Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
File:                     QFphtYwdUt5SLgQQCcv80fflK3w.mft (raw, json)
Hash identifier:          uxBJAfnIb/vatUOLzLLuW4EnMjuju9nkLaNTI4pAlvc=
Subject key identifier:   62:BD:F7:70:3A:74:E4:5E:45:CE:F9:2A:BC:28:83:B2:D9:E7:64:39
Authority key identifier: 40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C
Certificate issuer:       /CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
Certificate serial:       019A71B8B3FD07C114AE1DB3D0D21C11F4B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
Manifest number:          1219
Signing time:             Tue 11 Nov 2025 07:02:01 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:01 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:01 +0000
Files and hashes:         1: QFphtYwdUt5SLgQQCcv80fflK3w.crl (hash: 0sMvBVntJlwDifOEuN8pbcLcxIg38a4AL6ZaxW4q6tY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b3:fd:07:c1:14:ae:1d:b3:d0:d2:1c:11:f4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
        Validity
            Not Before: Nov 11 07:02:01 2025 GMT
            Not After : Nov 12 07:02:01 2025 GMT
        Subject: CN=62bdf7703a74e45e45cef92abc2883b2d9e76439
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:bb:aa:ad:f8:2a:76:db:16:20:a4:f9:78:54:
                    56:d1:9b:89:8d:e0:4d:96:6d:36:03:d1:88:db:d1:
                    a7:e5:a5:0a:81:49:a8:4d:ec:66:70:fe:a8:da:e4:
                    b1:ea:60:85:74:c6:f9:3f:fd:a5:9a:7b:37:8a:b8:
                    d1:ae:84:0f:bf:45:7e:11:d0:f3:f7:b3:14:5a:17:
                    8e:b6:1c:1c:09:e0:35:0d:41:b1:e9:ab:30:25:7f:
                    d8:7b:c4:51:74:b7:dd:70:30:8f:bb:33:cd:93:6a:
                    1f:24:4a:a0:d8:ab:44:57:ff:5c:0e:18:50:7d:83:
                    a0:08:1f:56:0e:8b:a9:fa:87:94:7b:29:c5:9e:5f:
                    21:84:0e:87:e9:00:8d:e0:3c:38:50:05:43:02:45:
                    70:5c:69:36:96:2a:8f:61:24:29:9e:48:f0:d1:c2:
                    fd:68:44:04:55:96:74:22:02:d7:38:a5:97:dc:76:
                    f9:d4:e6:1b:9d:b0:3a:7d:7f:00:6f:83:b7:d6:9e:
                    bb:f0:a6:aa:cd:8b:7d:8e:3a:c1:df:bf:31:ea:0f:
                    f1:40:dc:fe:5d:cc:39:51:5c:00:dc:c2:3e:09:1e:
                    a5:f3:b6:45:89:b5:e0:c2:de:8e:f9:b0:23:6e:c5:
                    e1:88:e6:20:78:db:36:42:ad:87:06:bf:29:85:46:
                    f4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:BD:F7:70:3A:74:E4:5E:45:CE:F9:2A:BC:28:83:B2:D9:E7:64:39
            X509v3 Authority Key Identifier:
                keyid:40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:b6:72:91:d8:39:19:fe:94:5f:eb:df:7a:2f:4a:9f:3d:0c:
         e1:91:e8:ad:9f:9e:35:9f:f4:0d:48:72:99:d4:44:e5:84:33:
         3b:a8:78:ab:7d:35:20:42:7f:b6:75:7f:68:1e:ee:eb:ef:c8:
         f9:60:d5:e2:15:b2:bf:ba:36:b9:c5:5c:57:21:49:cc:f3:61:
         b1:38:ec:52:37:43:09:eb:e2:d0:ae:c7:d4:7a:a5:ac:1a:9d:
         44:06:cb:f0:dc:e2:6d:28:9c:14:0d:98:0d:6d:e3:1c:63:8e:
         e4:09:8d:c2:7b:d3:43:44:30:98:c3:b3:92:ec:45:b3:8c:e4:
         c5:db:3a:b9:05:2c:0f:f9:02:53:f5:46:20:bd:9a:d4:28:d1:
         1a:26:cd:23:78:88:74:01:ac:4e:11:90:55:0c:04:c9:79:b9:
         7e:37:44:48:c2:c3:2f:f7:64:b8:9c:bb:76:cc:94:37:87:47:
         16:bd:0b:3d:e7:65:1d:18:49:b7:2a:f9:fc:e5:f2:7a:3d:21:
         e6:99:38:24:d7:4c:b6:a1:b5:9d:ef:42:3e:4b:6b:7b:5b:bf:
         7a:f6:c3:82:29:ed:53:74:c6:63:32:22:34:55:14:99:7b:a0:
         dd:54:30:44:bc:bc:bc:08:b5:5a:ec:ac:58:d5:05:31:0c:b0:
         c5:80:21:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLP9B8EUrh2z0NIcEfS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWE2MWI1OGMxZDUyZGU1MjJlMDQxMDA5Y2JmY2QxZjdl
NTJiN2MwHhcNMjUxMTExMDcwMjAxWhcNMjUxMTEyMDcwMjAxWjAzMTEwLwYDVQQD
Eyg2MmJkZjc3MDNhNzRlNDVlNDVjZWY5MmFiYzI4ODNiMmQ5ZTc2NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7uqrfgqdtsWIKT5eFRW0ZuJjeBN
lm02A9GI29Gn5aUKgUmoTexmcP6o2uSx6mCFdMb5P/2lmns3irjRroQPv0V+EdDz
97MUWheOthwcCeA1DUGx6aswJX/Ye8RRdLfdcDCPuzPNk2ofJEqg2KtEV/9cDhhQ
fYOgCB9WDoup+oeUeynFnl8hhA6H6QCN4Dw4UAVDAkVwXGk2liqPYSQpnkjw0cL9
aEQEVZZ0IgLXOKWX3Hb51OYbnbA6fX8Ab4O31p678KaqzYt9jjrB378x6g/xQNz+
Xcw5UVwA3MI+CR6l87ZFibXgwt6O+bAjbsXhiOYgeNs2Qq2HBr8phUb0cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGK993A6dOReRc75Krwog7LZ52Q5MB8GA1UdIwQY
MBaAFEBaYbWMHVLeUi4EEAnL/NH35St8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTct
ZmUwMTMzY2RhNTM1LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTctZmUwMTMzY2RhNTM1
LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLZykdg5
Gf6UX+vfei9Knz0M4ZHorZ+eNZ/0DUhymdRE5YQzO6h4q301IEJ/tnV/aB7u6+/I
+WDV4hWyv7o2ucVcVyFJzPNhsTjsUjdDCevi0K7H1HqlrBqdRAbL8NzibSicFA2Y
DW3jHGOO5AmNwnvTQ0QwmMOzkuxFs4zkxds6uQUsD/kCU/VGIL2a1CjRGibNI3iI
dAGsThGQVQwEyXm5fjdESMLDL/dkuJy7dsyUN4dHFr0LPedlHRhJtyr5/OXyej0h
5pk4JNdMtqG1ne9CPktre1u/evbDgintU3TGYzIiNFUUmXug3VQwRLy8vAi1Wuys
WNUFMQywxYAhUA==
-----END CERTIFICATE-----