Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
File:                     QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft (raw, json)
Hash identifier:          I/i0XG4HzT3eAUr3JkJIepDDl5qPLNl7zeyqLOJmVM4=
Subject key identifier:   36:35:90:7E:87:28:B8:0D:47:65:CB:B3:4C:A3:23:25:13:00:77:1D
Authority key identifier: 41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C
Certificate issuer:       /CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
Certificate serial:       019A71B866D1AAFB68ADAFC06D3DEFA33377
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
Manifest number:          16AF
Signing time:             Tue 11 Nov 2025 07:01:41 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:41 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:41 +0000
Files and hashes:         1: QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl (hash: v4+VNCmnDYoZCtgt6R65HiHDH2+n8Ys/4egL7Uitlp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:66:d1:aa:fb:68:ad:af:c0:6d:3d:ef:a3:33:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
        Validity
            Not Before: Nov 11 07:01:41 2025 GMT
            Not After : Nov 12 07:01:41 2025 GMT
        Subject: CN=3635907e8728b80d4765cbb34ca323251300771d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c7:99:68:94:80:97:8f:df:56:ef:d5:42:00:
                    4f:a2:25:51:46:9c:38:11:80:98:1e:02:e0:28:4a:
                    d3:1f:64:c4:c5:80:52:6f:ec:ad:e8:23:38:f8:c8:
                    0e:1f:a5:57:7b:db:8e:fb:c9:25:31:6e:5b:b9:68:
                    15:46:15:e4:38:af:b7:e9:26:d1:7d:ca:bc:04:c1:
                    14:e7:04:37:ec:d8:04:08:88:51:d0:df:e7:1d:17:
                    f5:47:3f:21:e7:51:3a:b1:41:30:b2:25:05:49:88:
                    d1:2c:57:48:b0:5e:44:77:65:e1:b3:e2:c0:53:17:
                    4b:09:de:3a:a9:5c:86:44:54:6b:43:f0:98:17:56:
                    55:03:bb:bb:27:ad:d5:84:57:c0:57:c3:99:66:90:
                    55:3a:ff:b1:bb:94:d2:c0:b2:4a:9c:07:5c:07:68:
                    38:30:ce:ab:c8:71:83:f7:e6:1b:30:83:c0:25:5f:
                    97:5a:35:23:ce:86:94:fa:1d:51:ad:9b:fc:0b:88:
                    af:81:3c:e1:1f:62:7a:b4:36:d3:e3:c4:6c:04:f4:
                    00:58:ad:17:88:75:5b:62:dd:45:f1:10:98:4d:38:
                    3f:22:69:ce:ce:dc:ac:a5:13:85:c8:dc:9b:06:eb:
                    4a:53:37:5a:f3:07:08:88:d8:0e:ea:7f:1e:a0:e9:
                    9e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:35:90:7E:87:28:B8:0D:47:65:CB:B3:4C:A3:23:25:13:00:77:1D
            X509v3 Authority Key Identifier:
                keyid:41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:22:79:65:fd:aa:ea:b8:1c:c4:a7:1b:b9:1c:54:71:2a:62:
         dc:86:41:d5:c7:32:f7:cc:d9:6a:b6:b4:df:02:48:82:fb:d6:
         23:34:e5:a7:c4:b5:9e:f4:8d:89:c6:09:72:53:b4:c3:79:5b:
         eb:58:49:d3:cc:cf:77:e7:f5:8c:3f:97:79:0a:b7:bf:cb:67:
         e0:37:11:98:c8:fe:b2:80:79:99:05:d1:0b:6a:11:66:03:8c:
         e6:45:ea:c1:12:31:63:24:77:28:a4:77:e4:3e:d4:eb:f5:0b:
         a5:2a:64:2f:70:5f:a2:3d:42:0c:30:5e:44:a3:fb:b9:c1:a8:
         79:1c:83:e1:dd:f6:5d:75:63:ca:8f:f0:8f:65:fc:92:44:ee:
         04:f1:39:90:bd:77:32:14:82:c4:61:e0:f3:2c:6f:16:f5:89:
         ae:8d:ae:6b:fb:7c:f9:2e:19:f5:5a:11:db:bd:71:e5:31:06:
         bc:2b:62:a8:cf:98:47:94:0a:98:72:6f:d7:40:ce:52:03:e6:
         2f:cf:54:11:7c:ee:3c:fc:40:9d:5f:a7:56:c0:20:39:99:fb:
         29:27:c2:89:d7:92:bf:aa:cd:bb:4d:9a:1d:89:b2:f4:26:5d:
         4d:fd:f7:5c:dc:ae:ab:c6:18:da:ae:53:88:31:61:eb:c7:35:
         ca:54:93:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGbRqvtora/AbT3vozN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzg1Y2I1ZmM2YjQwZmRmMTRmNzJhNmQyNWY0MTQzYzE3
YzMxN2MwHhcNMjUxMTExMDcwMTQxWhcNMjUxMTEyMDcwMTQxWjAzMTEwLwYDVQQD
EygzNjM1OTA3ZTg3MjhiODBkNDc2NWNiYjM0Y2EzMjMyNTEzMDA3NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8eZaJSAl4/fVu/VQgBPoiVRRpw4
EYCYHgLgKErTH2TExYBSb+yt6CM4+MgOH6VXe9uO+8klMW5buWgVRhXkOK+36SbR
fcq8BMEU5wQ37NgECIhR0N/nHRf1Rz8h51E6sUEwsiUFSYjRLFdIsF5Ed2Xhs+LA
UxdLCd46qVyGRFRrQ/CYF1ZVA7u7J63VhFfAV8OZZpBVOv+xu5TSwLJKnAdcB2g4
MM6ryHGD9+YbMIPAJV+XWjUjzoaU+h1RrZv8C4ivgTzhH2J6tDbT48RsBPQAWK0X
iHVbYt1F8RCYTTg/ImnOztyspROFyNybButKUzda8wcIiNgO6n8eoOmedQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDY1kH6HKLgNR2XLs0yjIyUTAHcdMB8GA1UdIwQY
MBaAFEF4XLX8a0D98U9yptJfQUPBfDF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUt
ZTQ2ZWM1YjliMDZjLzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUtZTQ2ZWM1YjliMDZj
LzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSJ5Zf2q
6rgcxKcbuRxUcSpi3IZB1ccy98zZara03wJIgvvWIzTlp8S1nvSNicYJclO0w3lb
61hJ08zPd+f1jD+XeQq3v8tn4DcRmMj+soB5mQXRC2oRZgOM5kXqwRIxYyR3KKR3
5D7U6/ULpSpkL3Bfoj1CDDBeRKP7ucGoeRyD4d32XXVjyo/wj2X8kkTuBPE5kL13
MhSCxGHg8yxvFvWJro2ua/t8+S4Z9VoR271x5TEGvCtiqM+YR5QKmHJv10DOUgPm
L89UEXzuPPxAnV+nVsAgOZn7KSfCideSv6rNu02aHYmy9CZdTf33XNyuq8YY2q5T
iDFh68c1ylST4A==
-----END CERTIFICATE-----