Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          e3bt+1KFggSZhfDp2e3mpIurYW3AO1cE1IFNWgMVEfw=
Subject key identifier:   5E:78:42:EC:29:61:FF:C9:05:8A:D7:EA:8B:10:E8:D6:EC:C5:D2:0D
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       019A4F2B3873086F4D0203FCCDB64C534138
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          0576
Signing time:             Tue 04 Nov 2025 14:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:23 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: +nZXWkf/aeZR8E/0N2CFkt4Kirz6wcnyWrxsITs624k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 14:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:38:73:08:6f:4d:02:03:fc:cd:b6:4c:53:41:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Nov  4 14:00:23 2025 GMT
            Not After : Nov  5 14:00:23 2025 GMT
        Subject: CN=5e7842ec2961ffc9058ad7ea8b10e8d6ecc5d20d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:24:fb:19:63:81:48:50:fa:6e:57:3c:67:79:
                    3c:16:1c:44:ab:c0:54:95:47:c2:c0:4e:5d:f0:ca:
                    95:e8:81:72:3b:07:a2:6f:3f:54:01:8f:00:6d:18:
                    bd:d3:40:12:ab:d2:03:3c:9a:8b:fe:17:2e:79:69:
                    4e:2d:08:22:7f:da:29:3c:27:6f:bd:98:87:1f:0e:
                    f9:cd:df:fb:cc:32:f3:98:7e:3d:65:66:ae:d7:a9:
                    7d:05:d0:84:9e:5e:62:4a:17:29:d4:05:d9:df:f9:
                    71:6f:c1:d8:49:ac:2e:fe:38:98:f1:c7:fa:e8:5d:
                    0c:3e:e4:30:38:0a:80:1d:34:9a:51:f9:aa:55:cf:
                    39:01:b1:52:2d:9f:0c:c6:8a:a7:24:cb:be:21:ff:
                    27:88:67:2d:6e:60:ef:d7:24:ee:53:36:8b:86:87:
                    11:ac:2d:ac:c7:f1:b0:55:70:ab:5c:59:9f:76:ea:
                    6b:00:3e:8a:2b:cf:45:5a:f6:75:eb:de:5f:51:eb:
                    27:6a:b5:48:9a:a8:18:b1:27:22:a2:36:23:19:08:
                    99:ee:dc:ad:66:f4:03:31:74:84:cc:20:3e:05:11:
                    22:4e:66:da:04:13:b2:1a:e7:b6:0a:61:7f:e6:50:
                    7e:c3:f3:c7:ce:56:a3:d4:0a:d6:5a:ad:ee:9a:48:
                    f8:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:78:42:EC:29:61:FF:C9:05:8A:D7:EA:8B:10:E8:D6:EC:C5:D2:0D
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:12:ea:32:f0:74:6b:19:d0:93:50:ad:28:68:1e:1e:2a:60:
         b2:38:2f:7a:38:d9:e5:32:eb:83:65:26:e9:ec:c2:5e:dc:b4:
         9d:ac:58:ed:49:3e:8e:73:88:fc:3e:75:35:8c:ce:58:0e:89:
         34:ee:1b:ce:95:52:bb:1b:ca:e5:e5:bd:00:de:d2:95:05:fa:
         15:c6:89:7a:14:53:de:de:14:c3:b3:ac:f1:6b:ca:7b:0a:e8:
         37:1e:12:65:3e:b7:1e:11:46:4d:87:2c:6e:0a:45:87:62:09:
         ef:73:18:5c:88:21:80:30:e0:4f:fa:4d:02:de:24:92:65:64:
         2f:78:87:56:c4:c8:f4:61:a2:9a:0e:23:88:34:50:08:37:f4:
         fa:af:8c:24:93:48:47:0f:5b:f0:51:21:9d:28:7d:e1:9a:4a:
         81:73:f4:10:c2:c6:70:16:8e:71:b9:53:57:b1:98:03:04:21:
         38:30:70:b2:59:6a:4c:20:ac:61:d6:d7:3e:ce:38:91:23:7c:
         3a:7f:63:91:35:66:09:73:a9:64:1d:59:37:6e:4e:2f:56:7c:
         cf:cb:f8:ee:84:be:40:de:ac:38:2a:65:f7:0c:3b:7a:1b:92:
         2d:48:ae:7d:ac:3e:d5:07:44:11:24:fa:ea:fc:71:f7:95:05:
         36:ef:09:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKzhzCG9NAgP8zbZMU0E4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUxMTA0MTQwMDIzWhcNMjUxMTA1MTQwMDIzWjAzMTEwLwYDVQQD
Eyg1ZTc4NDJlYzI5NjFmZmM5MDU4YWQ3ZWE4YjEwZThkNmVjYzVkMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziT7GWOBSFD6blc8Z3k8FhxEq8BU
lUfCwE5d8MqV6IFyOweibz9UAY8AbRi900ASq9IDPJqL/hcueWlOLQgif9opPCdv
vZiHHw75zd/7zDLzmH49ZWau16l9BdCEnl5iShcp1AXZ3/lxb8HYSawu/jiY8cf6
6F0MPuQwOAqAHTSaUfmqVc85AbFSLZ8MxoqnJMu+If8niGctbmDv1yTuUzaLhocR
rC2sx/GwVXCrXFmfduprAD6KK89FWvZ1695fUesnarVImqgYsSciojYjGQiZ7tyt
ZvQDMXSEzCA+BREiTmbaBBOyGue2CmF/5lB+w/PHzlaj1ArWWq3umkj4HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF54QuwpYf/JBYrX6osQ6NbsxdINMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWxLqMvB0
axnQk1CtKGgeHipgsjgvejjZ5TLrg2Um6ezCXty0naxY7Uk+jnOI/D51NYzOWA6J
NO4bzpVSuxvK5eW9AN7SlQX6FcaJehRT3t4Uw7Os8WvKewroNx4SZT63HhFGTYcs
bgpFh2IJ73MYXIghgDDgT/pNAt4kkmVkL3iHVsTI9GGimg4jiDRQCDf0+q+MJJNI
Rw9b8FEhnSh94ZpKgXP0EMLGcBaOcblTV7GYAwQhODBwsllqTCCsYdbXPs44kSN8
On9jkTVmCXOpZB1ZN25OL1Z8z8v47oS+QN6sOCpl9ww7ehuSLUiufaw+1QdEEST6
6vxx95UFNu8Jqg==
-----END CERTIFICATE-----