Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          hx7mIGYPdUJ0DAMw6a8ElGURwZ9+TpmHHwqH6m0nzCw=
Subject key identifier:   E9:F7:49:BF:2B:DF:BD:49:6F:65:AB:E2:D8:AF:02:39:BD:66:9D:6B
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       019A4EF4CAC212D8FFA73EFC0989AB39F2EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          081C
Signing time:             Tue 04 Nov 2025 13:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:56 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: Yus3z2R6j6vjTM1zonWJovBiJPilknyDs/Ru90iCUjo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:ca:c2:12:d8:ff:a7:3e:fc:09:89:ab:39:f2:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Nov  4 13:00:56 2025 GMT
            Not After : Nov  5 13:00:56 2025 GMT
        Subject: CN=e9f749bf2bdfbd496f65abe2d8af0239bd669d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d3:6e:19:03:31:ca:2b:b4:30:47:7c:3d:dd:
                    48:a1:91:4c:b2:2b:c0:5e:8d:ff:d6:cb:f5:55:c7:
                    d2:ba:5f:a0:76:db:96:5e:85:58:0c:8f:f7:3c:91:
                    aa:42:bf:f8:a6:ba:b8:3d:4d:ae:08:a9:1b:02:2e:
                    84:ba:7a:2e:a6:93:de:ba:3c:3c:41:f9:cf:0a:75:
                    bd:16:39:2f:6c:39:c4:0d:d8:28:3c:94:8e:bd:13:
                    75:28:52:2d:08:43:22:a4:da:a2:bf:f0:1d:dd:a2:
                    b6:18:84:e9:ca:0e:2d:8b:4a:eb:e2:f7:de:93:ff:
                    79:cc:45:3d:8a:71:58:0a:7b:de:bd:af:06:b3:99:
                    65:1d:d7:45:f7:94:6e:66:87:c7:e7:a3:05:fd:05:
                    e8:d8:53:24:3b:d5:82:f7:f5:60:05:8d:05:a4:f7:
                    8a:ee:07:57:8e:74:0a:d0:06:79:56:fb:21:a6:c2:
                    ab:00:45:c8:2a:75:c3:0c:91:58:55:83:e5:17:11:
                    21:c6:7b:c8:f1:e7:6d:65:d5:60:c7:2e:89:f0:bb:
                    a3:1a:c8:8c:c7:ef:29:14:8a:84:22:69:96:ea:f8:
                    1b:46:6b:e6:cb:f3:03:9d:bb:1f:60:66:12:24:dd:
                    a0:41:9b:1d:d4:27:00:90:1f:df:58:e0:9c:f6:93:
                    5a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:F7:49:BF:2B:DF:BD:49:6F:65:AB:E2:D8:AF:02:39:BD:66:9D:6B
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:3f:c8:34:d2:7f:ea:a9:eb:ba:ff:9f:25:86:ed:bd:17:fa:
         24:82:d7:da:b9:a5:17:9b:c6:c2:9a:5e:08:02:03:24:e3:b5:
         0f:b1:79:fb:9c:d6:44:d3:89:1f:7b:72:6d:c7:bd:a9:21:11:
         7c:ba:3c:52:ad:59:9b:3b:e3:26:85:b4:ff:7c:bb:b1:d6:fb:
         ff:9c:07:22:77:46:94:73:83:6c:43:92:23:aa:86:88:44:26:
         fe:80:5f:45:f7:d0:b0:38:a6:4e:42:9d:1a:aa:ee:f2:e2:0c:
         4c:a0:2c:bc:cc:d5:a3:d5:99:bb:e8:9a:d4:d7:8b:a5:96:9b:
         55:29:86:0d:9a:3a:6c:24:b8:fc:7c:45:0a:27:98:c8:57:dc:
         22:0c:7e:68:5c:34:81:1d:fe:81:cc:fc:4b:ab:8d:2c:7b:36:
         2c:3a:0a:d2:cf:69:56:74:5e:d4:9d:e4:8f:76:fb:24:87:21:
         d4:3f:cd:0c:50:f9:71:a8:78:25:a2:89:b1:a5:16:e7:74:ad:
         81:3c:c7:00:0e:62:13:09:e4:7c:0c:d4:09:bc:86:77:1c:53:
         53:72:64:ee:bb:85:72:47:52:f4:0d:58:00:a5:0b:53:ee:99:
         52:04:ea:ff:16:38:87:7a:00:c8:f9:b1:40:26:1d:63:fe:57:
         14:76:d8:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9MrCEtj/pz78CYmrOfLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUxMTA0MTMwMDU2WhcNMjUxMTA1MTMwMDU2WjAzMTEwLwYDVQQD
EyhlOWY3NDliZjJiZGZiZDQ5NmY2NWFiZTJkOGFmMDIzOWJkNjY5ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NNuGQMxyiu0MEd8Pd1IoZFMsivA
Xo3/1sv1VcfSul+gdtuWXoVYDI/3PJGqQr/4prq4PU2uCKkbAi6EunouppPeujw8
QfnPCnW9FjkvbDnEDdgoPJSOvRN1KFItCEMipNqiv/Ad3aK2GITpyg4ti0rr4vfe
k/95zEU9inFYCnveva8Gs5llHddF95RuZofH56MF/QXo2FMkO9WC9/VgBY0FpPeK
7gdXjnQK0AZ5VvshpsKrAEXIKnXDDJFYVYPlFxEhxnvI8edtZdVgxy6J8LujGsiM
x+8pFIqEImmW6vgbRmvmy/MDnbsfYGYSJN2gQZsd1CcAkB/fWOCc9pNaaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOn3Sb8r371Jb2Wr4tivAjm9Zp1rMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOT/INNJ/
6qnruv+fJYbtvRf6JILX2rmlF5vGwppeCAIDJOO1D7F5+5zWRNOJH3tybce9qSER
fLo8Uq1ZmzvjJoW0/3y7sdb7/5wHIndGlHODbEOSI6qGiEQm/oBfRffQsDimTkKd
Gqru8uIMTKAsvMzVo9WZu+ia1NeLpZabVSmGDZo6bCS4/HxFCieYyFfcIgx+aFw0
gR3+gcz8S6uNLHs2LDoK0s9pVnRe1J3kj3b7JIch1D/NDFD5cah4JaKJsaUW53St
gTzHAA5iEwnkfAzUCbyGdxxTU3Jk7ruFckdS9A1YAKULU+6ZUgTq/xY4h3oAyPmx
QCYdY/5XFHbYyw==
-----END CERTIFICATE-----