Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
File:                     QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json)
Hash identifier:          Kv84j82LXsYwX4A+7xFszuzfbH+ZA54TXc/qBN3VYYM=
Subject key identifier:   13:71:D3:D2:E8:F9:95:19:02:F9:11:83:D1:63:53:C4:5A:5B:50:A9
Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
Certificate issuer:       /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Certificate serial:       019A71B8D231710E6CE2FD1983F5E04C1B7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
Manifest number:          0D0B
Signing time:             Tue 11 Nov 2025 07:02:09 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:09 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:09 +0000
Files and hashes:         1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: xFa3dDgSMYB+I4540HCQkkQrx68PqZN9GYgZrOFsuuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d2:31:71:0e:6c:e2:fd:19:83:f5:e0:4c:1b:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
        Validity
            Not Before: Nov 11 07:02:09 2025 GMT
            Not After : Nov 12 07:02:09 2025 GMT
        Subject: CN=1371d3d2e8f9951902f91183d16353c45a5b50a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:52:54:c6:e9:eb:3b:9e:95:7e:ac:2f:99:7e:
                    6b:6a:a7:66:b2:e2:d8:79:ef:91:55:03:f4:94:13:
                    1a:e0:40:52:b6:8c:a2:d6:50:f2:2a:7d:17:78:47:
                    11:99:90:87:f7:74:34:2a:ab:ac:34:a8:fe:81:bf:
                    2d:77:46:56:c9:d2:72:65:67:9a:77:2f:45:38:d6:
                    8a:0a:18:e6:ed:3c:42:ce:0f:39:da:aa:17:b5:71:
                    c2:62:eb:6e:66:13:7f:4d:86:a6:37:71:49:db:2b:
                    ce:b4:87:98:0b:10:ea:0c:35:27:36:b5:57:e1:56:
                    47:0a:3f:8a:e3:9a:cb:97:5a:91:76:b9:03:64:b6:
                    a8:dc:6a:5e:6c:f4:7f:84:80:83:63:72:2b:12:b9:
                    99:1d:5b:8f:48:51:4d:17:a9:33:66:4e:b6:bc:e7:
                    89:c5:e9:e2:13:d3:12:5a:8d:7e:7e:cf:9f:c9:1e:
                    49:e4:de:41:bf:f7:85:fc:af:43:f9:64:2d:11:df:
                    0e:f8:b6:31:2d:d1:de:04:71:df:e0:a4:70:af:14:
                    82:56:cf:db:db:df:3b:90:b5:1d:7d:ab:79:24:98:
                    3a:a7:4a:66:b4:45:fc:21:7a:31:ac:30:71:e5:5f:
                    c3:e5:89:b3:ed:08:26:fb:f1:9e:43:ca:b5:4d:66:
                    f3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:71:D3:D2:E8:F9:95:19:02:F9:11:83:D1:63:53:C4:5A:5B:50:A9
            X509v3 Authority Key Identifier:
                keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:04:2d:55:28:16:a4:b8:fc:31:b6:45:fc:0b:27:c8:92:53:
         3f:24:7e:7b:1e:57:1f:da:e4:f5:88:2c:d7:c5:66:ea:d4:42:
         d3:d5:91:85:85:b9:85:79:66:0b:5a:fd:44:22:24:02:e5:24:
         3c:83:69:2e:e3:bf:92:6b:39:33:e5:b0:0e:bd:bf:77:02:0d:
         b9:89:da:b5:a0:f2:bb:1f:3b:3e:1b:e4:53:42:5d:cb:39:3a:
         d9:b4:e0:40:14:73:28:a8:f5:33:8b:95:30:18:e1:e5:b1:1c:
         fb:38:29:a3:88:a0:1a:de:3e:34:16:9e:29:cc:b4:7a:96:f2:
         1c:60:8e:91:12:b1:6d:56:bb:6a:cf:a6:8c:fb:b9:61:4f:9a:
         8e:e2:d9:d3:c0:9d:77:a3:41:3c:90:3b:c1:f2:df:53:25:bf:
         10:81:3f:30:25:3e:eb:c0:68:62:78:14:80:ef:d5:73:24:6c:
         70:90:b4:db:4b:d7:61:66:36:92:be:1c:4f:ec:ee:6e:3a:fa:
         3b:de:c2:d1:3e:1c:2a:ea:82:06:57:70:ce:69:78:a7:fb:5a:
         95:2e:71:34:bd:86:81:ca:25:b4:48:02:85:a7:1d:79:1b:9b:
         11:53:56:8f:ad:e2:40:77:44:43:1e:48:e6:a8:06:83:4c:7a:
         46:7d:19:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNIxcQ5s4v0Zg/XgTBt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw
ZjhjZjUwHhcNMjUxMTExMDcwMjA5WhcNMjUxMTEyMDcwMjA5WjAzMTEwLwYDVQQD
EygxMzcxZDNkMmU4Zjk5NTE5MDJmOTExODNkMTYzNTNjNDVhNWI1MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFJUxunrO56VfqwvmX5raqdmsuLY
ee+RVQP0lBMa4EBStoyi1lDyKn0XeEcRmZCH93Q0KqusNKj+gb8td0ZWydJyZWea
dy9FONaKChjm7TxCzg852qoXtXHCYutuZhN/TYamN3FJ2yvOtIeYCxDqDDUnNrVX
4VZHCj+K45rLl1qRdrkDZLao3GpebPR/hICDY3IrErmZHVuPSFFNF6kzZk62vOeJ
xeniE9MSWo1+fs+fyR5J5N5Bv/eF/K9D+WQtEd8O+LYxLdHeBHHf4KRwrxSCVs/b
2987kLUdfat5JJg6p0pmtEX8IXoxrDBx5V/D5Ymz7Qgm+/GeQ8q1TWbzIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNx09Lo+ZUZAvkRg9FjU8RaW1CpMB8GA1UdIwQY
MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt
YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj
LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAQtVSgW
pLj8MbZF/AsnyJJTPyR+ex5XH9rk9Ygs18Vm6tRC09WRhYW5hXlmC1r9RCIkAuUk
PINpLuO/kms5M+WwDr2/dwINuYnataDyux87PhvkU0Jdyzk62bTgQBRzKKj1M4uV
MBjh5bEc+zgpo4igGt4+NBaeKcy0epbyHGCOkRKxbVa7as+mjPu5YU+ajuLZ08Cd
d6NBPJA7wfLfUyW/EIE/MCU+68BoYngUgO/VcyRscJC020vXYWY2kr4cT+zubjr6
O97C0T4cKuqCBldwzml4p/talS5xNL2GgcoltEgChacdeRubEVNWj63iQHdEQx5I
5qgGg0x6Rn0ZsA==
-----END CERTIFICATE-----