Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          KIDfpjRUfTq0hzhGnC9sJFpwJENUv376Leotl59ksbk=
Subject key identifier:   75:FF:5E:1C:43:65:CF:73:DB:6C:D6:5C:27:34:27:55:94:21:00:19
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       019A4DE209B3B4F79CAAED3CA9929F8E74EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          142D
Signing time:             Tue 04 Nov 2025 08:00:50 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:50 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:50 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: e+sMRv+8DPoGmN59B4ruzB9eKMDFUiTdbqNs3vN3uN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:09:b3:b4:f7:9c:aa:ed:3c:a9:92:9f:8e:74:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Nov  4 08:00:50 2025 GMT
            Not After : Nov  5 08:00:50 2025 GMT
        Subject: CN=75ff5e1c4365cf73db6cd65c2734275594210019
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:37:e8:6d:31:5b:3d:31:d4:f8:36:b0:9e:8c:
                    75:2f:40:02:50:a1:33:fc:44:f9:04:53:f0:74:57:
                    0b:47:cc:71:fa:1a:65:e9:be:df:0d:52:a9:c4:d0:
                    8f:6c:e1:58:4d:89:8a:24:db:df:fc:f1:3f:29:90:
                    cc:ab:77:6f:10:14:59:8e:0e:1d:3a:88:55:73:6e:
                    3c:32:07:9d:eb:e6:f5:fc:b3:0b:47:2d:79:8b:48:
                    b0:d5:b5:4a:84:7d:dd:ee:51:b5:4f:6c:7d:64:c0:
                    e2:61:13:ab:83:00:c6:d2:18:53:95:5e:71:9d:0d:
                    4a:65:a9:0d:96:ae:7f:78:28:26:ab:f1:22:9a:65:
                    0a:f3:59:1f:c1:dd:4e:df:5d:d8:32:f4:6f:a3:4c:
                    15:a5:d1:f1:18:f7:a3:fa:c8:8c:69:97:ce:8e:4e:
                    62:1a:6c:18:c9:c7:de:df:29:c5:5a:03:13:6f:21:
                    84:c8:1b:cc:80:e2:b0:e0:e9:4e:48:42:90:71:5f:
                    35:ce:c9:93:f6:ed:af:7e:2d:ff:03:a6:2e:fb:52:
                    95:20:63:3e:b0:45:e2:4b:5a:12:3a:de:9d:8b:65:
                    c2:ca:bf:b1:69:d6:c2:1b:c4:d0:fa:c9:53:f5:6c:
                    1f:00:ba:05:62:0d:19:34:39:9f:a7:84:9c:87:50:
                    2a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:FF:5E:1C:43:65:CF:73:DB:6C:D6:5C:27:34:27:55:94:21:00:19
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:eb:9f:d3:86:4b:f2:06:af:5b:1b:b3:aa:de:eb:fa:e5:95:
         fe:83:75:fb:cc:28:c1:4b:33:9b:95:8f:2c:cd:d1:bd:91:21:
         75:6b:c5:66:34:6a:d1:1a:b5:dc:3b:50:71:00:aa:5a:41:52:
         cf:88:4a:73:8f:af:8e:8e:ef:57:e1:44:ed:30:ae:5b:90:01:
         d2:e1:31:19:33:b2:5c:c1:c2:3a:22:4e:a4:b3:c9:41:90:8a:
         f0:7f:cc:c9:a2:4e:33:24:e2:6f:56:0b:00:07:66:61:50:de:
         f8:69:68:76:e2:7e:9a:9c:71:8b:6c:ab:0d:18:c8:ad:9e:b8:
         e1:53:d9:17:a8:9b:00:6a:48:4c:30:12:e3:59:31:c2:f5:ce:
         86:08:90:34:1d:14:80:b2:69:f9:84:05:bf:f0:c7:28:78:50:
         94:65:53:bc:83:20:2f:e2:5e:bd:90:d3:4f:48:b8:1a:ab:0d:
         80:76:fe:95:39:0b:17:8b:5a:a4:b2:2b:ec:ab:c5:ac:80:5c:
         54:6e:a0:b9:4b:00:fd:82:68:96:ea:72:31:63:f8:23:00:15:
         f1:32:01:ff:3f:90:8c:68:43:86:56:e6:30:f7:4c:c8:74:d9:
         4a:f2:19:43:cb:55:b5:18:47:c1:8c:ae:00:c5:ed:35:40:25:
         3f:75:d4:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gmztPecqu08qZKfjnTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjUxMTA0MDgwMDUwWhcNMjUxMTA1MDgwMDUwWjAzMTEwLwYDVQQD
Eyg3NWZmNWUxYzQzNjVjZjczZGI2Y2Q2NWMyNzM0Mjc1NTk0MjEwMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDfobTFbPTHU+Dawnox1L0ACUKEz
/ET5BFPwdFcLR8xx+hpl6b7fDVKpxNCPbOFYTYmKJNvf/PE/KZDMq3dvEBRZjg4d
OohVc248Mged6+b1/LMLRy15i0iw1bVKhH3d7lG1T2x9ZMDiYROrgwDG0hhTlV5x
nQ1KZakNlq5/eCgmq/EimmUK81kfwd1O313YMvRvo0wVpdHxGPej+siMaZfOjk5i
GmwYycfe3ynFWgMTbyGEyBvMgOKw4OlOSEKQcV81zsmT9u2vfi3/A6Yu+1KVIGM+
sEXiS1oSOt6di2XCyr+xadbCG8TQ+slT9WwfALoFYg0ZNDmfp4Sch1AqAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHX/XhxDZc9z22zWXCc0J1WUIQAZMB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYeuf04ZL
8gavWxuzqt7r+uWV/oN1+8wowUszm5WPLM3RvZEhdWvFZjRq0Rq13DtQcQCqWkFS
z4hKc4+vjo7vV+FE7TCuW5AB0uExGTOyXMHCOiJOpLPJQZCK8H/MyaJOMyTib1YL
AAdmYVDe+GloduJ+mpxxi2yrDRjIrZ644VPZF6ibAGpITDAS41kxwvXOhgiQNB0U
gLJp+YQFv/DHKHhQlGVTvIMgL+JevZDTT0i4GqsNgHb+lTkLF4tapLIr7KvFrIBc
VG6guUsA/YJolupyMWP4IwAV8TIB/z+QjGhDhlbmMPdMyHTZSvIZQ8tVtRhHwYyu
AMXtNUAlP3XUzQ==
-----END CERTIFICATE-----