Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          +avTunCjJtMAYXvWt7qBxT+hadvV5j8XLIYOq5JAdgI=
Subject key identifier:   15:80:67:C0:71:CF:B4:0D:D5:2B:AE:1B:59:0A:EB:E2:DD:7B:2D:EA
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       0199FC8F69D40F37213A213BC36C8D30B597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          0606
Signing time:             Sun 19 Oct 2025 13:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:21 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: youB8QUs1eUVSRLU1rWSS1OvaokudQWy8nhGix0cUqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:69:d4:0f:37:21:3a:21:3b:c3:6c:8d:30:b5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Oct 19 13:01:21 2025 GMT
            Not After : Oct 20 13:01:21 2025 GMT
        Subject: CN=158067c071cfb40dd52bae1b590aebe2dd7b2dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:28:0e:7f:42:c1:f9:86:af:f2:91:bc:89:ef:
                    b6:47:0f:5b:8b:68:6c:af:13:30:b0:11:3c:0b:a6:
                    36:a7:de:0b:c5:24:0c:30:8c:ab:fc:a4:56:61:d4:
                    1f:26:fc:29:33:59:3d:9b:50:a7:87:e9:c0:98:c3:
                    bd:c3:47:15:36:72:7a:a2:39:db:c2:e5:36:d2:75:
                    f6:f7:fd:fe:02:6c:26:9e:74:7f:e0:b4:ae:c1:81:
                    4e:fb:08:b4:9d:56:81:82:3b:b5:fa:ca:48:61:4a:
                    55:f3:e9:3a:d0:f4:f0:92:2e:73:62:be:c1:c1:1f:
                    bb:6f:5c:48:68:6c:5a:be:53:35:b2:35:38:49:92:
                    f9:40:f5:43:9b:47:92:27:4b:55:22:a7:4d:45:aa:
                    4b:a4:ec:e4:89:c6:7a:c4:1d:2f:d2:f3:a6:ec:af:
                    aa:5e:80:24:dc:09:63:1f:56:eb:0e:29:56:11:99:
                    d4:d2:76:5c:b8:dc:f8:42:92:c5:f1:c9:a6:85:22:
                    a2:31:8d:9f:f6:f2:96:8b:da:62:2a:74:1c:af:3c:
                    0f:28:0b:3c:cc:2e:66:4b:aa:dd:1f:ac:f6:5b:06:
                    8a:26:0e:38:bc:cc:21:fe:dc:51:58:1e:10:15:0b:
                    66:6e:4c:f1:78:60:c1:d4:70:46:ec:7a:e6:1f:91:
                    3c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:80:67:C0:71:CF:B4:0D:D5:2B:AE:1B:59:0A:EB:E2:DD:7B:2D:EA
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:37:56:b6:49:2c:42:59:85:a1:78:0d:31:61:fa:af:23:39:
         99:89:f6:21:99:86:17:a9:71:a9:f5:55:62:5d:98:c1:de:70:
         72:d3:4b:bb:01:0e:5f:aa:d9:0d:28:69:dd:60:3e:54:d4:e5:
         bc:95:5c:01:45:a0:f7:1a:1a:62:1b:5f:48:bf:c0:43:c2:96:
         4b:b5:c0:a4:b0:7e:19:b7:aa:d6:b6:57:b8:72:e3:e0:f8:55:
         32:cc:65:9b:ff:8a:ee:3d:05:df:ca:42:9d:c4:14:63:a1:2c:
         28:d7:74:7f:0e:ef:54:f3:4d:da:0f:02:97:20:83:03:fa:99:
         a7:ec:fc:aa:49:b5:d5:3e:92:8e:50:00:bf:00:97:dd:44:95:
         81:59:38:f3:80:c8:b0:09:37:dc:5b:a1:29:fe:78:83:15:53:
         93:25:2a:81:3f:d0:5f:a1:ab:d4:88:92:d1:47:52:f0:f6:16:
         eb:1c:65:73:0e:d8:bd:fb:43:62:e7:0a:18:19:1f:4a:b8:f9:
         a2:b0:c5:4e:0c:dc:23:04:e9:65:a0:41:bd:ff:14:41:66:cc:
         ab:93:dc:0e:bd:14:7a:5e:97:ba:eb:0f:99:f4:37:1c:87:f7:
         79:0f:66:8e:7d:ee:d1:7f:c4:32:80:29:98:bb:7e:de:a6:d4:
         77:a7:7d:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j2nUDzchOiE7w2yNMLWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUxMDE5MTMwMTIxWhcNMjUxMDIwMTMwMTIxWjAzMTEwLwYDVQQD
EygxNTgwNjdjMDcxY2ZiNDBkZDUyYmFlMWI1OTBhZWJlMmRkN2IyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkigOf0LB+Yav8pG8ie+2Rw9bi2hs
rxMwsBE8C6Y2p94LxSQMMIyr/KRWYdQfJvwpM1k9m1Cnh+nAmMO9w0cVNnJ6ojnb
wuU20nX29/3+AmwmnnR/4LSuwYFO+wi0nVaBgju1+spIYUpV8+k60PTwki5zYr7B
wR+7b1xIaGxavlM1sjU4SZL5QPVDm0eSJ0tVIqdNRapLpOzkicZ6xB0v0vOm7K+q
XoAk3AljH1brDilWEZnU0nZcuNz4QpLF8cmmhSKiMY2f9vKWi9piKnQcrzwPKAs8
zC5mS6rdH6z2WwaKJg44vMwh/txRWB4QFQtmbkzxeGDB1HBG7HrmH5E8ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWAZ8Bxz7QN1SuuG1kK6+Ldey3qMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAozdWtkks
QlmFoXgNMWH6ryM5mYn2IZmGF6lxqfVVYl2Ywd5wctNLuwEOX6rZDShp3WA+VNTl
vJVcAUWg9xoaYhtfSL/AQ8KWS7XApLB+Gbeq1rZXuHLj4PhVMsxlm/+K7j0F38pC
ncQUY6EsKNd0fw7vVPNN2g8ClyCDA/qZp+z8qkm11T6SjlAAvwCX3USVgVk484DI
sAk33FuhKf54gxVTkyUqgT/QX6Gr1IiS0UdS8PYW6xxlcw7YvftDYucKGBkfSrj5
orDFTgzcIwTpZaBBvf8UQWbMq5PcDr0Uel6XuusPmfQ3HIf3eQ9mjn3u0X/EMoAp
mLt+3qbUd6d9Dw==
-----END CERTIFICATE-----