Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft (raw, json)
Hash identifier:          35w6lxq3SWXtTupTfmOiblrAlU2OITp/L8XaCZkbyvQ=
Subject key identifier:   F7:67:AF:F3:67:50:E4:29:0B:7C:B6:62:78:3A:9A:7E:2D:B7:76:FB
Authority key identifier: AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Certificate issuer:       /CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
Certificate serial:       019A7225A5FC5FE809D2624FC21CEA378ABC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
Manifest number:          0FA1
Signing time:             Tue 11 Nov 2025 09:01:00 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:00 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:00 +0000
Files and hashes:         1: qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl (hash: tM9SW74paOWiy+dH+JIJc8RkNNSNVQqKb4qzIfjyk6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:a5:fc:5f:e8:09:d2:62:4f:c2:1c:ea:37:8a:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Validity
            Not Before: Nov 11 09:01:00 2025 GMT
            Not After : Nov 12 09:01:00 2025 GMT
        Subject: CN=f767aff36750e4290b7cb662783a9a7e2db776fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:eb:14:a2:7b:86:84:af:44:24:1d:ac:c4:a0:
                    c2:64:a4:ee:88:be:69:c3:c1:df:ff:08:be:48:87:
                    1a:9d:6a:72:8c:01:a4:28:aa:30:eb:6e:e4:dc:33:
                    5b:99:e7:2e:df:e0:00:e9:a1:14:3f:fb:62:98:93:
                    26:a7:2e:29:e6:aa:a3:8d:cd:e3:b2:5c:8b:04:11:
                    67:9d:58:28:9d:e3:b9:d3:bb:c3:22:ad:0b:b2:2a:
                    34:11:f4:65:05:c7:d8:e9:db:65:3d:58:5b:1a:5c:
                    e7:a6:dc:31:c0:ae:4a:db:da:1b:2b:1f:53:a4:02:
                    07:8d:70:dc:84:ec:8e:47:6a:b7:3c:ac:98:fa:1e:
                    44:c9:7e:7c:0b:35:9b:11:d0:5b:c4:d4:a5:2f:79:
                    a2:77:08:13:f1:46:ec:c4:3e:47:56:53:44:3c:e8:
                    97:de:c4:b1:94:24:2d:83:c1:d3:6e:ba:e3:1b:0c:
                    4b:89:02:0e:28:d4:8f:93:9d:e7:92:69:78:cd:83:
                    3e:db:40:4a:50:a0:34:86:b6:24:98:df:79:07:74:
                    0e:60:23:af:da:d5:52:15:ff:ca:6b:49:06:6e:4d:
                    f0:04:8f:61:5a:96:c9:dd:55:9a:07:a0:92:ce:77:
                    f6:06:19:73:70:20:64:54:24:40:65:dc:fb:1e:da:
                    03:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:67:AF:F3:67:50:E4:29:0B:7C:B6:62:78:3A:9A:7E:2D:B7:76:FB
            X509v3 Authority Key Identifier:
                keyid:AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:fb:ec:04:a3:0b:a3:f6:78:fe:ea:5c:cb:60:b3:48:1f:d5:
         7f:fe:9b:43:5d:d9:95:10:98:21:61:e9:4d:4a:7a:9a:e2:88:
         cd:14:6a:41:52:a0:70:51:43:4e:8a:7c:17:84:5f:1b:13:38:
         18:d6:1b:57:d1:95:39:0c:5a:b5:81:97:60:86:e9:6d:e0:f1:
         02:9c:a5:eb:74:88:74:87:8d:9f:5c:d5:c9:17:e7:61:55:90:
         fe:ec:fa:31:89:b2:86:40:e8:d6:cd:1e:b4:fb:76:d2:cb:71:
         55:9a:b4:b1:f2:7c:5b:3a:26:44:d9:cc:e8:74:22:e7:eb:2b:
         43:bf:76:23:69:4a:4f:fc:a5:62:11:29:b0:6c:d6:be:f3:92:
         1f:3b:d7:69:f6:ca:0d:2d:39:23:13:65:63:30:39:5d:83:eb:
         39:ea:df:b1:bd:2a:55:64:a7:9c:0a:eb:31:72:e9:d5:e7:71:
         e9:f4:84:c5:f3:57:c0:3e:2c:82:9c:71:c6:19:07:f8:6c:a7:
         5f:cb:cd:e1:0a:b8:be:7a:c6:d0:a4:f1:3d:a8:4e:a1:8e:fd:
         de:9b:2a:df:ac:a3:5a:58:6a:e3:34:96:8d:42:f5:b5:84:d9:
         b8:e1:ae:8b:dc:8d:7d:66:c5:40:cd:73:d3:c1:9c:96:b2:ae:
         88:e7:1c:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaX8X+gJ0mJPwhzqN4q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE3MDc5MzhiYTYyZmUxOWU2NDc0ZGFjNzg3ZGYzZjhj
ZmRlZTQwHhcNMjUxMTExMDkwMTAwWhcNMjUxMTEyMDkwMTAwWjAzMTEwLwYDVQQD
EyhmNzY3YWZmMzY3NTBlNDI5MGI3Y2I2NjI3ODNhOWE3ZTJkYjc3NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAousUonuGhK9EJB2sxKDCZKTuiL5p
w8Hf/wi+SIcanWpyjAGkKKow627k3DNbmecu3+AA6aEUP/timJMmpy4p5qqjjc3j
slyLBBFnnVgoneO507vDIq0Lsio0EfRlBcfY6dtlPVhbGlznptwxwK5K29obKx9T
pAIHjXDchOyOR2q3PKyY+h5EyX58CzWbEdBbxNSlL3midwgT8UbsxD5HVlNEPOiX
3sSxlCQtg8HTbrrjGwxLiQIOKNSPk53nkml4zYM+20BKUKA0hrYkmN95B3QOYCOv
2tVSFf/Ka0kGbk3wBI9hWpbJ3VWaB6CSznf2BhlzcCBkVCRAZdz7HtoDewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdnr/NnUOQpC3y2Yng6mn4tt3b7MB8GA1UdIwQY
MBaAFKoqcHk4umL+GeZHTax4ffP4z97kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMt
ZDcxNmY0MDY4MTM5LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMtZDcxNmY0MDY4MTM5
LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARvvsBKML
o/Z4/upcy2CzSB/Vf/6bQ13ZlRCYIWHpTUp6muKIzRRqQVKgcFFDTop8F4RfGxM4
GNYbV9GVOQxatYGXYIbpbeDxApyl63SIdIeNn1zVyRfnYVWQ/uz6MYmyhkDo1s0e
tPt20stxVZq0sfJ8WzomRNnM6HQi5+srQ792I2lKT/ylYhEpsGzWvvOSHzvXafbK
DS05IxNlYzA5XYPrOerfsb0qVWSnnArrMXLp1edx6fSExfNXwD4sgpxxxhkH+Gyn
X8vN4Qq4vnrG0KTxPahOoY793psq36yjWlhq4zSWjUL1tYTZuOGui9yNfWbFQM1z
08GclrKuiOcc9A==
-----END CERTIFICATE-----