Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
File:                     QqjNSXm8XdMbENe3GFDvEurDz7U.mft (raw, json)
Hash identifier:          ns89HM4NJM93XmiSY+K/J216wEQ0UIseOxK0OpN7v4Y=
Subject key identifier:   34:85:B2:56:A8:A4:3F:FF:3E:1F:92:00:64:0C:00:1D:BE:7A:87:9A
Authority key identifier: 42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5
Certificate issuer:       /CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
Certificate serial:       019A4DE201599F6C4CC4F603ABE95213110D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
Manifest number:          0497
Signing time:             Tue 04 Nov 2025 08:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:48 +0000
Files and hashes:         1: QqjNSXm8XdMbENe3GFDvEurDz7U.crl (hash: T2RI9merXCDNLr5u203CmtZiMniB/N1R5E37OANWqm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:01:59:9f:6c:4c:c4:f6:03:ab:e9:52:13:11:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
        Validity
            Not Before: Nov  4 08:00:48 2025 GMT
            Not After : Nov  5 08:00:48 2025 GMT
        Subject: CN=3485b256a8a43fff3e1f9200640c001dbe7a879a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7f:d6:5a:0a:36:75:f7:45:32:74:68:c5:27:
                    7f:24:9e:de:6d:b1:d4:11:2e:28:9d:fd:c3:2d:8d:
                    dc:fc:38:db:38:ad:b6:46:8f:f1:0a:17:fe:ee:53:
                    22:fc:5a:24:07:b7:6d:8e:2f:d1:a8:b5:32:a8:a1:
                    e3:37:0e:8f:3e:48:11:a7:23:c0:4b:20:46:10:44:
                    a7:75:e5:70:33:19:0d:64:b2:e1:70:59:61:ff:66:
                    27:d7:57:16:c1:6f:79:2d:76:08:7c:73:18:82:42:
                    97:5e:3e:64:67:3e:67:5a:79:90:96:ae:9d:00:8c:
                    3d:db:80:3c:52:a5:f0:05:f0:9d:24:0b:e1:ed:e8:
                    9c:c8:06:1e:08:91:92:9d:98:80:f5:2b:68:09:93:
                    2d:a8:76:8c:19:1b:87:4e:1d:83:91:d0:c1:92:f2:
                    a8:d1:6d:39:e2:65:a3:cd:60:23:5e:55:e6:2c:af:
                    5c:22:5e:b7:42:c2:7d:6f:61:72:24:ac:0e:1e:62:
                    49:6c:b1:34:b9:7c:3b:bb:12:85:85:a9:1b:72:2c:
                    79:f5:a4:3b:5b:cb:c5:70:10:fe:a5:76:15:41:e2:
                    c9:ec:c2:3d:f5:5b:e5:1b:e6:24:dc:3b:ef:8a:a3:
                    9f:2f:87:a3:72:be:8e:02:f5:4a:c3:4c:d5:2f:8e:
                    29:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:85:B2:56:A8:A4:3F:FF:3E:1F:92:00:64:0C:00:1D:BE:7A:87:9A
            X509v3 Authority Key Identifier:
                keyid:42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:ef:a6:f8:78:5f:f6:73:88:8e:29:55:02:b9:e2:99:ef:dd:
         48:57:af:75:37:55:4b:74:7b:fe:e9:c3:5e:50:a5:24:bb:32:
         7c:e1:fe:f3:72:76:c8:ff:f2:59:3d:1d:89:17:ec:7a:5c:ca:
         de:a0:f6:ca:b6:e4:4c:24:09:96:82:fc:f0:5c:fb:b2:8f:d7:
         2b:1e:1f:47:2a:77:97:b0:55:a6:17:23:e3:fd:82:15:f0:46:
         08:8c:71:4d:90:d2:fc:10:ff:f5:2c:39:4d:69:a6:88:28:09:
         7b:79:5a:4c:2e:39:34:f6:b3:e5:52:cb:fb:3e:87:6f:73:4b:
         eb:32:94:9a:f2:b3:80:95:9d:d6:6b:18:5c:1d:e9:8f:27:2c:
         7d:eb:2f:ac:05:b7:ca:91:ea:ec:06:6e:2d:b7:ac:86:9c:49:
         9e:09:41:46:a7:0d:73:de:f1:01:3f:aa:ae:2f:93:49:a9:ed:
         ce:8c:c3:f7:40:b1:16:d0:e9:23:e6:45:82:71:6f:c2:24:60:
         be:26:7c:7d:9c:13:64:49:27:da:07:e6:c3:3a:8b:fc:0e:77:
         ad:e5:57:b6:29:59:fe:6d:4d:a7:c3:bd:1e:ed:09:98:38:d0:
         45:bd:fe:93:96:a0:9b:d4:73:60:7d:28:a8:a8:a4:94:54:94:
         90:c0:44:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gFZn2xMxPYDq+lSExENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYThjZDQ5NzliYzVkZDMxYjEwZDdiNzE4NTBlZjEyZWFj
M2NmYjUwHhcNMjUxMTA0MDgwMDQ4WhcNMjUxMTA1MDgwMDQ4WjAzMTEwLwYDVQQD
EygzNDg1YjI1NmE4YTQzZmZmM2UxZjkyMDA2NDBjMDAxZGJlN2E4NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n/WWgo2dfdFMnRoxSd/JJ7ebbHU
ES4onf3DLY3c/DjbOK22Ro/xChf+7lMi/FokB7dtji/RqLUyqKHjNw6PPkgRpyPA
SyBGEESndeVwMxkNZLLhcFlh/2Yn11cWwW95LXYIfHMYgkKXXj5kZz5nWnmQlq6d
AIw924A8UqXwBfCdJAvh7eicyAYeCJGSnZiA9StoCZMtqHaMGRuHTh2DkdDBkvKo
0W054mWjzWAjXlXmLK9cIl63QsJ9b2FyJKwOHmJJbLE0uXw7uxKFhakbcix59aQ7
W8vFcBD+pXYVQeLJ7MI99VvlG+Yk3DvviqOfL4ejcr6OAvVKw0zVL44pTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSFslaopD//Ph+SAGQMAB2+eoeaMB8GA1UdIwQY
MBaAFEKozUl5vF3TGxDXtxhQ7xLqw8+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYt
YmU1YTBmZmI4Y2E1LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYtYmU1YTBmZmI4Y2E1
LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvu+m+Hhf
9nOIjilVArnime/dSFevdTdVS3R7/unDXlClJLsyfOH+83J2yP/yWT0diRfselzK
3qD2yrbkTCQJloL88Fz7so/XKx4fRyp3l7BVphcj4/2CFfBGCIxxTZDS/BD/9Sw5
TWmmiCgJe3laTC45NPaz5VLL+z6Hb3NL6zKUmvKzgJWd1msYXB3pjycsfesvrAW3
ypHq7AZuLbeshpxJnglBRqcNc97xAT+qri+TSantzozD90CxFtDpI+ZFgnFvwiRg
viZ8fZwTZEkn2gfmwzqL/A53reVXtilZ/m1Np8O9Hu0JmDjQRb3+k5agm9RzYH0o
qKiklFSUkMBExQ==
-----END CERTIFICATE-----