Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          M2nyWtxUUe6ZeBi0ucxedf3iyeMETSmVznOUyyJC5VI=
Subject key identifier:   FE:F0:A2:45:25:81:72:4A:80:BB:57:5C:96:2F:3A:D9:65:5C:CC:8F
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019A4F622DB4B79869C4733FBBD3D0870982
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 15:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:25 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: IAV6MviwkjIkLBUeq3TSQS7Ahd4wqIP1xjC6vGLOYsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:2d:b4:b7:98:69:c4:73:3f:bb:d3:d0:87:09:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Nov  4 15:00:25 2025 GMT
            Not After : Nov  5 15:00:25 2025 GMT
        Subject: CN=fef0a2452581724a80bb575c962f3ad9655ccc8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:12:6a:62:21:0c:d1:f6:70:93:18:8f:e9:bf:
                    df:0c:14:b9:19:19:15:7b:77:c6:67:70:25:a9:91:
                    ab:2a:24:b2:63:12:97:4a:d1:2b:8f:05:7f:9e:0f:
                    c6:bf:7d:64:21:3f:5f:b4:35:f2:f3:7d:ab:c4:b4:
                    9f:81:66:3f:a3:57:c8:35:80:8c:71:48:d1:a0:f9:
                    c0:29:e8:e1:15:f0:a0:60:b4:3a:7d:3e:61:8b:73:
                    54:37:f6:82:c2:1d:14:5c:f0:25:4b:11:84:40:20:
                    1b:a9:1f:f6:cf:e5:26:49:54:03:c3:29:0d:bb:33:
                    55:78:a0:ea:96:a3:e2:c1:b1:e5:85:66:03:13:d2:
                    63:f5:00:a9:db:36:57:a0:9e:25:23:e9:94:34:5f:
                    88:58:45:67:84:f8:ce:ae:56:58:63:85:cc:82:b6:
                    52:3c:bf:f4:85:ee:a9:8a:f0:ae:18:f0:91:ce:c1:
                    7e:d9:d7:b5:23:0e:88:35:0b:e4:ea:36:b8:d0:d2:
                    1a:42:85:fa:63:af:63:0c:86:e2:ba:7d:28:60:df:
                    cc:d8:5c:f2:4b:16:71:2b:33:6f:53:6d:ee:2f:dd:
                    67:90:a2:8d:19:28:11:10:6a:6b:ac:86:8a:6c:90:
                    14:96:da:7d:2a:02:eb:1c:59:52:ed:2e:30:bf:2a:
                    9d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:F0:A2:45:25:81:72:4A:80:BB:57:5C:96:2F:3A:D9:65:5C:CC:8F
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:a3:08:cc:71:28:77:5f:59:b9:c2:03:f5:8e:2c:0f:16:e6:
         3f:fc:de:c2:5c:8a:71:90:97:ee:a2:ca:1a:0e:c0:6d:ac:c2:
         88:1d:85:d2:4f:f8:7f:f4:76:64:df:3b:b1:fc:53:c4:8f:6d:
         a0:ec:25:a8:60:16:8c:a0:7a:81:9f:74:52:c1:5d:62:23:cc:
         c9:1b:6c:f1:c6:2b:56:c4:4c:42:b2:95:b2:6a:7c:22:c4:27:
         bd:4e:fb:b9:5c:64:94:5b:5a:14:5a:c5:fe:55:7d:79:62:44:
         d7:74:41:e2:64:0b:94:e3:87:97:26:33:40:ce:f2:9d:27:64:
         76:a4:9b:3b:7a:fe:d2:0f:51:47:03:7b:cf:0b:33:d4:73:a4:
         a0:23:0b:24:e0:a4:dd:7f:5b:8a:d7:f1:6c:01:50:97:52:2c:
         24:28:17:61:b6:f4:9c:9b:82:a2:dd:22:07:f1:0b:a1:62:60:
         4e:0b:18:25:51:f2:7e:a9:b5:10:d5:55:73:fa:bb:2c:ff:68:
         f3:90:08:25:88:f5:c4:7d:fd:e9:a7:08:a1:11:4a:42:25:f4:
         d7:ce:d6:55:1e:7c:4e:b8:24:35:60:4e:7c:8f:2e:bc:ae:6a:
         fc:41:38:65:ae:ee:df:d0:2d:b1:c1:16:ad:fa:ec:d5:3a:c9:
         05:42:38:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYi20t5hpxHM/u9PQhwmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjUxMTA0MTUwMDI1WhcNMjUxMTA1MTUwMDI1WjAzMTEwLwYDVQQD
EyhmZWYwYTI0NTI1ODE3MjRhODBiYjU3NWM5NjJmM2FkOTY1NWNjYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBJqYiEM0fZwkxiP6b/fDBS5GRkV
e3fGZ3AlqZGrKiSyYxKXStErjwV/ng/Gv31kIT9ftDXy832rxLSfgWY/o1fINYCM
cUjRoPnAKejhFfCgYLQ6fT5hi3NUN/aCwh0UXPAlSxGEQCAbqR/2z+UmSVQDwykN
uzNVeKDqlqPiwbHlhWYDE9Jj9QCp2zZXoJ4lI+mUNF+IWEVnhPjOrlZYY4XMgrZS
PL/0he6pivCuGPCRzsF+2de1Iw6INQvk6ja40NIaQoX6Y69jDIbiun0oYN/M2Fzy
SxZxKzNvU23uL91nkKKNGSgREGprrIaKbJAUltp9KgLrHFlS7S4wvyqdhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7wokUlgXJKgLtXXJYvOtllXMyPMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHaMIzHEo
d19ZucID9Y4sDxbmP/zewlyKcZCX7qLKGg7AbazCiB2F0k/4f/R2ZN87sfxTxI9t
oOwlqGAWjKB6gZ90UsFdYiPMyRts8cYrVsRMQrKVsmp8IsQnvU77uVxklFtaFFrF
/lV9eWJE13RB4mQLlOOHlyYzQM7ynSdkdqSbO3r+0g9RRwN7zwsz1HOkoCMLJOCk
3X9bitfxbAFQl1IsJCgXYbb0nJuCot0iB/ELoWJgTgsYJVHyfqm1ENVVc/q7LP9o
85AIJYj1xH396acIoRFKQiX0187WVR58TrgkNWBOfI8uvK5q/EE4Za7u39AtscEW
rfrs1TrJBUI4Sg==
-----END CERTIFICATE-----