Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          OfNethnrHdmh8j2Lw4kKky03RvzeoI3HdH2/tWk9itU=
Subject key identifier:   FB:9D:A4:FE:42:55:F6:9C:8B:9B:EA:63:BC:24:53:0A:34:CE:14:5C
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       0199FBEA9C639E8FD71465EA3AEB283E2A70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0E83
Signing time:             Sun 19 Oct 2025 10:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:20 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: zJeXo8skOzdeKRyJVhFrQ89Ro+0tY9mADHicXryXxVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:9c:63:9e:8f:d7:14:65:ea:3a:eb:28:3e:2a:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Oct 19 10:01:20 2025 GMT
            Not After : Oct 20 10:01:20 2025 GMT
        Subject: CN=fb9da4fe4255f69c8b9bea63bc24530a34ce145c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bd:b1:50:ed:8a:5f:c3:33:e6:2a:82:1c:6b:
                    0b:dd:8c:2e:0d:00:40:05:f3:1c:e3:5e:b3:fc:78:
                    6f:7b:b0:b5:4d:4b:48:50:c2:dc:3b:cf:78:2b:8b:
                    bf:4c:14:ab:96:56:f0:82:08:64:2f:8d:2f:2c:3e:
                    a6:62:0c:91:05:12:61:32:57:04:1d:42:b9:93:f6:
                    ed:39:b5:96:d4:a2:c8:31:d1:89:d5:50:33:aa:b8:
                    18:84:5d:84:07:62:b2:1c:14:1e:91:c2:9e:28:4a:
                    54:33:02:71:6b:cb:e6:45:f5:2e:6e:16:c5:d8:fb:
                    e2:ec:34:cd:ac:6d:77:88:ab:92:a1:0b:9c:0d:9d:
                    12:ae:ec:dd:eb:54:82:3a:67:d6:6f:b1:9a:2f:31:
                    a8:f7:60:0a:86:7f:6f:fe:b1:2d:c1:aa:47:30:bf:
                    0a:b3:b5:b8:24:1b:17:6c:02:93:c3:95:7c:00:32:
                    d0:43:75:ab:b9:ee:19:4c:06:ea:9d:21:66:a1:b5:
                    e2:ec:1a:5f:72:22:84:e9:fc:a1:0e:d3:66:e4:69:
                    c7:ce:68:92:34:b2:36:c2:ac:33:69:44:1a:db:e9:
                    ae:90:90:5a:2e:2e:d0:7e:d1:4a:34:45:db:51:d5:
                    4f:a7:5c:52:a8:c6:d7:48:4d:fb:cd:98:d8:51:c0:
                    d2:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9D:A4:FE:42:55:F6:9C:8B:9B:EA:63:BC:24:53:0A:34:CE:14:5C
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:81:ec:00:ea:a1:f8:29:00:95:1d:3e:26:15:40:f0:b0:08:
         18:40:f6:45:8d:7e:33:50:0e:66:7a:23:24:80:b3:e2:8d:2c:
         81:ff:c2:37:8c:5e:5b:f8:a7:e2:13:91:39:f0:97:05:35:86:
         ff:03:cb:4d:5d:93:37:2e:ca:db:eb:53:4d:a2:6c:29:69:9b:
         40:cf:69:a8:9d:e1:d4:9b:31:23:37:f1:12:39:de:38:d9:44:
         b9:9c:48:ee:cd:04:e3:ff:dd:e5:5b:19:d4:6d:16:dd:c5:50:
         2f:0a:79:f1:2f:cf:d9:ea:6e:01:c0:3f:9d:e2:da:62:67:06:
         a1:30:d1:d0:c3:75:f2:dc:55:62:98:06:74:d1:34:9f:bc:ea:
         33:5c:5d:d3:1d:fa:50:27:9f:7d:52:e0:05:38:ec:73:4e:14:
         ad:b8:a3:6b:ed:d3:a1:64:a1:de:93:4e:e8:01:ef:54:30:09:
         98:e5:cf:46:59:13:a0:a0:66:e8:d0:92:c8:db:6f:f8:c5:8f:
         a2:05:0b:0a:99:17:f9:61:ac:d5:84:5e:d0:26:39:09:70:a7:
         1e:16:86:48:c0:e6:65:7c:31:a4:85:3d:60:30:a2:f4:7b:23:
         fc:ae:61:fc:b5:20:95:42:c9:4d:8b:67:e8:59:4a:cd:b9:ab:
         45:87:92:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76pxjno/XFGXqOusoPipwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjUxMDE5MTAwMTIwWhcNMjUxMDIwMTAwMTIwWjAzMTEwLwYDVQQD
EyhmYjlkYTRmZTQyNTVmNjljOGI5YmVhNjNiYzI0NTMwYTM0Y2UxNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob2xUO2KX8Mz5iqCHGsL3YwuDQBA
BfMc416z/Hhve7C1TUtIUMLcO894K4u/TBSrllbwgghkL40vLD6mYgyRBRJhMlcE
HUK5k/btObWW1KLIMdGJ1VAzqrgYhF2EB2KyHBQekcKeKEpUMwJxa8vmRfUubhbF
2Pvi7DTNrG13iKuSoQucDZ0Sruzd61SCOmfWb7GaLzGo92AKhn9v/rEtwapHML8K
s7W4JBsXbAKTw5V8ADLQQ3Wrue4ZTAbqnSFmobXi7BpfciKE6fyhDtNm5GnHzmiS
NLI2wqwzaUQa2+mukJBaLi7QftFKNEXbUdVPp1xSqMbXSE37zZjYUcDSgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPudpP5CVfaci5vqY7wkUwo0zhRcMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb4HsAOqh
+CkAlR0+JhVA8LAIGED2RY1+M1AOZnojJICz4o0sgf/CN4xeW/in4hOROfCXBTWG
/wPLTV2TNy7K2+tTTaJsKWmbQM9pqJ3h1JsxIzfxEjneONlEuZxI7s0E4//d5VsZ
1G0W3cVQLwp58S/P2epuAcA/neLaYmcGoTDR0MN18txVYpgGdNE0n7zqM1xd0x36
UCeffVLgBTjsc04Urbija+3ToWSh3pNO6AHvVDAJmOXPRlkToKBm6NCSyNtv+MWP
ogULCpkX+WGs1YRe0CY5CXCnHhaGSMDmZXwxpIU9YDCi9Hsj/K5h/LUglULJTYtn
6FlKzbmrRYeSoA==
-----END CERTIFICATE-----