Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          8W0ibWtZCgi0N4GPYwcmDF/WlPrW2yelyiiHUp4axp0=
Subject key identifier:   E2:08:1F:E7:1A:3E:AF:41:1E:DA:29:50:18:1E:A4:F2:16:C9:6C:74
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       019A4FD01D052669BAD9F0D23CD50E60F714
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0DDC
Signing time:             Tue 04 Nov 2025 17:00:30 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:30 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:30 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: vg1XYzFKA97Aatkyj6wHIARuYj0CLbKy1X2TZ/AtmYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:1d:05:26:69:ba:d9:f0:d2:3c:d5:0e:60:f7:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Nov  4 17:00:30 2025 GMT
            Not After : Nov  5 17:00:30 2025 GMT
        Subject: CN=e2081fe71a3eaf411eda2950181ea4f216c96c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7b:da:42:b0:e3:b7:c5:36:5a:bf:1e:f3:7c:
                    0e:a2:e5:df:a8:e5:02:83:4e:37:06:e8:e2:7a:39:
                    de:a4:de:ce:0b:f4:ac:d4:3a:00:15:ed:b2:46:a8:
                    51:e7:b1:f7:54:3a:00:22:ac:f2:3d:42:20:98:8b:
                    d2:5b:ba:46:aa:39:08:3f:06:ec:3b:44:ff:7c:c4:
                    5e:5b:5a:f2:24:72:2b:b2:b1:1a:28:33:c0:41:b3:
                    2b:8b:e9:d1:db:49:26:5e:10:f8:18:80:32:b5:ae:
                    02:1a:3e:ec:ba:ee:79:9e:3e:77:82:b3:d2:33:2d:
                    f2:30:59:7b:33:5d:27:67:90:d3:d2:53:dd:cc:30:
                    0d:00:cc:c6:81:f1:9d:3f:50:f7:e4:19:fe:f9:db:
                    f5:b4:e1:c3:47:63:6e:0e:ba:24:8a:f3:64:25:f1:
                    f8:6b:9b:af:e6:06:2b:06:0b:84:57:2a:00:4c:88:
                    5e:9f:a5:97:b9:d1:6c:eb:83:5b:d1:60:c1:20:f0:
                    e1:c8:6d:72:8c:c4:29:4b:9b:c1:bb:cf:d3:bc:f3:
                    34:6e:d3:25:a9:1d:45:82:2f:0a:cd:b5:39:5f:35:
                    a5:89:6e:b0:5e:3a:2c:6f:3f:c8:b2:48:e7:4e:49:
                    c6:f7:39:8b:19:c5:38:e3:96:7a:d2:c4:84:00:26:
                    1c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:08:1F:E7:1A:3E:AF:41:1E:DA:29:50:18:1E:A4:F2:16:C9:6C:74
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:a3:86:c9:3a:c0:36:51:21:25:68:59:72:3b:f9:1d:9c:53:
         c8:08:b3:b3:fe:08:9c:63:82:73:dd:f8:b4:3b:7c:25:71:78:
         03:d8:b5:5f:fd:fe:36:71:32:98:87:6d:fa:96:13:03:ad:2f:
         e3:f4:1c:2e:b0:5e:5a:83:a1:e1:76:66:2a:64:ba:7f:61:67:
         e4:ba:38:3a:f7:ab:c9:c5:a5:29:d4:93:9e:63:8b:42:3a:12:
         0c:a3:43:e5:e3:0c:1e:8a:1d:27:9e:eb:b2:f0:2d:25:c2:25:
         1a:d3:14:34:8a:62:73:f4:6d:d7:0f:a6:ed:b8:16:7f:ba:ca:
         db:c7:85:70:3f:f8:3c:ad:7e:3b:c0:d3:2e:01:82:c0:70:55:
         2d:72:63:c1:f3:bf:eb:1a:be:7c:30:3c:80:8b:7f:e8:26:39:
         89:af:17:be:11:d5:a5:c6:ce:d9:ba:60:95:3d:23:7e:fb:12:
         17:ae:24:d3:e8:99:08:c4:af:73:5b:fd:0e:5d:d9:59:c7:25:
         27:66:78:1b:44:4e:bb:1f:69:78:c6:a2:7f:7f:12:73:99:75:
         05:0c:b0:77:5b:24:e0:c5:c8:4b:c2:77:f5:ff:f1:c2:09:69:
         76:04:10:5a:64:0c:e0:44:28:f0:2c:99:d8:29:48:9c:b7:72:
         97:01:71:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0B0FJmm62fDSPNUOYPcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUxMTA0MTcwMDMwWhcNMjUxMTA1MTcwMDMwWjAzMTEwLwYDVQQD
EyhlMjA4MWZlNzFhM2VhZjQxMWVkYTI5NTAxODFlYTRmMjE2Yzk2Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXvaQrDjt8U2Wr8e83wOouXfqOUC
g043BujiejnepN7OC/Ss1DoAFe2yRqhR57H3VDoAIqzyPUIgmIvSW7pGqjkIPwbs
O0T/fMReW1ryJHIrsrEaKDPAQbMri+nR20kmXhD4GIAyta4CGj7suu55nj53grPS
My3yMFl7M10nZ5DT0lPdzDANAMzGgfGdP1D35Bn++dv1tOHDR2NuDrokivNkJfH4
a5uv5gYrBguEVyoATIhen6WXudFs64Nb0WDBIPDhyG1yjMQpS5vBu8/TvPM0btMl
qR1Fgi8KzbU5XzWliW6wXjosbz/IskjnTknG9zmLGcU445Z60sSEACYczwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIIH+caPq9BHtopUBgepPIWyWx0MB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARaOGyTrA
NlEhJWhZcjv5HZxTyAizs/4InGOCc934tDt8JXF4A9i1X/3+NnEymIdt+pYTA60v
4/QcLrBeWoOh4XZmKmS6f2Fn5Lo4OverycWlKdSTnmOLQjoSDKND5eMMHoodJ57r
svAtJcIlGtMUNIpic/Rt1w+m7bgWf7rK28eFcD/4PK1+O8DTLgGCwHBVLXJjwfO/
6xq+fDA8gIt/6CY5ia8XvhHVpcbO2bpglT0jfvsSF64k0+iZCMSvc1v9Dl3ZWccl
J2Z4G0ROux9peMaif38Sc5l1BQywd1sk4MXIS8J39f/xwglpdgQQWmQM4EQo8CyZ
2ClInLdylwFx7w==
-----END CERTIFICATE-----