Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft
File:                     sqvUconMbNnByAJ0KiztUMY0vTs.mft (raw, json)
Hash identifier:          Pk7bhTZ8JHFVeorFaUagS3dPbd6Y2hEjLrZBHJEnneE=
Subject key identifier:   CB:7F:38:33:AC:91:D6:09:1A:92:88:3A:6E:6E:AB:BD:F3:68:0D:0E
Authority key identifier: B2:AB:D4:72:89:CC:6C:D9:C1:C8:02:74:2A:2C:ED:50:C6:34:BD:3B
Certificate issuer:       /CN=b2abd47289cc6cd9c1c802742a2ced50c634bd3b
Certificate serial:       019A4DE16B725077538C294BBC71F3EDA7A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft
Manifest number:          08E0
Signing time:             Tue 04 Nov 2025 08:00:09 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:09 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:09 +0000
Files and hashes:         1: sqvUconMbNnByAJ0KiztUMY0vTs.crl (hash: wtLNWHdNpDXK+GZfjQ00nNxbaavdJITE74oXhtnriu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:6b:72:50:77:53:8c:29:4b:bc:71:f3:ed:a7:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2abd47289cc6cd9c1c802742a2ced50c634bd3b
        Validity
            Not Before: Nov  4 08:00:09 2025 GMT
            Not After : Nov  5 08:00:09 2025 GMT
        Subject: CN=cb7f3833ac91d6091a92883a6e6eabbdf3680d0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f5:56:66:fc:ce:67:13:86:53:d1:d0:89:f6:
                    bf:69:e1:58:c3:80:53:9e:2b:3f:50:f1:bd:54:e5:
                    46:61:f0:c5:65:a0:72:06:2b:af:a5:32:68:e9:95:
                    0b:ef:73:98:70:23:59:74:9d:0a:85:22:a0:31:2f:
                    6a:ba:55:c3:5d:45:3f:d7:1f:fd:d1:33:67:8d:da:
                    3d:a7:e7:93:76:7c:bb:ad:0d:fe:5c:d4:8d:e9:f9:
                    84:ea:fc:ea:78:6c:32:bb:51:08:06:87:be:e6:03:
                    d1:dd:a6:96:5b:f8:85:5b:78:29:67:d2:6d:a7:28:
                    ad:f1:41:be:75:63:7a:98:95:6c:5e:e7:d8:99:99:
                    b4:8b:b0:2c:a7:cc:5f:51:69:06:39:d4:2c:70:0c:
                    68:0c:c2:f3:14:2c:d3:a1:d6:e8:4a:b9:3d:bf:ca:
                    93:da:08:f4:db:4d:e9:d2:f1:5b:f5:38:25:cc:62:
                    d9:34:b5:dd:44:04:bc:6d:1f:59:e0:3a:9d:41:ff:
                    00:02:81:77:34:bd:ed:51:c9:0c:9c:a3:6e:56:bd:
                    33:47:90:5e:9d:cc:a9:30:fb:75:0f:32:3b:99:29:
                    2e:18:12:fe:16:54:b7:91:27:e5:64:03:cd:07:25:
                    8b:4e:4e:6d:06:09:97:52:b6:0b:87:e4:10:8d:36:
                    96:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:7F:38:33:AC:91:D6:09:1A:92:88:3A:6E:6E:AB:BD:F3:68:0D:0E
            X509v3 Authority Key Identifier:
                keyid:B2:AB:D4:72:89:CC:6C:D9:C1:C8:02:74:2A:2C:ED:50:C6:34:BD:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:02:5b:ea:19:74:25:86:15:c1:d1:1e:0e:29:e6:3e:f2:ec:
         9e:a1:41:e6:3a:33:17:30:dc:24:1c:c1:dc:ef:e7:67:f8:ea:
         8d:29:1a:71:23:bc:5b:31:49:bc:fb:72:0a:74:29:17:e4:43:
         35:f3:fd:fe:52:37:7e:eb:ec:05:28:3a:14:d6:19:6c:bc:61:
         ef:c1:76:94:0f:90:b1:5c:70:cf:9d:e7:ca:95:71:d2:19:7b:
         39:2d:7d:69:fd:e6:19:68:72:c2:3e:ec:b5:d0:a2:dd:62:08:
         b3:af:b2:62:cb:0c:83:11:45:be:65:2c:ae:44:c3:95:a8:6e:
         68:d0:cf:1e:99:bf:2b:56:76:77:68:5d:3e:a0:5e:1e:41:30:
         25:1c:68:b3:e0:1d:00:7e:05:1d:d4:e7:76:be:da:a2:24:1f:
         8f:db:a7:7d:b8:5f:df:45:d9:b1:a3:86:35:57:57:2a:c0:0b:
         eb:4e:58:da:76:4f:07:fb:9d:eb:75:c2:ee:a5:16:bf:86:4c:
         93:18:f6:9c:77:2b:1b:ad:f3:91:b8:8e:3d:77:f0:ef:37:68:
         f8:07:56:94:28:a7:87:d3:42:4e:3f:93:d4:9e:0a:69:71:24:
         50:cb:ae:32:48:0e:db:44:ff:90:b1:9d:4e:1b:77:b2:b6:85:
         27:50:55:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4WtyUHdTjClLvHHz7aehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYWJkNDcyODljYzZjZDljMWM4MDI3NDJhMmNlZDUwYzYz
NGJkM2IwHhcNMjUxMTA0MDgwMDA5WhcNMjUxMTA1MDgwMDA5WjAzMTEwLwYDVQQD
EyhjYjdmMzgzM2FjOTFkNjA5MWE5Mjg4M2E2ZTZlYWJiZGYzNjgwZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvVWZvzOZxOGU9HQifa/aeFYw4BT
nis/UPG9VOVGYfDFZaByBiuvpTJo6ZUL73OYcCNZdJ0KhSKgMS9qulXDXUU/1x/9
0TNnjdo9p+eTdny7rQ3+XNSN6fmE6vzqeGwyu1EIBoe+5gPR3aaWW/iFW3gpZ9Jt
pyit8UG+dWN6mJVsXufYmZm0i7Asp8xfUWkGOdQscAxoDMLzFCzTodboSrk9v8qT
2gj0203p0vFb9TglzGLZNLXdRAS8bR9Z4DqdQf8AAoF3NL3tUckMnKNuVr0zR5Be
ncypMPt1DzI7mSkuGBL+FlS3kSflZAPNByWLTk5tBgmXUrYLh+QQjTaWoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt/ODOskdYJGpKIOm5uq73zaA0OMB8GA1UdIwQY
MBaAFLKr1HKJzGzZwcgCdCos7VDGNL07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80YmY0YzUtMDJhYy00MzQ2LWFmYmMt
ZTg3OWE2MDI3OTA3LzEvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80YmY0YzUtMDJhYy00MzQ2LWFmYmMtZTg3OWE2MDI3OTA3
LzEvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGgJb6hl0
JYYVwdEeDinmPvLsnqFB5jozFzDcJBzB3O/nZ/jqjSkacSO8WzFJvPtyCnQpF+RD
NfP9/lI3fuvsBSg6FNYZbLxh78F2lA+QsVxwz53nypVx0hl7OS19af3mGWhywj7s
tdCi3WIIs6+yYssMgxFFvmUsrkTDlahuaNDPHpm/K1Z2d2hdPqBeHkEwJRxos+Ad
AH4FHdTndr7aoiQfj9unfbhf30XZsaOGNVdXKsAL605Y2nZPB/ud63XC7qUWv4ZM
kxj2nHcrG63zkbiOPXfw7zdo+AdWlCinh9NCTj+T1J4KaXEkUMuuMkgO20T/kLGd
Tht3sraFJ1BVnQ==
-----END CERTIFICATE-----