Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          rpZWeo/5nT3PrAnP1y8emmCl23PBwrr3ChYCS1jm4xE=
Subject key identifier:   FF:61:54:46:F3:AF:83:A3:58:2A:ED:32:8D:6F:F0:F0:4D:C7:B8:52
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       019A4D068BA94E13702BE844DBB9C1BD0159
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          07A8
Signing time:             Tue 04 Nov 2025 04:01:05 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:05 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:05 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: h/7fNVPFgtfYBikPQJKiBvTOaaUKvWpjqQebxveBIlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:8b:a9:4e:13:70:2b:e8:44:db:b9:c1:bd:01:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Nov  4 04:01:05 2025 GMT
            Not After : Nov  5 04:01:05 2025 GMT
        Subject: CN=ff615446f3af83a3582aed328d6ff0f04dc7b852
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:27:e6:bb:32:39:c5:88:26:18:1d:5f:93:20:
                    ac:1e:44:56:ba:bb:a4:07:b8:f0:8b:f9:43:ac:27:
                    91:fe:c9:6f:6c:49:45:86:93:25:40:e3:cf:94:e0:
                    13:ba:82:19:24:66:fd:0f:2a:a1:91:3b:c1:17:09:
                    a5:0e:dd:f2:c0:36:78:90:e7:33:59:b3:53:54:e0:
                    25:a0:de:31:7d:85:67:5e:2b:15:22:f5:5d:08:32:
                    48:20:f4:e7:d6:02:2e:2a:d7:08:31:59:25:77:2b:
                    a9:24:f8:3c:dc:bb:3c:fa:ac:90:42:c1:ae:c8:da:
                    38:89:bc:81:69:ff:28:7b:c6:64:3c:60:59:bb:f5:
                    e4:a2:9c:25:ea:48:12:69:cd:de:4d:b8:44:97:38:
                    19:c8:be:22:9f:07:63:21:93:7c:69:f9:fd:da:d4:
                    2d:88:e2:d7:2f:28:1a:5a:2d:2f:a4:b7:7e:2a:10:
                    8b:6b:f0:10:16:54:e9:4f:81:fd:f6:d1:05:7b:70:
                    32:23:5b:fa:d9:a4:29:f5:a1:41:08:ec:7b:09:3a:
                    8b:b6:f2:e3:d2:53:d5:91:98:b9:15:7d:89:15:14:
                    0e:86:53:09:8a:1b:4d:04:04:ce:f7:16:e1:89:80:
                    f0:7a:65:3d:6f:db:8d:07:88:9f:e5:2f:cd:f9:30:
                    4b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:61:54:46:F3:AF:83:A3:58:2A:ED:32:8D:6F:F0:F0:4D:C7:B8:52
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:4a:16:93:1b:ad:85:5c:aa:e3:e6:14:ce:5b:e6:c6:f6:2c:
         4b:34:23:60:0c:c2:15:30:2f:6a:50:7d:c1:e3:97:93:b3:ba:
         ff:cc:b4:dd:7a:37:66:9a:14:11:b4:d9:e0:b8:8c:2c:24:fb:
         07:e7:c2:31:f0:5f:85:9e:f7:ce:13:2a:d6:70:28:e4:3b:ad:
         b2:ef:4e:04:ec:cd:41:98:7d:f7:fa:19:67:f0:38:66:ae:97:
         9e:7e:dd:b0:92:0e:86:4f:d8:86:ba:ef:16:37:d2:f9:42:81:
         82:54:9d:18:b8:af:09:c9:05:38:bb:40:ed:3f:2e:72:ab:33:
         9a:92:bf:ba:85:73:9a:99:25:70:f6:ed:2a:1c:3a:53:72:b4:
         d9:a9:90:26:73:17:b1:a5:5d:63:67:c3:55:9d:be:97:68:98:
         16:1f:d9:d4:4b:70:43:19:b2:1c:ec:bc:48:bc:3d:c3:6e:4b:
         06:35:f6:36:91:ae:5e:6d:b0:6b:ab:d6:d5:02:e0:5e:32:1f:
         e6:70:7e:c6:ec:59:7f:21:49:04:3b:47:bd:ed:4d:be:f6:95:
         dd:d6:1d:f4:38:8e:ec:ba:21:45:0a:7d:c6:2b:6a:40:fa:f9:
         da:e1:26:a6:fb:b1:cb:ce:21:18:3c:4b:dd:50:20:98:36:9c:
         c1:13:7a:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBoupThNwK+hE27nBvQFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUxMTA0MDQwMTA1WhcNMjUxMTA1MDQwMTA1WjAzMTEwLwYDVQQD
EyhmZjYxNTQ0NmYzYWY4M2EzNTgyYWVkMzI4ZDZmZjBmMDRkYzdiODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCfmuzI5xYgmGB1fkyCsHkRWuruk
B7jwi/lDrCeR/slvbElFhpMlQOPPlOATuoIZJGb9DyqhkTvBFwmlDt3ywDZ4kOcz
WbNTVOAloN4xfYVnXisVIvVdCDJIIPTn1gIuKtcIMVkldyupJPg83Ls8+qyQQsGu
yNo4ibyBaf8oe8ZkPGBZu/Xkopwl6kgSac3eTbhElzgZyL4inwdjIZN8afn92tQt
iOLXLygaWi0vpLd+KhCLa/AQFlTpT4H99tEFe3AyI1v62aQp9aFBCOx7CTqLtvLj
0lPVkZi5FX2JFRQOhlMJihtNBATO9xbhiYDwemU9b9uNB4if5S/N+TBLiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9hVEbzr4OjWCrtMo1v8PBNx7hSMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEoWkxut
hVyq4+YUzlvmxvYsSzQjYAzCFTAvalB9weOXk7O6/8y03Xo3ZpoUEbTZ4LiMLCT7
B+fCMfBfhZ73zhMq1nAo5Dutsu9OBOzNQZh99/oZZ/A4Zq6Xnn7dsJIOhk/Yhrrv
FjfS+UKBglSdGLivCckFOLtA7T8ucqszmpK/uoVzmpklcPbtKhw6U3K02amQJnMX
saVdY2fDVZ2+l2iYFh/Z1EtwQxmyHOy8SLw9w25LBjX2NpGuXm2wa6vW1QLgXjIf
5nB+xuxZfyFJBDtHve1NvvaV3dYd9DiO7LohRQp9xitqQPr52uEmpvuxy84hGDxL
3VAgmDacwRN6wA==
-----END CERTIFICATE-----