Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
File:                     qhC-mR89uJUJcQwgZ233qKS_4bQ.mft (raw, json)
Hash identifier:          hABYoJ6TDBtSI9r56eaDHBrg01A61OGJ6uG/EdeKDDo=
Subject key identifier:   32:E1:BE:7B:24:FE:EF:EB:0A:A9:27:8E:31:E3:1C:64:9F:19:AD:AF
Authority key identifier: AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4
Certificate issuer:       /CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
Certificate serial:       019A70A52D4EC606D82FFEE696A5405DE1A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
Manifest number:          0B2B
Signing time:             Tue 11 Nov 2025 02:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:04 +0000
Files and hashes:         1: qhC-mR89uJUJcQwgZ233qKS_4bQ.crl (hash: QdebZ4PutrUipZ0YplyuWQVbEKmUfNwAaWYK63+3HZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:2d:4e:c6:06:d8:2f:fe:e6:96:a5:40:5d:e1:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
        Validity
            Not Before: Nov 11 02:01:04 2025 GMT
            Not After : Nov 12 02:01:04 2025 GMT
        Subject: CN=32e1be7b24feefeb0aa9278e31e31c649f19adaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5f:7d:57:cc:04:13:9f:07:bd:7e:e0:2e:8e:
                    0d:96:00:30:78:cf:02:27:34:26:af:da:67:35:08:
                    2b:c7:15:ca:75:66:bd:7c:6f:90:5f:f2:85:5e:af:
                    0d:7d:a0:07:f2:92:9e:8e:6b:56:ad:02:29:30:49:
                    05:62:68:4c:46:62:da:8a:b3:fe:c9:b6:90:9f:eb:
                    56:5b:c2:a8:e0:9a:38:39:d5:a6:bf:59:45:f2:60:
                    aa:3b:47:4a:fa:4e:05:f3:ee:0b:a9:12:72:b4:44:
                    83:5d:fd:c0:4a:c4:05:b9:e9:98:84:5d:5a:b8:92:
                    94:06:98:0d:a5:b7:94:6c:77:14:62:e8:84:48:af:
                    a6:0e:46:73:a2:f5:b3:29:b4:5e:57:df:c6:e4:7e:
                    3f:99:42:21:1c:07:41:84:97:a6:ab:fb:7d:7d:2a:
                    e5:6f:d3:d1:57:e4:a2:99:0c:fc:c8:0b:ba:8a:22:
                    13:ea:e5:a4:13:12:da:5c:73:20:f1:d7:0f:7e:38:
                    92:45:90:af:0f:0d:e8:66:62:40:b1:e8:59:ff:56:
                    13:b8:18:a0:28:e5:c5:23:a7:29:db:9f:a7:af:5f:
                    ab:d3:3e:35:b6:84:84:45:2f:e3:e6:57:f2:7c:ca:
                    50:82:6a:a7:ae:0c:c9:1c:db:39:60:b6:1f:a1:0f:
                    6b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E1:BE:7B:24:FE:EF:EB:0A:A9:27:8E:31:E3:1C:64:9F:19:AD:AF
            X509v3 Authority Key Identifier:
                keyid:AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:40:eb:aa:78:4c:cc:c2:d0:1d:c6:ac:41:5b:f2:2e:44:ab:
         41:73:6c:d0:15:ce:47:e1:b6:d6:ab:f2:86:f8:78:e2:b3:f6:
         95:1b:79:9c:04:f5:4f:71:a3:51:71:c4:a3:8f:70:ab:b9:07:
         57:84:87:b9:8c:91:a5:e4:83:d7:82:82:dc:4a:e0:21:97:e9:
         d3:1f:6e:69:f9:aa:3c:ba:92:2b:83:56:f7:e0:73:f0:87:5a:
         3e:f0:51:7f:b7:1e:41:e2:9f:cc:8b:43:14:05:6a:c5:56:2a:
         b8:31:c8:12:61:43:e6:05:73:8d:43:4c:3f:cf:2d:03:58:90:
         67:89:75:f2:f6:35:7b:f0:4e:09:87:79:cc:57:c3:ea:d8:90:
         78:4c:f3:79:56:1d:97:bb:8d:13:e4:cd:bc:6d:65:af:6c:a2:
         b9:bd:f9:fa:f2:6a:86:0d:06:16:94:51:05:fe:8b:6c:47:ed:
         8d:7b:e3:22:fd:75:f6:c6:da:c2:fc:2f:52:66:3f:2d:a6:b3:
         be:28:f6:99:e2:be:22:52:66:8f:d3:01:2c:a6:61:34:c9:38:
         67:17:92:58:52:05:2f:a1:6f:3f:ef:3c:f5:3e:28:43:3b:5f:
         03:1c:e0:c2:70:e3:72:ee:ed:85:1a:b7:0b:db:cc:4b:f7:d2:
         c2:94:f6:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpS1OxgbYL/7mlqVAXeGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMTBiZTk5MWYzZGI4OTUwOTcxMGMyMDY3NmRmN2E4YTRi
ZmUxYjQwHhcNMjUxMTExMDIwMTA0WhcNMjUxMTEyMDIwMTA0WjAzMTEwLwYDVQQD
EygzMmUxYmU3YjI0ZmVlZmViMGFhOTI3OGUzMWUzMWM2NDlmMTlhZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq199V8wEE58HvX7gLo4NlgAweM8C
JzQmr9pnNQgrxxXKdWa9fG+QX/KFXq8NfaAH8pKejmtWrQIpMEkFYmhMRmLairP+
ybaQn+tWW8Ko4Jo4OdWmv1lF8mCqO0dK+k4F8+4LqRJytESDXf3ASsQFuemYhF1a
uJKUBpgNpbeUbHcUYuiESK+mDkZzovWzKbReV9/G5H4/mUIhHAdBhJemq/t9fSrl
b9PRV+SimQz8yAu6iiIT6uWkExLaXHMg8dcPfjiSRZCvDw3oZmJAsehZ/1YTuBig
KOXFI6cp25+nr1+r0z41toSERS/j5lfyfMpQgmqnrgzJHNs5YLYfoQ9rNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLhvnsk/u/rCqknjjHjHGSfGa2vMB8GA1UdIwQY
MBaAFKoQvpkfPbiVCXEMIGdt96ikv+G0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTct
MTgzZTJlNzIzMDFiLzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTctMTgzZTJlNzIzMDFi
LzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcEDrqnhM
zMLQHcasQVvyLkSrQXNs0BXOR+G21qvyhvh44rP2lRt5nAT1T3GjUXHEo49wq7kH
V4SHuYyRpeSD14KC3ErgIZfp0x9uafmqPLqSK4NW9+Bz8IdaPvBRf7ceQeKfzItD
FAVqxVYquDHIEmFD5gVzjUNMP88tA1iQZ4l18vY1e/BOCYd5zFfD6tiQeEzzeVYd
l7uNE+TNvG1lr2yiub35+vJqhg0GFpRRBf6LbEftjXvjIv119sbawvwvUmY/Laaz
vij2meK+IlJmj9MBLKZhNMk4ZxeSWFIFL6FvP+889T4oQztfAxzgwnDjcu7thRq3
C9vMS/fSwpT2yA==
-----END CERTIFICATE-----