Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          UAedAUdpC2rzp3dtJ5zuNiOYT6mbdjEn0wJJyw4sDGc=
Subject key identifier:   42:AA:60:A8:2E:74:FF:2B:77:49:28:FB:85:46:2D:F3:0C:DE:BA:03
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       019A73A61E24FEEFE1CE038B9185AAEF51B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          082F
Signing time:             Tue 11 Nov 2025 16:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 16:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 16:00:57 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: 92R+XvIiTuDcH6i1y7NWwTpwsIPfxurQqVcRTkqzkio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:1e:24:fe:ef:e1:ce:03:8b:91:85:aa:ef:51:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Nov 11 16:00:57 2025 GMT
            Not After : Nov 12 16:00:57 2025 GMT
        Subject: CN=42aa60a82e74ff2b774928fb85462df30cdeba03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:61:46:12:db:eb:af:c1:ab:4b:07:14:fd:db:
                    dc:e0:98:a1:63:da:94:cc:e6:56:75:32:d8:eb:40:
                    33:67:ad:52:84:b1:a1:01:49:39:28:9d:de:7f:70:
                    e0:a4:1e:21:78:de:5e:72:02:67:c6:80:aa:81:62:
                    b9:c6:49:35:78:d3:bc:22:02:c5:00:d7:fd:67:20:
                    39:a1:67:8e:f3:5c:9e:25:c6:9e:36:a3:ac:66:a0:
                    42:57:5c:74:95:d0:cb:8c:f8:18:50:16:66:65:56:
                    7f:f5:31:42:8d:f5:61:b8:f1:29:18:85:b8:82:99:
                    be:c6:90:83:5d:fc:d6:ce:81:d4:e6:8d:de:db:2b:
                    4c:b0:38:6c:5b:17:37:d6:88:e9:ab:a4:1b:58:71:
                    a5:22:45:b3:1a:ee:a8:16:7e:a6:26:89:a2:9c:f1:
                    84:8c:8a:10:78:2f:dc:05:20:7d:c0:0b:05:19:e1:
                    a4:ed:df:dd:c3:3a:b9:05:a0:e5:8a:b6:a5:c0:64:
                    1f:b5:36:a4:f7:1f:16:44:8e:e2:31:fb:9c:48:c6:
                    ab:e0:0f:51:bc:07:1b:8a:3f:48:7b:d5:12:54:1b:
                    ae:9c:fd:2b:36:bf:5e:ad:8e:b7:75:a6:21:3e:14:
                    13:27:b6:b3:00:c3:1c:21:3d:56:d7:01:51:2d:8d:
                    bc:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:AA:60:A8:2E:74:FF:2B:77:49:28:FB:85:46:2D:F3:0C:DE:BA:03
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ac:2c:ec:b9:fb:f4:d0:3d:bf:6d:e4:d6:29:9a:83:c4:31:
         7a:6f:6b:2a:96:8c:ef:c4:77:5c:9a:d6:7e:30:02:43:6b:8f:
         7a:d4:ff:ae:9e:43:25:f6:ac:ac:5d:44:96:d1:84:c3:1d:33:
         ff:f3:b3:97:cc:92:66:ba:7a:d7:5a:81:c6:31:79:bf:15:1f:
         9d:1b:3a:8a:77:8f:c5:65:df:6c:b7:e1:f8:54:b4:45:63:f3:
         1b:e2:f9:c8:ac:9b:a3:77:7a:69:e7:6f:9f:fc:e9:ac:64:4b:
         cb:c2:58:20:bc:d1:c9:7d:9d:9b:61:89:5e:ba:3f:67:26:52:
         1c:f3:f8:b1:e0:47:56:1f:16:07:49:f4:eb:7c:75:1e:60:12:
         cd:6f:bd:1c:c1:ba:f0:5d:8f:29:5d:19:7c:57:1b:53:bf:65:
         eb:6a:37:5f:54:47:e0:ae:1b:62:31:b4:ce:4e:6c:e1:0f:07:
         2b:bf:14:c7:cf:67:86:7a:b2:07:1c:85:7b:47:58:e9:a5:69:
         ba:40:49:b5:b1:fa:2f:8b:30:50:d2:89:28:5e:cf:92:ee:e1:
         0d:94:36:90:c1:45:31:50:b0:59:a8:2e:1c:69:e1:4b:cf:40:
         27:be:35:a5:03:82:6e:17:d7:9e:11:a3:74:7b:10:c2:95:db:
         b6:9c:b1:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzph4k/u/hzgOLkYWq71G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUxMTExMTYwMDU3WhcNMjUxMTEyMTYwMDU3WjAzMTEwLwYDVQQD
Eyg0MmFhNjBhODJlNzRmZjJiNzc0OTI4ZmI4NTQ2MmRmMzBjZGViYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmFGEtvrr8GrSwcU/dvc4JihY9qU
zOZWdTLY60AzZ61ShLGhAUk5KJ3ef3DgpB4heN5ecgJnxoCqgWK5xkk1eNO8IgLF
ANf9ZyA5oWeO81yeJcaeNqOsZqBCV1x0ldDLjPgYUBZmZVZ/9TFCjfVhuPEpGIW4
gpm+xpCDXfzWzoHU5o3e2ytMsDhsWxc31ojpq6QbWHGlIkWzGu6oFn6mJominPGE
jIoQeC/cBSB9wAsFGeGk7d/dwzq5BaDliralwGQftTak9x8WRI7iMfucSMar4A9R
vAcbij9Ie9USVBuunP0rNr9erY63daYhPhQTJ7azAMMcIT1W1wFRLY28uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKqYKgudP8rd0ko+4VGLfMM3roDMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaaws7Ln7
9NA9v23k1imag8Qxem9rKpaM78R3XJrWfjACQ2uPetT/rp5DJfasrF1EltGEwx0z
//Ozl8ySZrp611qBxjF5vxUfnRs6inePxWXfbLfh+FS0RWPzG+L5yKybo3d6aedv
n/zprGRLy8JYILzRyX2dm2GJXro/ZyZSHPP4seBHVh8WB0n063x1HmASzW+9HMG6
8F2PKV0ZfFcbU79l62o3X1RH4K4bYjG0zk5s4Q8HK78Ux89nhnqyBxyFe0dY6aVp
ukBJtbH6L4swUNKJKF7Pku7hDZQ2kMFFMVCwWaguHGnhS89AJ741pQOCbhfXnhGj
dHsQwpXbtpyxjg==
-----END CERTIFICATE-----