSs65ISjIze0YKi+01iO30lDncb6iFewh/hEDmBETG+VTw
Nuf248j0ymc4I1WcZmLBjIk/hXGMv5z0Bqu2C70hBVdPqJrffXovU4tJwKgkcguM
1cdwqx8i/VKh90GFEfG0gmX6ZeaBRS5EArTGsOZtub4Z+44Y8m88itGzD5jQMEPk
JddT7ZqhhduQlp1duL0UlY+4fr/GhUHHWaMMJbSvpc8PDFNd/r55Fpq7z43NWdoS
DMzIBEsX0TyWLGkAGwsGsohzLipTZV5r6Ep2BJEA3x1AdOXQGKlNH0GrdKcBoPkD
SlG6518DP0Q7WA==
-----END CERTIFICATE-----