Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          n66DGEodkS5J+qrWRrJxv9Vcxdu4PoZ6/RtkIghX05s=
Subject key identifier:   2E:FD:DF:97:C5:79:C8:B3:E6:BC:9F:9A:8B:DD:F2:BF:57:42:6E:2B
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       019A50E3E298D2DA02AFC347910D6757CD70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          12F5
Signing time:             Tue 04 Nov 2025 22:01:43 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:43 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:43 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: LW2s3DQlfbG8aeYmSk25XB7Hdf8AoyhfRlOgxD0PBvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:e2:98:d2:da:02:af:c3:47:91:0d:67:57:cd:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Nov  4 22:01:43 2025 GMT
            Not After : Nov  5 22:01:43 2025 GMT
        Subject: CN=2efddf97c579c8b3e6bc9f9a8bddf2bf57426e2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a6:dd:f6:6d:77:8c:5f:c8:fb:7d:6b:1b:e8:
                    5c:5c:52:b3:e9:c2:3b:b3:35:71:cf:2f:c3:f0:7f:
                    11:e1:32:10:87:b3:02:82:5c:62:ab:98:89:70:34:
                    8d:5c:71:2f:f8:7d:ca:01:28:19:2b:cd:12:c7:de:
                    f9:06:db:4e:04:34:40:11:27:ab:5d:6d:c9:57:b1:
                    58:d3:8d:96:9e:2b:93:53:b7:3f:31:23:9e:2c:81:
                    6b:08:19:bf:46:c3:ab:d5:de:2e:1b:75:e1:6f:b8:
                    46:e3:cf:06:2c:f1:5e:66:1a:59:6d:bd:98:5b:66:
                    6d:c9:9f:23:70:3d:c7:7d:57:b1:a2:32:90:e7:40:
                    67:ae:76:45:9c:b3:ce:4c:b4:bc:53:ec:57:23:d9:
                    b1:13:d1:f7:50:39:48:7c:e3:48:f6:72:27:55:62:
                    cf:6b:f6:a2:ab:5f:5a:95:b7:19:1d:54:07:48:ce:
                    bd:8b:72:35:e9:4c:a2:04:ae:5e:0a:29:70:37:4b:
                    33:89:84:84:16:b2:5c:90:f2:79:53:fc:65:15:20:
                    14:a0:36:7b:62:aa:3d:a3:2e:b8:ba:d6:23:a3:f3:
                    80:1d:98:e7:f0:76:79:25:b2:9a:03:88:1a:36:ea:
                    57:6a:a4:49:7d:0e:1a:cc:1c:4b:48:93:b0:8a:b2:
                    cc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:FD:DF:97:C5:79:C8:B3:E6:BC:9F:9A:8B:DD:F2:BF:57:42:6E:2B
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:93:ea:cf:de:81:91:e6:7e:9c:62:67:51:0d:f3:20:90:10:
         a6:6e:d6:65:20:51:d0:da:80:97:f2:dd:2d:9d:c8:5b:72:70:
         d5:02:5e:9e:d7:0a:76:ff:1a:ba:0f:1f:2a:3a:6b:01:de:be:
         65:24:48:95:70:be:51:3b:82:cf:a1:e1:ea:47:27:12:40:fd:
         23:ad:59:28:90:cf:06:38:7f:10:3a:bf:78:8b:82:69:80:58:
         32:69:68:27:e8:a8:2b:ab:b7:99:8a:3f:b2:fc:16:17:e1:f1:
         5d:11:e0:be:17:e5:b4:56:1c:9d:b9:54:45:58:d6:f1:4d:be:
         39:fb:f5:22:74:83:2f:4f:56:0d:1f:1a:15:ba:e1:4b:8d:5e:
         c2:bf:2c:ee:21:5b:bd:6b:f4:f5:00:4a:2b:6f:10:59:21:53:
         a2:7b:26:f9:78:ce:4c:30:9a:f7:9e:3e:41:b1:3d:cc:3e:b4:
         3e:44:33:4c:df:a5:05:47:d7:48:73:9a:c6:88:d9:48:18:b6:
         1c:d3:28:81:41:d0:8f:87:03:c3:cd:4f:d2:19:64:ad:96:c2:
         db:1d:99:b3:24:58:22:b0:a8:dd:e3:ae:ce:15:f4:b0:34:3b:
         e0:33:14:3a:cb:65:c2:00:1c:82:89:96:17:62:d9:50:82:96:
         d7:d5:44:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4+KY0toCr8NHkQ1nV81wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjUxMTA0MjIwMTQzWhcNMjUxMTA1MjIwMTQzWjAzMTEwLwYDVQQD
EygyZWZkZGY5N2M1NzljOGIzZTZiYzlmOWE4YmRkZjJiZjU3NDI2ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKbd9m13jF/I+31rG+hcXFKz6cI7
szVxzy/D8H8R4TIQh7MCglxiq5iJcDSNXHEv+H3KASgZK80Sx975BttOBDRAESer
XW3JV7FY042WniuTU7c/MSOeLIFrCBm/RsOr1d4uG3Xhb7hG488GLPFeZhpZbb2Y
W2ZtyZ8jcD3HfVexojKQ50BnrnZFnLPOTLS8U+xXI9mxE9H3UDlIfONI9nInVWLP
a/aiq19albcZHVQHSM69i3I16UyiBK5eCilwN0sziYSEFrJckPJ5U/xlFSAUoDZ7
Yqo9oy64utYjo/OAHZjn8HZ5JbKaA4gaNupXaqRJfQ4azBxLSJOwirLMjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7935fFeciz5ryfmovd8r9XQm4rMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5Pqz96B
keZ+nGJnUQ3zIJAQpm7WZSBR0NqAl/LdLZ3IW3Jw1QJentcKdv8aug8fKjprAd6+
ZSRIlXC+UTuCz6Hh6kcnEkD9I61ZKJDPBjh/EDq/eIuCaYBYMmloJ+ioK6u3mYo/
svwWF+HxXRHgvhfltFYcnblURVjW8U2+Ofv1InSDL09WDR8aFbrhS41ewr8s7iFb
vWv09QBKK28QWSFTonsm+XjOTDCa954+QbE9zD60PkQzTN+lBUfXSHOaxojZSBi2
HNMogUHQj4cDw81P0hlkrZbC2x2ZsyRYIrCo3eOuzhX0sDQ74DMUOstlwgAcgomW
F2LZUIKW19VEKw==
-----END CERTIFICATE-----