Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          IgKQntJJ/iMWFt0o4E+KKeB6/CVnFGsyJ9WCOZGVAPY=
Subject key identifier:   28:F1:71:4C:F8:09:AB:09:85:D8:42:6D:2E:20:CF:13:A3:74:51:72
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       019A5187979AA33353157AB73869ED1C9DDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          170A
Signing time:             Wed 05 Nov 2025 01:00:31 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:31 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:31 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: f0LPlMsy9j8eEPxnRFFl/KaWZryDmh/AXwLq1O+AAFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:97:9a:a3:33:53:15:7a:b7:38:69:ed:1c:9d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Nov  5 01:00:31 2025 GMT
            Not After : Nov  6 01:00:31 2025 GMT
        Subject: CN=28f1714cf809ab0985d8426d2e20cf13a3745172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:cd:3f:87:b6:1b:7f:ba:71:49:6b:76:a3:ad:
                    e1:69:44:32:45:65:72:40:84:1b:38:b2:55:9c:74:
                    20:27:28:02:b0:32:e2:97:01:d1:0d:95:3e:6d:63:
                    1f:b6:d6:37:95:ac:1b:32:be:a5:da:c4:97:31:5d:
                    e7:d4:63:7c:22:8d:0e:5a:36:15:22:26:76:5f:1a:
                    22:c3:5e:da:af:0a:af:37:c6:cb:75:a2:b1:fa:db:
                    19:ef:00:b4:a2:0d:0c:17:78:08:ac:0f:c3:99:98:
                    dc:a7:c9:c4:07:04:71:10:40:50:ac:d7:64:8e:1b:
                    3e:81:78:13:12:a5:d6:0b:e8:2c:d4:5a:35:bf:63:
                    7f:79:42:4e:9b:63:2d:5b:58:fb:03:b7:06:42:08:
                    d9:78:3e:6c:5e:ca:50:cb:e4:3a:38:e6:08:62:55:
                    e5:0a:bc:a6:82:af:4d:75:ae:8d:85:14:cc:f8:b6:
                    bc:06:47:42:7d:84:67:88:2d:8c:4e:e0:df:c7:71:
                    11:68:04:0e:18:37:5c:db:a7:72:06:5b:32:c4:6d:
                    8d:8b:51:65:8e:64:02:27:59:92:3c:4e:7b:e0:b6:
                    68:41:c7:4c:2b:18:5a:0f:b1:df:58:cb:8a:c2:4e:
                    ec:af:e7:6b:75:56:b2:4b:0b:22:ef:aa:64:af:09:
                    90:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F1:71:4C:F8:09:AB:09:85:D8:42:6D:2E:20:CF:13:A3:74:51:72
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:47:fb:2a:73:5a:52:fb:93:77:e4:bd:9d:2c:1d:ee:a2:85:
         41:17:a6:e7:61:cf:ac:f5:26:e0:3d:6b:dc:27:1c:ea:fa:18:
         13:b3:a2:0e:41:9f:2c:db:fc:40:86:3a:30:67:15:86:f0:4b:
         62:e7:9b:c4:0d:92:1f:74:ce:f8:17:d6:e6:f0:56:f9:92:3f:
         ef:bf:9b:46:67:e4:80:e0:75:95:27:e3:40:99:85:51:2e:e6:
         2e:bb:ab:39:7b:6a:65:49:c3:91:30:e6:1b:fd:9e:f2:d1:11:
         90:ab:1f:56:1f:78:da:f2:6c:22:bb:ff:38:b1:57:1d:c7:33:
         e2:83:ec:fa:c2:61:2b:e5:4b:c4:be:8b:d7:bc:76:37:3e:ee:
         95:06:5a:68:0e:b8:c5:a1:af:7d:15:ce:1b:16:76:4f:22:70:
         39:cb:29:a1:04:0d:3f:0b:64:ca:ec:a5:5f:aa:2d:aa:36:96:
         0c:59:dc:79:58:3c:e3:b1:b4:fe:4d:4a:f9:51:7c:ef:4b:39:
         dd:e4:cd:a9:ac:83:a3:80:cc:e4:ff:23:55:56:1b:16:0c:07:
         7d:49:a6:3c:0b:31:b4:bb:74:d4:80:38:62:1a:b5:00:29:a4:
         44:23:36:5d:cf:37:1b:ac:c2:84:83:66:8d:7b:0f:e1:ef:5a:
         1d:56:33:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh5eaozNTFXq3OGntHJ3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUxMTA1MDEwMDMxWhcNMjUxMTA2MDEwMDMxWjAzMTEwLwYDVQQD
EygyOGYxNzE0Y2Y4MDlhYjA5ODVkODQyNmQyZTIwY2YxM2EzNzQ1MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM0/h7Ybf7pxSWt2o63haUQyRWVy
QIQbOLJVnHQgJygCsDLilwHRDZU+bWMfttY3lawbMr6l2sSXMV3n1GN8Io0OWjYV
IiZ2Xxoiw17arwqvN8bLdaKx+tsZ7wC0og0MF3gIrA/DmZjcp8nEBwRxEEBQrNdk
jhs+gXgTEqXWC+gs1Fo1v2N/eUJOm2MtW1j7A7cGQgjZeD5sXspQy+Q6OOYIYlXl
Crymgq9Nda6NhRTM+La8BkdCfYRniC2MTuDfx3ERaAQOGDdc26dyBlsyxG2Ni1Fl
jmQCJ1mSPE574LZoQcdMKxhaD7HfWMuKwk7sr+drdVaySwsi76pkrwmQEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjxcUz4CasJhdhCbS4gzxOjdFFyMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcEf7KnNa
UvuTd+S9nSwd7qKFQRem52HPrPUm4D1r3Ccc6voYE7OiDkGfLNv8QIY6MGcVhvBL
YuebxA2SH3TO+BfW5vBW+ZI/77+bRmfkgOB1lSfjQJmFUS7mLrurOXtqZUnDkTDm
G/2e8tERkKsfVh942vJsIrv/OLFXHccz4oPs+sJhK+VLxL6L17x2Nz7ulQZaaA64
xaGvfRXOGxZ2TyJwOcspoQQNPwtkyuylX6otqjaWDFnceVg847G0/k1K+VF870s5
3eTNqayDo4DM5P8jVVYbFgwHfUmmPAsxtLt01IA4Yhq1ACmkRCM2Xc83G6zChINm
jXsP4e9aHVYz8A==
-----END CERTIFICATE-----