Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
File:                     qwJca7PczxsWUUnChzwEsabH2no.mft (raw, json)
Hash identifier:          P1W75CNYc9T31I7Z5oM+edkL9q0LVclNJKkbkv3dVO8=
Subject key identifier:   B0:1A:21:A4:85:B0:A6:98:A8:0E:DB:7A:B5:C5:47:E6:44:A1:2B:A0
Authority key identifier: AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A
Certificate issuer:       /CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
Certificate serial:       019A71B7EE386FE2AD5AB622E4332AFF890B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
Manifest number:          0BDB
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: qwJca7PczxsWUUnChzwEsabH2no.crl (hash: Pqk9t5A1VmHzEcbavh6VA7LB06ySjKwXADVOS4Nztfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ee:38:6f:e2:ad:5a:b6:22:e4:33:2a:ff:89:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=b01a21a485b0a698a80edb7ab5c547e644a12ba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:18:17:73:65:11:a0:43:e9:9b:d8:29:db:94:
                    ce:b4:01:4f:c9:e3:a9:20:5d:f8:29:0b:00:a9:28:
                    19:23:60:64:8d:04:a9:3e:0c:e0:ae:06:bf:e5:37:
                    db:5c:71:59:d5:56:d0:df:ec:29:2a:52:e1:50:25:
                    35:96:aa:25:3f:b8:ea:e6:59:06:d1:e0:2d:b9:de:
                    54:f0:fc:28:af:bc:fb:83:2a:71:79:e1:aa:d6:98:
                    8f:60:4c:e8:a1:f6:3f:43:76:27:8a:f5:21:48:95:
                    ce:f3:44:6a:73:86:39:28:d5:98:4d:b8:38:93:8b:
                    4a:f3:52:52:47:74:f3:9b:bd:90:f3:c6:4d:36:b9:
                    0f:2d:bd:ba:d3:8a:0d:0b:28:e0:7c:4e:5e:04:a4:
                    a7:39:3b:be:1b:b0:04:37:89:55:ad:1d:a9:21:09:
                    a8:2f:ac:66:2e:e2:86:70:c2:c3:23:12:05:cd:aa:
                    99:25:8c:5a:0c:a7:3e:8a:3a:a8:06:02:12:fd:0f:
                    92:6e:ac:a3:e3:03:44:8c:19:4b:5d:85:14:e7:69:
                    b0:00:95:64:d3:66:68:d1:33:ad:7e:e3:70:70:34:
                    d5:9e:b5:51:cd:06:7b:c9:0b:48:fd:2b:6b:4d:e8:
                    1a:7d:9a:38:b0:f3:a0:ff:67:b2:2e:8f:d4:63:57:
                    6e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:1A:21:A4:85:B0:A6:98:A8:0E:DB:7A:B5:C5:47:E6:44:A1:2B:A0
            X509v3 Authority Key Identifier:
                keyid:AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:b9:70:38:98:7d:51:ed:bb:ff:b2:a1:bd:ad:de:12:e1:8b:
         f1:34:d4:3d:cd:3e:44:e0:01:4f:b5:c8:3e:7f:0d:c7:5e:19:
         51:83:ae:ca:44:11:25:cc:b1:d7:4e:32:e8:ca:73:16:19:9c:
         36:64:f9:7b:eb:b4:75:0a:82:5a:fb:2c:9f:7d:74:dc:8b:13:
         27:80:38:9e:7b:4f:ac:4a:fd:e8:ad:fd:f9:dc:44:be:4a:96:
         c8:20:5b:85:d3:3b:fe:2d:e7:2b:c6:80:1f:72:e9:f2:35:17:
         eb:c2:19:8f:b3:62:bd:cb:b7:95:d9:ab:0b:7d:46:6b:93:22:
         fe:44:bb:5a:a9:17:8b:55:31:b1:1f:36:f4:14:14:84:d4:90:
         33:3d:3d:e5:e1:9e:74:92:77:75:c2:25:73:60:a0:d2:21:57:
         91:6e:ac:3a:ab:a8:96:4f:0b:32:f4:3f:9c:63:3e:77:85:27:
         0b:52:30:1f:de:f7:c7:4d:3d:af:98:d7:86:1e:c2:10:c8:ba:
         d1:e4:a9:b3:cc:2a:3d:26:53:ce:0d:7b:5d:49:88:e6:00:d6:
         84:34:1c:70:31:9a:7c:f2:cb:df:ee:5a:ed:fe:00:53:d6:b9:
         6d:fd:8c:f6:b2:62:66:51:2b:12:8e:d9:6e:ec:26:f3:53:36:
         8c:9a:2b:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+44b+KtWrYi5DMq/4kLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDI1YzZiYjNkY2NmMWIxNjUxNDljMjg3M2MwNGIxYTZj
N2RhN2EwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
EyhiMDFhMjFhNDg1YjBhNjk4YTgwZWRiN2FiNWM1NDdlNjQ0YTEyYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxgXc2URoEPpm9gp25TOtAFPyeOp
IF34KQsAqSgZI2BkjQSpPgzgrga/5TfbXHFZ1VbQ3+wpKlLhUCU1lqolP7jq5lkG
0eAtud5U8Pwor7z7gypxeeGq1piPYEzoofY/Q3YnivUhSJXO80Rqc4Y5KNWYTbg4
k4tK81JSR3Tzm72Q88ZNNrkPLb2604oNCyjgfE5eBKSnOTu+G7AEN4lVrR2pIQmo
L6xmLuKGcMLDIxIFzaqZJYxaDKc+ijqoBgIS/Q+Sbqyj4wNEjBlLXYUU52mwAJVk
02Zo0TOtfuNwcDTVnrVRzQZ7yQtI/StrTegafZo4sPOg/2eyLo/UY1duxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAaIaSFsKaYqA7berXFR+ZEoSugMB8GA1UdIwQY
MBaAFKsCXGuz3M8bFlFJwoc8BLGmx9p6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAt
ZmU3NzQ3M2UzZGNmLzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAtZmU3NzQ3M2UzZGNm
LzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGrlwOJh9
Ue27/7Khva3eEuGL8TTUPc0+ROABT7XIPn8Nx14ZUYOuykQRJcyx104y6MpzFhmc
NmT5e+u0dQqCWvssn3103IsTJ4A4nntPrEr96K39+dxEvkqWyCBbhdM7/i3nK8aA
H3Lp8jUX68IZj7Nivcu3ldmrC31Ga5Mi/kS7WqkXi1UxsR829BQUhNSQMz095eGe
dJJ3dcIlc2Cg0iFXkW6sOquolk8LMvQ/nGM+d4UnC1IwH973x009r5jXhh7CEMi6
0eSps8wqPSZTzg17XUmI5gDWhDQccDGafPLL3+5a7f4AU9a5bf2M9rJiZlErEo7Z
buwm81M2jJorbQ==
-----END CERTIFICATE-----