Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          smATD4nY5zBRmoeKuJYBkZIKL2FMpyg90P7Eg83q5YM=
Subject key identifier:   BC:E9:F3:F4:3D:12:93:57:11:BA:FE:F3:F9:13:DC:96:EF:75:07:91
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       0199FFC7261131533A07D7C49FFB904E1481
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          0780
Signing time:             Mon 20 Oct 2025 04:01:05 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:05 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:05 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: qrI01uT/64AsMcikySejTYPy7mHQfgOMnOmEFGSKRqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:26:11:31:53:3a:07:d7:c4:9f:fb:90:4e:14:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Oct 20 04:01:05 2025 GMT
            Not After : Oct 21 04:01:05 2025 GMT
        Subject: CN=bce9f3f43d12935711bafef3f913dc96ef750791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f9:2b:a5:48:af:ee:f4:dd:e4:5a:15:0f:93:
                    a9:f8:ff:98:79:c2:96:0b:a9:e4:f0:fb:b8:cd:1e:
                    d9:82:68:5a:52:fe:20:a3:f5:5a:bd:28:18:e7:5b:
                    94:46:5c:c8:a2:d8:f9:af:6d:99:c9:b1:e4:f0:6f:
                    43:70:14:dc:0e:24:61:4a:ba:c2:6c:18:6d:dd:5c:
                    7a:42:76:70:2e:0d:96:b0:af:14:b7:4a:ea:b7:2d:
                    af:e8:7b:4c:c3:ac:5f:9e:54:06:40:c2:62:07:96:
                    48:ac:3d:39:a8:e8:e1:79:a3:83:eb:92:63:c1:ca:
                    21:ec:3a:44:43:f6:09:6e:2c:eb:c7:de:1a:f2:90:
                    81:9a:f6:3f:61:fb:18:41:70:1d:4a:27:05:b8:46:
                    dd:d8:46:be:62:a7:7c:c5:70:73:12:8e:e1:68:3e:
                    09:1d:d4:b7:dd:f9:a5:b2:4e:17:2e:72:01:c1:7f:
                    a6:0d:85:fb:99:99:20:75:90:99:83:4b:0d:a9:5b:
                    3f:b3:96:93:2d:5e:1f:83:4a:40:2f:f0:fb:f1:91:
                    89:45:4a:46:6f:68:a3:54:1e:a6:00:43:26:5f:c4:
                    12:f0:e2:4a:a4:90:7d:6f:4c:60:ba:03:1d:49:4c:
                    71:df:53:35:90:0d:3b:31:c5:0c:28:3c:32:87:96:
                    db:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:E9:F3:F4:3D:12:93:57:11:BA:FE:F3:F9:13:DC:96:EF:75:07:91
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:e3:d7:bb:34:d4:94:ba:65:b1:27:3b:8b:46:35:d3:b8:5b:
         7c:7f:27:65:4f:9b:b2:4b:77:1f:ba:28:0c:16:e2:16:e0:53:
         86:61:52:32:49:bb:d2:8e:af:46:d8:12:a8:43:26:21:4c:39:
         6c:f2:94:a4:69:d3:8e:5a:15:22:3d:59:35:de:7a:a9:52:a2:
         39:ff:55:2f:de:e8:c9:88:c2:e7:6c:3d:40:ad:ec:4a:50:d8:
         1c:ed:74:8b:51:35:e4:c4:71:46:b6:d6:d2:0b:11:13:09:9e:
         92:26:e4:42:9e:fa:7a:c0:14:a9:9d:08:8a:2d:f5:d1:49:8f:
         ce:d4:a0:d2:a9:c6:ad:44:56:b7:f8:46:69:68:5a:4e:36:50:
         80:41:6d:09:c8:c7:62:de:b6:e1:71:e3:61:2b:e5:a0:96:44:
         a9:59:c4:93:6a:ce:f1:d6:c9:7b:23:91:5d:be:37:e6:f5:9a:
         42:9b:1e:b5:04:fe:9a:ea:8b:92:a5:fd:72:5e:4a:9f:2e:c1:
         9f:88:ee:27:1f:34:a8:75:11:85:10:3e:b9:db:c0:01:c2:19:
         6d:bc:a6:71:62:63:dc:12:c1:b4:ec:6c:70:f2:0b:39:44:3e:
         26:dc:d2:9e:e6:3e:08:87:53:e6:0b:6c:f5:2f:62:8b:fd:63:
         ff:b6:a9:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xyYRMVM6B9fEn/uQThSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUxMDIwMDQwMTA1WhcNMjUxMDIxMDQwMTA1WjAzMTEwLwYDVQQD
EyhiY2U5ZjNmNDNkMTI5MzU3MTFiYWZlZjNmOTEzZGM5NmVmNzUwNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfkrpUiv7vTd5FoVD5Op+P+YecKW
C6nk8Pu4zR7ZgmhaUv4go/VavSgY51uURlzIotj5r22ZybHk8G9DcBTcDiRhSrrC
bBht3Vx6QnZwLg2WsK8Ut0rqty2v6HtMw6xfnlQGQMJiB5ZIrD05qOjheaOD65Jj
wcoh7DpEQ/YJbizrx94a8pCBmvY/YfsYQXAdSicFuEbd2Ea+Yqd8xXBzEo7haD4J
HdS33fmlsk4XLnIBwX+mDYX7mZkgdZCZg0sNqVs/s5aTLV4fg0pAL/D78ZGJRUpG
b2ijVB6mAEMmX8QS8OJKpJB9b0xgugMdSUxx31M1kA07McUMKDwyh5bbowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzp8/Q9EpNXEbr+8/kT3JbvdQeRMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEePXuzTU
lLplsSc7i0Y107hbfH8nZU+bskt3H7ooDBbiFuBThmFSMkm70o6vRtgSqEMmIUw5
bPKUpGnTjloVIj1ZNd56qVKiOf9VL97oyYjC52w9QK3sSlDYHO10i1E15MRxRrbW
0gsREwmekibkQp76esAUqZ0Iii310UmPztSg0qnGrURWt/hGaWhaTjZQgEFtCcjH
Yt624XHjYSvloJZEqVnEk2rO8dbJeyORXb435vWaQpsetQT+muqLkqX9cl5Kny7B
n4juJx80qHURhRA+udvAAcIZbbymcWJj3BLBtOxscPILOUQ+JtzSnuY+CIdT5gts
9S9ii/1j/7ap3Q==
-----END CERTIFICATE-----