Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          hf/qcV9iTDrofoMDEuG2Pm+M0f1X0krAiEq7ETuAa2U=
Subject key identifier:   CE:C4:43:81:DA:BF:06:D0:7E:1B:09:E0:13:4E:86:0F:EF:6B:20:25
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       0198D5BBE5075D37E065609355D539B489F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          0859
Signing time:             Sat 23 Aug 2025 07:01:57 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:57 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:57 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: XQ59DZOoNiIFkGdV5T47j4M/z5g+YHpJv5eh11elpeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:e5:07:5d:37:e0:65:60:93:55:d5:39:b4:89:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Aug 23 07:01:57 2025 GMT
            Not After : Aug 24 07:01:57 2025 GMT
        Subject: CN=cec44381dabf06d07e1b09e0134e860fef6b2025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:13:e8:37:5c:14:69:d2:56:a8:cc:74:ff:34:
                    9e:49:db:37:9a:0c:b3:42:1c:d7:f6:e3:da:47:7e:
                    f6:9d:1e:0f:68:41:7c:9b:65:2a:ee:9a:b5:8d:3d:
                    4d:5c:52:4b:94:4d:0a:47:ff:91:b9:62:53:73:60:
                    f3:1a:5f:59:55:a9:36:23:11:f7:b6:60:fc:3c:16:
                    90:95:8b:8b:33:4a:9b:eb:b8:f2:02:d0:ed:ba:56:
                    12:4f:77:bb:e7:a2:b8:e4:51:ce:cc:15:c2:73:f6:
                    b6:1c:fb:71:37:e5:53:2f:90:f6:87:ac:0e:9c:ef:
                    a1:12:e3:d5:07:21:d9:20:c1:14:b3:86:e3:3f:28:
                    4f:dc:ce:52:93:96:0d:14:fe:20:82:3f:c4:89:0f:
                    37:b9:43:75:9d:45:34:ad:35:ef:f6:a6:45:96:d0:
                    00:dc:3d:d5:2b:49:e4:dc:bb:7a:72:c1:1a:f9:9a:
                    00:fa:9c:3d:fb:2c:b4:4e:ff:ee:b4:59:0a:35:f3:
                    91:ac:a6:18:ad:c4:33:ad:c9:18:ce:a0:d0:8f:06:
                    a1:64:99:e5:8a:ce:35:62:7c:f6:6e:57:ea:a2:4a:
                    69:1e:40:ec:1b:95:8e:61:ee:dc:05:3c:29:64:a7:
                    b0:d9:68:b1:d5:23:de:31:60:89:5c:86:b5:be:dd:
                    9d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:C4:43:81:DA:BF:06:D0:7E:1B:09:E0:13:4E:86:0F:EF:6B:20:25
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:9a:07:bf:d7:38:8a:95:3e:99:eb:cd:5b:2b:b1:a8:26:66:
         8c:68:56:9f:b8:bf:35:54:9a:a0:75:89:ef:b7:26:18:54:74:
         87:34:ab:cf:c8:8d:fa:3c:71:2c:a3:0a:46:a5:e9:54:2e:84:
         e1:0b:dc:0a:07:02:d8:e6:b7:46:fa:b8:ff:55:bc:8d:44:10:
         1b:af:30:fa:64:c9:aa:11:f6:d8:a5:06:fa:8f:98:b1:c1:bd:
         80:64:e6:88:2a:96:7c:c2:de:79:86:b5:9a:b9:08:9a:6e:16:
         0a:b8:00:5d:8a:af:10:5c:4e:26:fe:73:49:55:28:cb:fe:b9:
         89:6c:d0:00:70:8b:f9:55:df:52:f0:c9:21:45:2c:87:af:65:
         be:33:95:d1:a3:38:d4:02:97:60:5d:41:c8:79:70:42:8b:1c:
         13:8b:0a:5c:c4:60:88:19:f5:44:fa:1d:e5:1e:8e:88:20:2f:
         8d:b6:f7:bb:c0:a7:99:38:66:62:47:35:6a:19:cd:d6:8c:17:
         df:90:87:a1:bb:96:e6:7d:12:fb:cc:15:0a:96:b3:6c:b8:f2:
         aa:fe:9b:11:b1:a0:91:4b:04:a0:1e:1b:16:cf:52:c7:be:56:
         45:0e:c0:13:94:5e:0a:95:0e:ee:38:8d:5f:be:7f:49:e6:ef:
         cb:a5:1f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+UHXTfgZWCTVdU5tIn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjUwODIzMDcwMTU3WhcNMjUwODI0MDcwMTU3WjAzMTEwLwYDVQQD
EyhjZWM0NDM4MWRhYmYwNmQwN2UxYjA5ZTAxMzRlODYwZmVmNmIyMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhPoN1wUadJWqMx0/zSeSds3mgyz
QhzX9uPaR372nR4PaEF8m2Uq7pq1jT1NXFJLlE0KR/+RuWJTc2DzGl9ZVak2IxH3
tmD8PBaQlYuLM0qb67jyAtDtulYST3e756K45FHOzBXCc/a2HPtxN+VTL5D2h6wO
nO+hEuPVByHZIMEUs4bjPyhP3M5Sk5YNFP4ggj/EiQ83uUN1nUU0rTXv9qZFltAA
3D3VK0nk3Lt6csEa+ZoA+pw9+yy0Tv/utFkKNfORrKYYrcQzrckYzqDQjwahZJnl
is41Ynz2blfqokppHkDsG5WOYe7cBTwpZKew2Wix1SPeMWCJXIa1vt2duwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7EQ4HavwbQfhsJ4BNOhg/vayAlMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZoHv9c4
ipU+mevNWyuxqCZmjGhWn7i/NVSaoHWJ77cmGFR0hzSrz8iN+jxxLKMKRqXpVC6E
4QvcCgcC2Oa3Rvq4/1W8jUQQG68w+mTJqhH22KUG+o+YscG9gGTmiCqWfMLeeYa1
mrkImm4WCrgAXYqvEFxOJv5zSVUoy/65iWzQAHCL+VXfUvDJIUUsh69lvjOV0aM4
1AKXYF1ByHlwQoscE4sKXMRgiBn1RPod5R6OiCAvjbb3u8CnmThmYkc1ahnN1owX
35CHobuW5n0S+8wVCpazbLjyqv6bEbGgkUsEoB4bFs9Sx75WRQ7AE5ReCpUO7jiN
X75/Sebvy6UfOA==
-----END CERTIFICATE-----