Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          ogjcTVy/Xy/YSPgIKf0so4f9sMGV6m3dWlEm8PuFrpA=
Subject key identifier:   91:54:00:EA:EE:B6:50:C9:47:A1:F3:04:32:0D:2A:55:6C:C2:BB:81
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       019A7112FCAB4971881F74407E0DE2F89A59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          0F83
Signing time:             Tue 11 Nov 2025 04:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:01 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: TYK5s9W+mvm54ZDz2/lVD8AKfsmtBwcuVQsJZyn0YkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:fc:ab:49:71:88:1f:74:40:7e:0d:e2:f8:9a:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: Nov 11 04:01:01 2025 GMT
            Not After : Nov 12 04:01:01 2025 GMT
        Subject: CN=915400eaeeb650c947a1f304320d2a556cc2bb81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c0:50:86:2e:52:54:ce:37:da:02:2b:04:af:
                    0d:f5:e7:31:a8:22:b5:dc:14:77:8e:f2:43:fd:5b:
                    07:cd:05:ec:14:1d:88:a8:e3:10:17:ff:b4:58:71:
                    1b:b2:d6:8c:09:ea:64:04:40:9d:16:3c:ad:e2:10:
                    ad:8e:3c:c3:d5:8b:03:66:af:6c:a4:df:c7:71:ad:
                    f5:8e:e7:3a:c7:83:9c:0f:3c:07:f6:40:5b:3a:0f:
                    79:66:ce:c8:34:42:3a:a6:fe:de:42:d9:85:64:64:
                    9b:84:e1:36:6a:58:4d:e9:3b:a6:2d:6d:c0:46:57:
                    55:d4:f5:80:8d:6c:9a:73:b8:94:60:ac:de:17:06:
                    f4:86:51:1a:ea:ac:10:9f:95:56:3f:c5:3a:89:31:
                    51:4e:8e:cb:53:7a:07:4b:b7:1b:e9:b3:00:3f:18:
                    df:9c:52:1f:34:1c:db:7b:b4:ae:14:c8:55:0c:89:
                    e7:c9:aa:4d:d8:d5:d3:4e:0a:14:bd:21:63:87:b8:
                    45:cf:b1:2a:5a:b5:76:8c:1a:9f:13:ea:0d:e6:22:
                    ca:6a:b9:d3:94:54:36:f4:7f:e9:1e:9e:7f:1a:7e:
                    9d:dc:de:5e:f5:b8:4c:f3:13:73:cf:38:d9:6d:ec:
                    8f:bd:ba:38:84:7e:09:c5:42:dd:16:19:72:03:0b:
                    01:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:54:00:EA:EE:B6:50:C9:47:A1:F3:04:32:0D:2A:55:6C:C2:BB:81
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:16:65:0a:b8:d1:e5:ee:50:ba:08:14:60:78:44:32:91:ae:
         4f:94:2a:df:12:cc:8d:a6:e4:3d:dc:86:11:1b:9b:b7:f7:7f:
         3d:79:8b:54:1f:05:a0:61:b2:94:34:1f:c8:92:64:ec:d3:5a:
         0c:3e:6c:d9:f7:5b:4b:bd:9f:b1:8a:87:6a:b8:b3:63:5d:d5:
         1c:20:5c:d3:73:1c:92:88:15:34:24:17:9f:57:28:ea:ad:bc:
         94:99:e8:68:d8:17:d3:12:38:4e:2f:41:8c:eb:c0:91:ca:5c:
         a9:b6:24:68:51:9f:e4:8d:99:c6:f0:a3:fe:77:ba:96:dc:85:
         82:03:f9:d0:48:64:be:a0:e4:84:55:db:00:20:31:f2:b8:9b:
         64:d1:8a:99:ab:f3:4c:cf:10:e8:2e:25:8a:9c:d1:32:91:ad:
         f6:0f:9d:bb:6f:c0:d2:d5:ff:6b:ce:e6:76:4c:7d:c1:1b:ac:
         b5:98:0e:7d:ca:7a:16:e5:23:eb:f5:2d:86:95:87:90:b4:b6:
         cf:ab:9d:ff:69:0e:ee:a9:4e:1a:42:af:92:4f:77:6e:b5:13:
         04:d7:83:79:84:10:4a:64:f7:87:9b:1a:10:e3:79:56:c4:1a:
         7a:05:c9:98:3b:58:a9:10:bd:55:0f:ae:05:fb:44:3e:f9:89:
         f8:9a:32:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvyrSXGIH3RAfg3i+JpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjUxMTExMDQwMTAxWhcNMjUxMTEyMDQwMTAxWjAzMTEwLwYDVQQD
Eyg5MTU0MDBlYWVlYjY1MGM5NDdhMWYzMDQzMjBkMmE1NTZjYzJiYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMBQhi5SVM432gIrBK8N9ecxqCK1
3BR3jvJD/VsHzQXsFB2IqOMQF/+0WHEbstaMCepkBECdFjyt4hCtjjzD1YsDZq9s
pN/Hca31juc6x4OcDzwH9kBbOg95Zs7INEI6pv7eQtmFZGSbhOE2alhN6TumLW3A
RldV1PWAjWyac7iUYKzeFwb0hlEa6qwQn5VWP8U6iTFRTo7LU3oHS7cb6bMAPxjf
nFIfNBzbe7SuFMhVDInnyapN2NXTTgoUvSFjh7hFz7EqWrV2jBqfE+oN5iLKarnT
lFQ29H/pHp5/Gn6d3N5e9bhM8xNzzzjZbeyPvbo4hH4JxULdFhlyAwsBtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFUAOrutlDJR6HzBDINKlVswruBMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFRZlCrjR
5e5QuggUYHhEMpGuT5Qq3xLMjabkPdyGERubt/d/PXmLVB8FoGGylDQfyJJk7NNa
DD5s2fdbS72fsYqHarizY13VHCBc03MckogVNCQXn1co6q28lJnoaNgX0xI4Ti9B
jOvAkcpcqbYkaFGf5I2ZxvCj/ne6ltyFggP50EhkvqDkhFXbACAx8ribZNGKmavz
TM8Q6C4lipzRMpGt9g+du2/A0tX/a87mdkx9wRustZgOfcp6FuUj6/UthpWHkLS2
z6ud/2kO7qlOGkKvkk93brUTBNeDeYQQSmT3h5saEON5VsQaegXJmDtYqRC9VQ+u
BftEPvmJ+Joyhg==
-----END CERTIFICATE-----