Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          zpYKGFwOlZ2FKxu8UvMT1lZxm2C1IieSaCM4qeOM52g=
Subject key identifier:   EA:83:63:C7:6D:26:A2:87:75:AE:CB:5C:6B:70:19:11:F4:AE:1E:2B
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       019A4EF52AEA732E8C1D630E944A324C3CB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 13:01:21 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:21 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:21 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: 2Rw6bURf2a5ZmncCxXw+RHN6gi2/hf173t5cW4VX4Ic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:2a:ea:73:2e:8c:1d:63:0e:94:4a:32:4c:3c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Nov  4 13:01:21 2025 GMT
            Not After : Nov  5 13:01:21 2025 GMT
        Subject: CN=ea8363c76d26a28775aecb5c6b701911f4ae1e2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:77:6d:d6:53:62:eb:a5:c4:29:74:04:99:ee:
                    2d:10:14:1b:53:f7:09:6d:56:e4:e3:6b:77:f0:88:
                    4a:a9:3e:62:80:ae:92:bc:64:02:f7:9d:82:1e:13:
                    ee:c4:ed:a0:81:07:38:86:81:6c:b3:40:81:91:c0:
                    c5:ce:88:14:8a:de:a0:05:bf:9b:e3:a8:56:d2:80:
                    6f:cc:0a:f4:f2:67:9c:47:e5:c6:48:bd:0e:0d:50:
                    34:bf:b4:67:b0:d2:70:b8:cc:b1:3c:d9:16:65:d1:
                    cd:5d:c8:9e:ff:d3:7d:09:08:fa:61:86:9f:07:f7:
                    39:1d:54:20:7d:36:12:45:5a:dc:32:6b:ca:a5:72:
                    de:79:e0:97:12:d1:50:23:20:bc:ad:63:44:6c:1d:
                    48:59:62:fb:00:2f:37:1c:6d:dd:38:60:77:97:6d:
                    8d:85:cc:58:60:be:e9:b0:01:e5:d4:29:6a:b8:4b:
                    f5:a4:b5:d6:da:05:5e:ee:52:f2:83:76:9d:38:31:
                    38:64:64:6d:4e:6f:2b:f8:44:ca:a6:da:99:7a:38:
                    dc:b3:0a:30:e7:c2:29:8e:15:ef:c2:31:38:9d:f5:
                    16:f8:d7:2a:36:e7:9e:ca:e2:a9:c9:e9:2f:24:9c:
                    35:30:d1:a8:70:1b:aa:f6:e9:e7:62:89:45:e6:8a:
                    91:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:83:63:C7:6D:26:A2:87:75:AE:CB:5C:6B:70:19:11:F4:AE:1E:2B
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:db:5e:09:3b:bf:2e:91:98:7e:a4:e8:7a:e9:d4:56:e6:9a:
         c0:74:93:75:ab:03:08:8e:07:e1:66:27:13:e2:e7:7d:d4:30:
         7a:76:88:b4:2a:92:7d:34:7c:2c:aa:27:bc:2e:9b:03:01:79:
         a8:25:3e:77:07:77:46:0a:59:e5:b2:76:1e:0a:13:66:31:ce:
         f6:6b:1d:03:2f:4e:1b:a7:a7:28:a9:7d:3c:f3:59:84:8e:fd:
         ea:e3:7c:46:4b:c9:27:82:d7:73:bc:aa:de:95:50:cf:0d:b4:
         bb:92:17:db:d3:57:c9:31:ad:6a:dd:80:f0:22:e9:87:ec:f7:
         91:11:cf:dd:27:c8:c6:47:7f:cf:6b:ef:90:28:36:b0:1f:a8:
         aa:9c:55:25:20:6b:1d:9b:c4:21:b1:87:84:94:83:07:48:cd:
         90:b1:5f:e1:fe:07:d4:6a:1c:00:44:ae:85:bd:ad:46:7f:26:
         61:57:d3:55:16:d9:31:75:c4:e0:cd:e8:dc:3d:64:d1:ee:73:
         b9:78:16:da:5a:b0:37:68:a0:e9:ba:e8:e6:e4:e1:3c:ce:cf:
         62:3e:7f:66:21:83:d3:67:a0:3d:55:4d:4d:e1:1e:0f:69:15:
         e9:d3:2e:1a:09:be:db:66:1a:f9:a9:94:67:01:5a:cc:3b:38:
         ed:bc:06:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Srqcy6MHWMOlEoyTDy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUxMTA0MTMwMTIxWhcNMjUxMTA1MTMwMTIxWjAzMTEwLwYDVQQD
EyhlYTgzNjNjNzZkMjZhMjg3NzVhZWNiNWM2YjcwMTkxMWY0YWUxZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXdt1lNi66XEKXQEme4tEBQbU/cJ
bVbk42t38IhKqT5igK6SvGQC952CHhPuxO2ggQc4hoFss0CBkcDFzogUit6gBb+b
46hW0oBvzAr08mecR+XGSL0ODVA0v7RnsNJwuMyxPNkWZdHNXcie/9N9CQj6YYaf
B/c5HVQgfTYSRVrcMmvKpXLeeeCXEtFQIyC8rWNEbB1IWWL7AC83HG3dOGB3l22N
hcxYYL7psAHl1ClquEv1pLXW2gVe7lLyg3adODE4ZGRtTm8r+ETKptqZejjcswow
58IpjhXvwjE4nfUW+NcqNueeyuKpyekvJJw1MNGocBuq9unnYolF5oqR6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqDY8dtJqKHda7LXGtwGRH0rh4rMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEtteCTu/
LpGYfqToeunUVuaawHSTdasDCI4H4WYnE+LnfdQwenaItCqSfTR8LKonvC6bAwF5
qCU+dwd3RgpZ5bJ2HgoTZjHO9msdAy9OG6enKKl9PPNZhI796uN8RkvJJ4LXc7yq
3pVQzw20u5IX29NXyTGtat2A8CLph+z3kRHP3SfIxkd/z2vvkCg2sB+oqpxVJSBr
HZvEIbGHhJSDB0jNkLFf4f4H1GocAESuhb2tRn8mYVfTVRbZMXXE4M3o3D1k0e5z
uXgW2lqwN2ig6bro5uThPM7PYj5/ZiGD02egPVVNTeEeD2kV6dMuGgm+22Ya+amU
ZwFazDs47bwGJw==
-----END CERTIFICATE-----