Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          NBbEdSI1agaoGvxFBUUOjirIYkuT6/9cJnAwzGo1mIk=
Subject key identifier:   59:58:2C:FB:18:F6:2A:FA:D5:D4:73:F6:F6:85:52:BA:B7:36:FF:AD
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       0199FC215E015A16B5BD7FE6B09335A3CE29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          054B
Signing time:             Sun 19 Oct 2025 11:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:09 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: ARpCUnG/bnohP9Oj/3IbzwtznbxY2IVvTPehBb2HAa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:5e:01:5a:16:b5:bd:7f:e6:b0:93:35:a3:ce:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Oct 19 11:01:09 2025 GMT
            Not After : Oct 20 11:01:09 2025 GMT
        Subject: CN=59582cfb18f62afad5d473f6f68552bab736ffad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ca:9c:0e:c1:b6:57:7f:6a:d0:1a:5c:e6:63:
                    9d:9d:70:32:bf:4d:36:37:d5:dd:23:55:96:3a:c9:
                    ee:10:a3:36:35:b7:3b:25:90:bb:57:28:e2:ab:f5:
                    54:43:6f:10:54:93:49:e1:35:6f:4d:50:81:57:7d:
                    94:e7:0e:fc:39:17:99:00:95:e7:e5:2f:73:9a:07:
                    69:4c:56:10:4d:72:b6:27:73:ff:9b:8d:36:0d:4d:
                    ae:57:5f:b9:6c:9a:17:fa:4c:a8:88:81:9d:d6:dd:
                    19:8c:7b:79:e4:31:6b:51:f7:ef:ab:12:5d:a5:ea:
                    37:19:27:03:b0:4b:19:95:4e:8d:f7:e9:ec:7d:d8:
                    d2:df:77:2a:6f:f8:d3:80:c3:d0:cd:40:b3:b8:dd:
                    44:b6:eb:9e:8d:b0:76:ae:a4:0e:22:a4:b4:30:f3:
                    ed:54:cd:ce:14:93:80:43:6d:fc:9f:4f:17:4b:8e:
                    6f:34:b3:f3:69:9e:a7:be:f8:b5:49:8b:14:be:32:
                    64:54:d2:2e:ff:89:fe:a4:2a:e4:44:0e:86:b4:15:
                    56:fb:24:ac:f0:6c:35:93:8e:58:0f:85:37:23:35:
                    a3:51:8b:3f:0a:fc:46:e5:45:59:1f:02:5d:6e:b0:
                    d3:20:c5:57:ce:93:61:c7:9a:b8:fb:48:27:44:81:
                    a8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:58:2C:FB:18:F6:2A:FA:D5:D4:73:F6:F6:85:52:BA:B7:36:FF:AD
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ff:da:59:0a:72:68:07:88:e0:aa:eb:d7:c7:1d:90:44:ae:
         d4:3c:53:67:10:8d:02:a6:bc:12:f7:86:bd:02:84:76:d4:32:
         6d:da:1b:57:85:60:0d:09:ef:88:9d:ab:93:89:ef:2f:95:fe:
         4a:0a:65:09:c8:c9:83:82:85:5e:d6:11:cd:de:a5:56:04:b5:
         a4:e9:29:b6:ad:3d:2a:58:8d:ec:c4:97:75:9c:2f:dc:44:42:
         43:0d:ea:dd:b9:64:12:67:50:70:a6:25:83:d2:2e:db:d3:9c:
         24:71:2b:39:de:63:c0:89:be:10:2a:fc:2b:9d:71:37:21:2a:
         c3:82:53:02:c3:1a:21:47:d3:3c:c6:a7:6c:13:78:9b:50:c8:
         8d:55:56:21:75:97:2d:3a:a3:61:5f:7d:f5:04:62:37:bb:f8:
         06:91:45:54:b8:83:be:bf:db:37:87:ed:1d:91:6e:cd:55:76:
         2d:b6:7c:d8:05:b6:88:cb:23:98:1d:1f:77:4f:a1:69:d9:27:
         58:37:3e:8a:2b:91:f2:f3:c4:10:26:2f:63:b3:aa:7d:dc:ae:
         6e:4c:61:99:de:22:1c:f6:aa:0d:7e:dc:ef:b0:ee:65:8e:a7:
         27:9b:44:76:72:f0:d7:3b:15:68:ac:d3:20:00:4f:6c:8f:d2:
         11:ca:20:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IV4BWha1vX/msJM1o84pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjUxMDE5MTEwMTA5WhcNMjUxMDIwMTEwMTA5WjAzMTEwLwYDVQQD
Eyg1OTU4MmNmYjE4ZjYyYWZhZDVkNDczZjZmNjg1NTJiYWI3MzZmZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8qcDsG2V39q0Bpc5mOdnXAyv002
N9XdI1WWOsnuEKM2Nbc7JZC7Vyjiq/VUQ28QVJNJ4TVvTVCBV32U5w78OReZAJXn
5S9zmgdpTFYQTXK2J3P/m402DU2uV1+5bJoX+kyoiIGd1t0ZjHt55DFrUffvqxJd
peo3GScDsEsZlU6N9+nsfdjS33cqb/jTgMPQzUCzuN1EtuuejbB2rqQOIqS0MPPt
VM3OFJOAQ238n08XS45vNLPzaZ6nvvi1SYsUvjJkVNIu/4n+pCrkRA6GtBVW+ySs
8Gw1k45YD4U3IzWjUYs/CvxG5UVZHwJdbrDTIMVXzpNhx5q4+0gnRIGo3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlYLPsY9ir61dRz9vaFUrq3Nv+tMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALf/aWQpy
aAeI4Krr18cdkESu1DxTZxCNAqa8EveGvQKEdtQybdobV4VgDQnviJ2rk4nvL5X+
SgplCcjJg4KFXtYRzd6lVgS1pOkptq09KliN7MSXdZwv3ERCQw3q3blkEmdQcKYl
g9Iu29OcJHErOd5jwIm+ECr8K51xNyEqw4JTAsMaIUfTPManbBN4m1DIjVVWIXWX
LTqjYV999QRiN7v4BpFFVLiDvr/bN4ftHZFuzVV2LbZ82AW2iMsjmB0fd0+hadkn
WDc+iiuR8vPEECYvY7Oqfdyubkxhmd4iHPaqDX7c77DuZY6nJ5tEdnLw1zsVaKzT
IABPbI/SEcogJg==
-----END CERTIFICATE-----