Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
File:                     qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json)
Hash identifier:          Q8EJQpldkn5ziLzxB0GZM7tjuPEiLzOmYDLCUiGngxY=
Subject key identifier:   7D:19:75:DB:28:25:EC:93:5F:8B:AA:E7:5E:8B:0E:54:F2:85:A3:5B
Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD
Certificate issuer:       /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
Certificate serial:       019A4DAAEAA8106E1D5A7693E189B9C729D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
Manifest number:          09B2
Signing time:             Tue 04 Nov 2025 07:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:38 +0000
Files and hashes:         1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: c1d60eqiszK8pNN5IjS+lXvE2WFa+lxR06w6rFiM91o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:ea:a8:10:6e:1d:5a:76:93:e1:89:b9:c7:29:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
        Validity
            Not Before: Nov  4 07:00:38 2025 GMT
            Not After : Nov  5 07:00:38 2025 GMT
        Subject: CN=7d1975db2825ec935f8baae75e8b0e54f285a35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:22:ec:60:97:30:1e:3b:d5:78:51:4b:08:e6:
                    6a:5f:6a:d7:a8:0e:fb:b1:09:df:31:3c:88:c2:cb:
                    b0:54:3b:b0:1e:2d:ea:bc:19:a9:94:7f:ab:78:e5:
                    dd:24:71:18:79:ae:2b:ee:13:10:f2:c9:04:94:48:
                    2e:03:ef:95:a8:93:a7:6f:f8:c8:90:ba:c8:9b:2e:
                    0b:fa:86:8d:e1:bc:cc:e2:04:f0:62:d7:3c:61:f7:
                    a7:7f:0f:3b:17:d5:4e:09:46:c9:4f:e9:55:cd:e4:
                    d0:d3:f4:8d:f0:79:b1:82:d6:b2:e5:b1:ff:4c:0d:
                    54:d3:cd:18:dd:5e:e5:22:37:25:75:e2:8f:f8:52:
                    1b:65:d1:10:d7:0e:2a:bd:68:14:9e:a4:40:ef:e3:
                    36:41:5c:20:93:c7:26:7a:22:5b:9b:70:66:70:83:
                    9e:c7:d4:ab:9d:3e:4e:81:d1:7f:96:4b:4e:66:6a:
                    45:62:db:37:6a:cf:6b:94:85:17:b4:e7:00:59:39:
                    4a:97:c4:22:1d:e3:8a:30:3c:64:ed:ec:c1:2a:d6:
                    a6:e7:90:14:4e:7a:11:03:4f:62:16:cd:4a:10:57:
                    54:a7:f6:b4:b4:fa:db:30:80:75:42:2d:f8:2d:69:
                    a8:0a:5b:f5:a3:8d:0a:46:b2:8c:a8:92:5e:a8:09:
                    b8:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:19:75:DB:28:25:EC:93:5F:8B:AA:E7:5E:8B:0E:54:F2:85:A3:5B
            X509v3 Authority Key Identifier:
                keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:f3:fe:b1:13:77:72:20:67:bf:ef:93:41:f7:a7:d2:a8:37:
         d6:1d:28:94:86:e1:ed:5b:3e:7c:54:64:98:54:e0:81:6e:10:
         32:65:4c:21:da:e1:31:08:fe:e6:8e:ff:8c:60:d4:94:f3:a5:
         76:ff:10:7f:1e:74:a5:1e:8a:54:99:13:44:15:22:1b:c9:8d:
         b3:30:93:e0:66:33:41:23:63:0e:e6:84:c5:79:4f:ba:0f:13:
         ed:86:05:21:48:e5:01:e8:26:cd:d9:4b:8d:de:44:9a:e6:22:
         66:cf:e2:c6:e1:6e:67:fe:4e:72:15:01:e3:b7:2c:5a:5f:f5:
         a9:56:33:79:28:70:c9:89:ec:c4:15:41:a8:86:ed:2d:dd:4e:
         39:c0:18:b9:84:14:00:df:62:4d:1e:ba:fb:8c:b7:10:d6:a8:
         80:4c:09:01:7a:13:8e:8e:c5:d3:c6:cc:2b:44:09:33:20:f5:
         b8:44:79:56:26:9e:10:8b:82:a5:36:8b:cd:9c:99:cb:20:1e:
         b6:b0:98:19:1d:63:b1:69:3f:80:60:cd:c4:1b:fa:9b:60:17:
         ca:17:39:6b:18:d9:99:12:6e:d1:57:15:af:7f:b6:8b:92:b8:
         61:13:91:0f:8a:64:89:43:af:4a:fe:64:67:61:3f:f8:04:30:
         8b:e4:fd:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNquqoEG4dWnaT4Ym5xynWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl
NjAzY2QwHhcNMjUxMTA0MDcwMDM4WhcNMjUxMTA1MDcwMDM4WjAzMTEwLwYDVQQD
Eyg3ZDE5NzVkYjI4MjVlYzkzNWY4YmFhZTc1ZThiMGU1NGYyODVhMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCLsYJcwHjvVeFFLCOZqX2rXqA77
sQnfMTyIwsuwVDuwHi3qvBmplH+reOXdJHEYea4r7hMQ8skElEguA++VqJOnb/jI
kLrImy4L+oaN4bzM4gTwYtc8Yfenfw87F9VOCUbJT+lVzeTQ0/SN8Hmxgtay5bH/
TA1U080Y3V7lIjcldeKP+FIbZdEQ1w4qvWgUnqRA7+M2QVwgk8cmeiJbm3BmcIOe
x9SrnT5OgdF/lktOZmpFYts3as9rlIUXtOcAWTlKl8QiHeOKMDxk7ezBKtam55AU
TnoRA09iFs1KEFdUp/a0tPrbMIB1Qi34LWmoClv1o40KRrKMqJJeqAm4+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0ZddsoJeyTX4uq516LDlTyhaNbMB8GA1UdIwQY
MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt
ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl
LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/P+sRN3
ciBnv++TQfen0qg31h0olIbh7Vs+fFRkmFTggW4QMmVMIdrhMQj+5o7/jGDUlPOl
dv8Qfx50pR6KVJkTRBUiG8mNszCT4GYzQSNjDuaExXlPug8T7YYFIUjlAegmzdlL
jd5EmuYiZs/ixuFuZ/5OchUB47csWl/1qVYzeShwyYnsxBVBqIbtLd1OOcAYuYQU
AN9iTR66+4y3ENaogEwJAXoTjo7F08bMK0QJMyD1uER5ViaeEIuCpTaLzZyZyyAe
trCYGR1jsWk/gGDNxBv6m2AXyhc5axjZmRJu0VcVr3+2i5K4YRORD4pkiUOvSv5k
Z2E/+AQwi+T95g==
-----END CERTIFICATE-----