Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
File:                     qfCQLHsw_sPg3PXyO_7fUBgjQps.mft (raw, json)
Hash identifier:          HEoVB+/Ucc+9rtI2jZet4edpeWU6quawMVh+830jI5k=
Subject key identifier:   98:EC:30:AB:9A:9C:1B:09:1B:A7:89:F3:0B:FF:63:86:AF:7B:9A:BF
Authority key identifier: A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
Certificate issuer:       /CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
Certificate serial:       0199FC8F9B9670FF3C0656C15C4BF654936A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
Manifest number:          0571
Signing time:             Sun 19 Oct 2025 13:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:33 +0000
Files and hashes:         1: qfCQLHsw_sPg3PXyO_7fUBgjQps.crl (hash: b3f9u3dlWzTY3L3eRqlctUzdvl0YH7EDgtG2gyMPAJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:9b:96:70:ff:3c:06:56:c1:5c:4b:f6:54:93:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
        Validity
            Not Before: Oct 19 13:01:33 2025 GMT
            Not After : Oct 20 13:01:33 2025 GMT
        Subject: CN=98ec30ab9a9c1b091ba789f30bff6386af7b9abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2e:d4:54:c5:71:fb:45:47:b3:c6:a7:26:12:
                    db:51:a9:79:89:62:50:e0:fd:36:35:9b:83:ec:5a:
                    46:fc:4f:a6:1b:c2:82:a7:fb:7c:ca:bb:bd:35:b9:
                    69:60:88:f1:04:08:d4:0e:27:85:83:e7:a6:dd:ad:
                    48:89:32:41:0c:11:fd:56:f3:1e:ab:0d:0a:e2:72:
                    ab:49:42:63:94:d2:a7:be:b5:4d:66:23:d8:5b:e0:
                    80:8f:11:0d:5a:27:55:c0:a3:8f:d8:15:a1:4c:54:
                    dc:f3:7c:10:71:c7:b0:0e:96:32:3e:7c:2f:ce:d9:
                    21:c1:fa:5e:69:de:8b:91:3d:64:3e:ff:ea:bd:b0:
                    3f:fd:81:29:a1:34:de:cf:19:b3:83:69:d2:dd:01:
                    6f:94:dc:7a:a0:26:93:a1:bc:c8:30:b4:4b:94:8c:
                    17:b4:70:ad:23:fa:ca:cd:ff:91:67:2b:3d:dd:8d:
                    e1:49:73:5f:74:bd:ec:3f:8d:44:db:8c:79:9f:ec:
                    09:f3:b3:5c:e0:62:48:84:a4:89:86:be:da:c5:3b:
                    ef:04:49:5e:43:c0:75:58:c9:e9:da:7c:4b:c5:4f:
                    21:c5:ea:e2:15:0a:50:c3:3b:12:59:d3:d0:1a:dd:
                    6c:a1:ae:74:12:77:78:cc:9e:12:bf:e4:e0:c3:e7:
                    ed:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:EC:30:AB:9A:9C:1B:09:1B:A7:89:F3:0B:FF:63:86:AF:7B:9A:BF
            X509v3 Authority Key Identifier:
                keyid:A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:e1:9c:c4:a6:08:72:ec:be:f1:9b:ce:d8:f1:47:36:91:16:
         be:72:dc:ec:54:01:89:b8:06:87:1f:01:4f:17:60:c0:09:52:
         9d:1f:5b:28:97:49:aa:67:de:0b:de:5f:6c:6b:34:d2:e3:bc:
         b0:4a:29:66:16:86:d5:21:f3:3b:5e:f9:24:5b:0d:d5:97:1f:
         5d:70:77:44:ce:f8:04:fd:1e:3a:d6:83:40:b9:4b:8a:42:40:
         36:cb:e5:6b:f6:bb:4e:88:ad:2e:b7:e3:cf:cb:88:b6:da:89:
         cd:6e:57:57:22:92:47:b3:47:a1:49:9b:3c:72:09:43:76:3d:
         27:76:81:74:54:bb:e5:b2:0d:6a:a3:99:da:e8:a5:de:40:25:
         b5:6c:7a:4a:f2:7e:84:65:03:75:48:2c:cc:8b:ac:29:17:5a:
         3e:13:0e:cd:34:19:1b:18:97:1e:44:35:e5:04:53:c3:0f:fd:
         0c:ea:e3:d8:6c:ed:75:ae:d5:ba:06:af:fa:5e:36:db:35:65:
         fb:d6:fe:6b:8a:9b:0c:62:ec:9c:cc:bc:0f:19:ce:0b:ba:26:
         29:25:5f:b5:a6:cb:9c:9c:cc:73:53:33:f2:f1:8c:c4:57:f1:
         ae:5f:a6:75:5e:f1:a6:2f:cd:da:c6:b0:32:03:6d:f4:b4:6b:
         53:0c:07:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j5uWcP88BlbBXEv2VJNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjA5MDJjN2IzMGZlYzNlMGRjZjVmMjNiZmVkZjUwMTgy
MzQyOWIwHhcNMjUxMDE5MTMwMTMzWhcNMjUxMDIwMTMwMTMzWjAzMTEwLwYDVQQD
Eyg5OGVjMzBhYjlhOWMxYjA5MWJhNzg5ZjMwYmZmNjM4NmFmN2I5YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky7UVMVx+0VHs8anJhLbUal5iWJQ
4P02NZuD7FpG/E+mG8KCp/t8yru9NblpYIjxBAjUDieFg+em3a1IiTJBDBH9VvMe
qw0K4nKrSUJjlNKnvrVNZiPYW+CAjxENWidVwKOP2BWhTFTc83wQccewDpYyPnwv
ztkhwfpead6LkT1kPv/qvbA//YEpoTTezxmzg2nS3QFvlNx6oCaTobzIMLRLlIwX
tHCtI/rKzf+RZys93Y3hSXNfdL3sP41E24x5n+wJ87Nc4GJIhKSJhr7axTvvBEle
Q8B1WMnp2nxLxU8hxeriFQpQwzsSWdPQGt1soa50End4zJ4Sv+Tgw+ftrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjsMKuanBsJG6eJ8wv/Y4ave5q/MB8GA1UdIwQY
MBaAFKnwkCx7MP7D4Nz18jv+31AYI0KbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUt
ODk2ODU2NWRmNjNhLzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUtODk2ODU2NWRmNjNh
LzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANuGcxKYI
cuy+8ZvO2PFHNpEWvnLc7FQBibgGhx8BTxdgwAlSnR9bKJdJqmfeC95fbGs00uO8
sEopZhaG1SHzO175JFsN1ZcfXXB3RM74BP0eOtaDQLlLikJANsvla/a7ToitLrfj
z8uIttqJzW5XVyKSR7NHoUmbPHIJQ3Y9J3aBdFS75bINaqOZ2uil3kAltWx6SvJ+
hGUDdUgszIusKRdaPhMOzTQZGxiXHkQ15QRTww/9DOrj2Gztda7Vugav+l422zVl
+9b+a4qbDGLsnMy8DxnOC7omKSVftabLnJzMc1Mz8vGMxFfxrl+mdV7xpi/N2saw
MgNt9LRrUwwHLw==
-----END CERTIFICATE-----