Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File:                     qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier:          fbf13li0MCarLzM9mPMbbIifsHkqnMR0WWTT7neNJDQ=
Subject key identifier:   F6:C4:BC:F4:47:6F:F4:7F:B3:4F:D9:2B:9E:E1:35:CF:05:70:B6:C8
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer:       /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial:       019A71B8E37677A6BC1778099524AAF79CA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:13 +0000
Files and hashes:         1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: juXF4wD1fJIY5piv6NzKAc4AT1siIq5ZWkuoYHuuI3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e3:76:77:a6:bc:17:78:09:95:24:aa:f7:9c:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
        Validity
            Not Before: Nov 11 07:02:13 2025 GMT
            Not After : Nov 12 07:02:13 2025 GMT
        Subject: CN=f6c4bcf4476ff47fb34fd92b9ee135cf0570b6c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3a:de:60:ee:4f:58:68:85:98:7c:31:0e:0a:
                    97:76:a2:80:29:44:a3:2f:7e:38:e8:a6:8c:01:6b:
                    0a:5d:7e:66:c7:55:00:c8:9f:03:26:67:c0:48:24:
                    f0:30:1a:5a:69:d2:df:3a:d9:fb:f1:db:f1:5c:ec:
                    35:04:37:53:2e:a8:48:03:76:d0:cf:30:02:2d:a4:
                    d0:c6:f9:95:1f:10:bf:ae:e5:76:24:dc:fd:c2:11:
                    ce:d7:d7:31:97:20:0a:8a:ad:05:3a:4a:74:22:cd:
                    25:a6:36:fb:ef:85:38:e7:ae:b6:33:79:2b:81:48:
                    7d:2c:0d:5a:b6:8c:4f:46:b6:82:fe:7c:5d:68:8c:
                    4c:8b:c3:c0:31:ec:7f:7b:0c:cb:1c:83:cb:e3:ee:
                    43:ab:e6:29:04:0c:57:6b:ee:8a:b7:38:0e:60:54:
                    5a:12:b3:fd:f5:e5:73:45:b0:94:22:91:a4:1b:07:
                    f3:ec:4a:54:43:5b:91:e2:4a:e7:a9:29:7f:22:27:
                    af:a2:d0:df:ba:b0:35:38:45:7d:f4:9f:05:0e:cd:
                    0c:ab:f5:bf:f0:43:e9:d5:5d:47:43:9f:9b:d5:91:
                    71:e9:99:26:4a:d2:27:92:0f:47:d5:37:d3:b4:05:
                    10:31:d8:21:25:5d:e2:fe:91:09:6a:17:72:00:51:
                    6e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:C4:BC:F4:47:6F:F4:7F:B3:4F:D9:2B:9E:E1:35:CF:05:70:B6:C8
            X509v3 Authority Key Identifier:
                keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:4c:59:63:e6:50:4c:35:8f:b2:d3:72:57:12:49:7e:61:47:
         b5:e3:15:7d:5f:21:e5:fc:24:d7:7b:04:d5:67:30:84:65:a0:
         d3:02:ad:98:12:d6:4a:ea:1d:df:4f:e6:b2:46:f4:61:ea:2b:
         1c:a7:a1:bb:48:dd:8c:dd:65:9f:d6:8a:a0:a1:06:06:a8:e1:
         f1:9e:06:bd:c0:fe:5c:65:bb:6d:54:1b:b0:16:a4:2a:5d:24:
         e9:f1:2b:77:63:5d:ba:e9:b4:d9:75:74:03:26:35:71:6f:12:
         71:04:44:ab:17:81:30:4b:08:8c:5b:ae:45:06:b7:e7:79:4b:
         4b:df:30:a4:ab:90:d0:99:ae:16:6e:a5:57:ea:e5:22:66:2f:
         41:04:22:71:6d:17:a2:84:63:56:a1:25:e3:4c:5a:fe:53:05:
         b6:d2:63:78:f4:e9:c9:d3:21:5e:0b:07:1e:ce:40:0a:ff:e7:
         1f:35:44:67:ec:f3:88:78:56:f5:90:53:04:6a:9b:62:29:a2:
         d5:33:25:a1:2c:06:5b:c5:87:94:ec:c5:23:3c:7e:40:62:45:
         b3:62:e1:ef:1a:0d:32:41:c7:9d:c1:cb:3d:75:e5:50:ce:c9:
         f4:90:38:de:72:c8:5b:c4:48:bf:f5:12:88:2d:16:d9:2a:a8:
         20:9a:53:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuON2d6a8F3gJlSSq95ymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EyhmNmM0YmNmNDQ3NmZmNDdmYjM0ZmQ5MmI5ZWUxMzVjZjA1NzBiNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjreYO5PWGiFmHwxDgqXdqKAKUSj
L3446KaMAWsKXX5mx1UAyJ8DJmfASCTwMBpaadLfOtn78dvxXOw1BDdTLqhIA3bQ
zzACLaTQxvmVHxC/ruV2JNz9whHO19cxlyAKiq0FOkp0Is0lpjb774U45662M3kr
gUh9LA1atoxPRraC/nxdaIxMi8PAMex/ewzLHIPL4+5Dq+YpBAxXa+6KtzgOYFRa
ErP99eVzRbCUIpGkGwfz7EpUQ1uR4krnqSl/IievotDfurA1OEV99J8FDs0Mq/W/
8EPp1V1HQ5+b1ZFx6ZkmStInkg9H1TfTtAUQMdghJV3i/pEJahdyAFFuKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbEvPRHb/R/s0/ZK57hNc8FcLbIMB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXExZY+ZQ
TDWPstNyVxJJfmFHteMVfV8h5fwk13sE1WcwhGWg0wKtmBLWSuod30/mskb0Yeor
HKehu0jdjN1ln9aKoKEGBqjh8Z4GvcD+XGW7bVQbsBakKl0k6fErd2Nduum02XV0
AyY1cW8ScQREqxeBMEsIjFuuRQa353lLS98wpKuQ0JmuFm6lV+rlImYvQQQicW0X
ooRjVqEl40xa/lMFttJjePTpydMhXgsHHs5ACv/nHzVEZ+zziHhW9ZBTBGqbYimi
1TMloSwGW8WHlOzFIzx+QGJFs2Lh7xoNMkHHncHLPXXlUM7J9JA43nLIW8RIv/US
iC0W2SqoIJpTzg==
-----END CERTIFICATE-----