Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
File:                     qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json)
Hash identifier:          x33D+gafYq6N6P0OTD5mdBoh0FbkQkWkbZ+Dj7pcvqM=
Subject key identifier:   F9:DA:2F:F0:B3:B0:10:8C:F5:C9:88:80:1D:2C:68:FF:F8:BF:AE:68
Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8
Certificate issuer:       /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
Certificate serial:       0199FAD84145E20F5B75AFA3EA24F4F2CFD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
Manifest number:          03E5
Signing time:             Sun 19 Oct 2025 05:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:40 +0000
Files and hashes:         1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: qGikxHJAmlAjJpDWVCFZTgsqZdiOe/9Jqv7twNSSLKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:41:45:e2:0f:5b:75:af:a3:ea:24:f4:f2:cf:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8
        Validity
            Not Before: Oct 19 05:01:40 2025 GMT
            Not After : Oct 20 05:01:40 2025 GMT
        Subject: CN=f9da2ff0b3b0108cf5c988801d2c68fff8bfae68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e8:ad:27:00:9d:aa:1a:3e:82:c4:0f:46:61:
                    b1:a4:62:70:d4:21:d3:9f:65:78:54:3c:c0:de:40:
                    fc:a6:ed:58:da:32:29:dd:f3:c8:d9:54:d1:3c:de:
                    fc:78:17:c0:42:97:74:9c:2a:0f:63:d0:dd:38:dc:
                    3f:19:02:41:ba:bb:a3:ed:df:c0:73:27:0a:8f:bc:
                    34:c6:25:54:26:0c:d5:fc:27:4b:62:02:0d:7d:01:
                    d0:89:36:61:c2:58:c3:6b:f2:f9:16:9e:8d:b3:64:
                    5f:d0:c2:58:a7:1b:f2:35:ba:cd:bc:41:1c:be:50:
                    12:c1:57:b1:d4:86:ca:da:dc:0f:d5:c1:24:ea:a0:
                    f3:c5:90:38:a7:ab:ad:b6:68:c3:0b:4f:d3:cd:fb:
                    08:01:ac:86:06:79:b1:aa:27:9a:84:d4:57:b8:e1:
                    55:7e:e8:53:82:0e:97:e8:f3:88:bc:90:1d:28:e1:
                    5c:83:5e:53:b3:d6:60:80:5f:37:dd:6d:44:c4:7f:
                    50:ca:5f:9d:23:7c:4b:87:2d:59:d1:77:da:39:61:
                    00:da:a5:35:d2:97:48:23:e0:95:d8:dc:18:44:4b:
                    ae:cb:72:51:c0:46:a8:da:d0:e4:00:ad:99:7a:33:
                    49:dc:61:87:7e:d5:15:9d:bd:63:68:d4:b9:0f:db:
                    eb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DA:2F:F0:B3:B0:10:8C:F5:C9:88:80:1D:2C:68:FF:F8:BF:AE:68
            X509v3 Authority Key Identifier:
                keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:da:d0:12:41:ab:aa:aa:b9:6f:d0:57:b3:65:35:69:34:15:
         20:73:62:94:5b:ba:56:74:97:f6:00:96:03:a8:07:d1:e4:5f:
         84:f2:2f:71:01:31:6b:5b:c0:fe:52:7c:57:e5:a2:e4:cd:52:
         95:30:31:c6:5a:1b:1b:8b:28:b6:7a:ee:df:9d:62:56:94:c6:
         8a:c2:52:a2:42:1c:59:39:1f:7d:09:f2:8e:f0:c5:69:54:0b:
         8c:c0:27:0f:a2:e9:a0:a6:7a:a2:27:57:2d:47:31:81:61:4b:
         53:aa:e7:98:30:95:ed:31:8a:20:d2:95:44:76:da:2c:9b:04:
         b1:a0:12:9e:90:19:b5:63:a9:76:d3:cb:da:2b:c2:52:df:d0:
         69:30:63:5e:d5:52:94:19:4d:e3:c1:9e:1e:c2:1d:34:50:00:
         e9:cd:36:6a:a2:75:db:78:fb:46:5d:63:c3:e7:37:f5:38:79:
         56:25:40:81:33:43:e4:98:05:e6:66:4d:4a:ee:ca:1d:33:a4:
         81:16:93:0f:ac:5b:c4:67:e3:d6:ca:a4:35:43:87:86:c8:55:
         ed:ee:7b:30:17:3f:80:98:f4:17:57:0b:bb:07:de:82:a8:b9:
         84:e5:64:8f:58:1e:82:da:68:9d:a3:7f:d3:c8:0e:14:78:3c:
         54:57:50:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62EFF4g9bda+j6iT08s/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj
ODg4YzgwHhcNMjUxMDE5MDUwMTQwWhcNMjUxMDIwMDUwMTQwWjAzMTEwLwYDVQQD
EyhmOWRhMmZmMGIzYjAxMDhjZjVjOTg4ODAxZDJjNjhmZmY4YmZhZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuitJwCdqho+gsQPRmGxpGJw1CHT
n2V4VDzA3kD8pu1Y2jIp3fPI2VTRPN78eBfAQpd0nCoPY9DdONw/GQJBuruj7d/A
cycKj7w0xiVUJgzV/CdLYgINfQHQiTZhwljDa/L5Fp6Ns2Rf0MJYpxvyNbrNvEEc
vlASwVex1IbK2twP1cEk6qDzxZA4p6uttmjDC0/TzfsIAayGBnmxqieahNRXuOFV
fuhTgg6X6POIvJAdKOFcg15Ts9ZggF833W1ExH9Qyl+dI3xLhy1Z0XfaOWEA2qU1
0pdII+CV2NwYREuuy3JRwEao2tDkAK2ZejNJ3GGHftUVnb1jaNS5D9vrhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnaL/CzsBCM9cmIgB0saP/4v65oMB8GA1UdIwQY
MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt
ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz
LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNrQEkGr
qqq5b9BXs2U1aTQVIHNilFu6VnSX9gCWA6gH0eRfhPIvcQExa1vA/lJ8V+Wi5M1S
lTAxxlobG4sotnru351iVpTGisJSokIcWTkffQnyjvDFaVQLjMAnD6LpoKZ6oidX
LUcxgWFLU6rnmDCV7TGKINKVRHbaLJsEsaASnpAZtWOpdtPL2ivCUt/QaTBjXtVS
lBlN48GeHsIdNFAA6c02aqJ123j7Rl1jw+c39Th5ViVAgTND5JgF5mZNSu7KHTOk
gRaTD6xbxGfj1sqkNUOHhshV7e57MBc/gJj0F1cLuwfegqi5hOVkj1gegtponaN/
08gOFHg8VFdQVA==
-----END CERTIFICATE-----