Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
File:                     Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft (raw, json)
Hash identifier:          FyNdSYgI6PRw4gR/7GACcv9P0+Mmj2ILKKXcHUMNWV8=
Subject key identifier:   D8:D1:AC:57:C9:EF:8C:10:18:C6:8F:CD:FC:83:12:84:6E:B7:A5:A0
Authority key identifier: 43:F6:87:BF:38:3E:32:04:5B:C0:27:DC:CA:EA:AD:CF:36:C8:E7:15
Certificate issuer:       /CN=43f687bf383e32045bc027dccaeaadcf36c8e715
Certificate serial:       019A71B77A4E5C60F888477ECBE9F8DCA619
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
Manifest number:          0B
Signing time:             Tue 11 Nov 2025 07:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:40 +0000
Files and hashes:         1: Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl (hash: v7nzXVXCHDzbGYc+RY+/e6io75r3isjifaUspFcmRwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7a:4e:5c:60:f8:88:47:7e:cb:e9:f8:dc:a6:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43f687bf383e32045bc027dccaeaadcf36c8e715
        Validity
            Not Before: Nov 11 07:00:40 2025 GMT
            Not After : Nov 12 07:00:40 2025 GMT
        Subject: CN=d8d1ac57c9ef8c1018c68fcdfc8312846eb7a5a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:32:7b:b3:0a:88:01:65:50:2b:5a:d3:f6:79:
                    e0:f5:be:fd:27:b2:fb:17:b8:ec:15:84:64:55:5a:
                    34:f4:4f:d9:37:b0:21:5b:4f:0d:20:47:4e:6e:9b:
                    46:90:03:64:67:f5:ea:b1:46:a3:42:c3:aa:04:b3:
                    32:d1:af:c2:23:9a:51:6a:9c:92:31:7d:b7:b2:59:
                    77:b1:a8:c6:ae:d9:77:13:f8:3b:ee:ac:fe:67:c5:
                    33:c6:a6:fa:f7:8f:c7:e1:53:18:15:c1:31:b2:e1:
                    76:af:1c:c6:10:a6:5a:50:48:73:78:4f:64:e6:9a:
                    d3:65:f2:e4:ba:84:83:15:b0:85:d3:7c:91:d3:19:
                    76:e5:af:5c:0e:d7:cd:7c:4c:dc:12:8d:7b:fc:95:
                    a0:cf:57:23:39:a7:e7:2f:18:07:a2:c0:71:b0:d6:
                    4f:93:17:cb:7e:42:e5:0a:7d:8b:7d:40:f4:60:26:
                    91:80:50:ba:ad:45:f3:5b:d7:1c:b0:a0:90:f5:4b:
                    98:de:b4:91:04:95:42:02:ad:b7:52:73:ba:0a:1b:
                    43:36:1f:8a:06:a0:c1:97:61:d6:4e:a7:c3:38:a9:
                    22:99:a5:74:1c:f7:a2:dd:2c:34:dd:06:5b:2d:79:
                    0e:64:ba:a3:b3:da:04:fe:78:65:60:92:97:b6:b4:
                    d4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D1:AC:57:C9:EF:8C:10:18:C6:8F:CD:FC:83:12:84:6E:B7:A5:A0
            X509v3 Authority Key Identifier:
                keyid:43:F6:87:BF:38:3E:32:04:5B:C0:27:DC:CA:EA:AD:CF:36:C8:E7:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:2e:ac:e8:c1:bd:c4:43:8e:d2:84:6f:d6:e4:81:61:a0:1b:
         cf:07:5d:09:86:18:cd:dd:27:2e:09:ef:b2:df:91:4a:de:32:
         30:ef:81:ef:95:24:6b:cf:5f:a1:cb:cd:28:47:b7:d6:6e:46:
         d9:58:09:14:18:d3:69:be:2b:22:64:27:ba:70:87:72:ad:95:
         49:15:e2:68:88:70:ca:07:ec:ff:02:b8:18:9d:3c:c5:89:e6:
         cd:6c:03:0a:1f:b9:8a:be:e1:3a:25:82:e0:92:27:15:ca:bb:
         cb:b1:4e:8a:5f:b3:f3:c3:b7:c9:ab:10:7f:80:be:87:35:8e:
         f9:fd:5d:a9:90:18:e4:96:c0:55:33:ea:df:df:f6:3f:00:9a:
         6f:d5:e5:09:d9:04:25:6f:5c:e9:8d:bc:e7:e5:d6:bf:fc:b2:
         12:f5:b1:4b:a8:4c:86:ed:a0:f7:25:7c:1e:6a:d7:0c:bd:80:
         a5:67:c0:73:88:cd:83:27:61:e9:82:0a:7e:3f:9b:7c:dd:87:
         15:4e:8d:2e:ce:50:fe:bd:6f:99:56:4b:c7:a0:4d:19:af:4b:
         da:2d:31:3c:1d:ef:ea:e4:a3:b1:34:37:95:37:f1:00:e1:2b:
         aa:2b:6e:8b:98:f8:1b:8d:d5:21:83:66:6c:6f:ca:24:4d:7f:
         da:be:f4:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3pOXGD4iEd+y+n43KYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZjY4N2JmMzgzZTMyMDQ1YmMwMjdkY2NhZWFhZGNmMzZj
OGU3MTUwHhcNMjUxMTExMDcwMDQwWhcNMjUxMTEyMDcwMDQwWjAzMTEwLwYDVQQD
EyhkOGQxYWM1N2M5ZWY4YzEwMThjNjhmY2RmYzgzMTI4NDZlYjdhNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TJ7swqIAWVQK1rT9nng9b79J7L7
F7jsFYRkVVo09E/ZN7AhW08NIEdObptGkANkZ/XqsUajQsOqBLMy0a/CI5pRapyS
MX23sll3sajGrtl3E/g77qz+Z8Uzxqb694/H4VMYFcExsuF2rxzGEKZaUEhzeE9k
5prTZfLkuoSDFbCF03yR0xl25a9cDtfNfEzcEo17/JWgz1cjOafnLxgHosBxsNZP
kxfLfkLlCn2LfUD0YCaRgFC6rUXzW9ccsKCQ9UuY3rSRBJVCAq23UnO6ChtDNh+K
BqDBl2HWTqfDOKkimaV0HPei3Sw03QZbLXkOZLqjs9oE/nhlYJKXtrTUTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjRrFfJ74wQGMaPzfyDEoRut6WgMB8GA1UdIwQY
MBaAFEP2h784PjIEW8An3Mrqrc82yOcVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NTFhMDAtNTk1YS00ZmI4LWFjMmMt
OTI2MTYyNmE0OGM1LzEvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NTFhMDAtNTk1YS00ZmI4LWFjMmMtOTI2MTYyNmE0OGM1
LzEvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABS6s6MG9
xEOO0oRv1uSBYaAbzwddCYYYzd0nLgnvst+RSt4yMO+B75Uka89focvNKEe31m5G
2VgJFBjTab4rImQnunCHcq2VSRXiaIhwygfs/wK4GJ08xYnmzWwDCh+5ir7hOiWC
4JInFcq7y7FOil+z88O3yasQf4C+hzWO+f1dqZAY5JbAVTPq39/2PwCab9XlCdkE
JW9c6Y285+XWv/yyEvWxS6hMhu2g9yV8HmrXDL2ApWfAc4jNgydh6YIKfj+bfN2H
FU6NLs5Q/r1vmVZLx6BNGa9L2i0xPB3v6uSjsTQ3lTfxAOErqitui5j4G43VIYNm
bG/KJE1/2r70lw==
-----END CERTIFICATE-----