Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          m0oe+jpi4Aek0TYRCXw2m53IXIiKaIjZbS3GcXa8dno=
Subject key identifier:   32:03:AE:72:21:65:48:BA:5C:3D:FF:1F:D3:3A:B4:C5:DD:24:F2:5D
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       0199FC8F4D3FDC12EB6E4BD2350FC6E0A07D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 13:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:13 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: kAJzCVOyTtQ590L+e3tAKfDNG+MR+0MkEnpPzLyNWhY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:4d:3f:dc:12:eb:6e:4b:d2:35:0f:c6:e0:a0:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Oct 19 13:01:13 2025 GMT
            Not After : Oct 20 13:01:13 2025 GMT
        Subject: CN=3203ae72216548ba5c3dff1fd33ab4c5dd24f25d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:fb:7a:20:37:2e:b9:1a:1a:81:a0:a4:9d:ee:
                    b5:55:0a:9d:b7:e8:4b:67:8a:6b:88:c1:0c:f8:2b:
                    5a:9c:46:41:a7:79:37:e4:68:a5:26:64:15:d4:fd:
                    4b:9e:19:c2:b3:a2:99:8b:dc:cd:78:fc:c8:42:68:
                    97:1a:47:b5:b1:89:92:c7:42:a1:b4:81:f0:fe:84:
                    80:03:1d:2b:b2:4a:64:3c:83:54:c0:b4:ce:8c:cf:
                    96:23:7e:51:2c:47:18:6d:ac:9a:05:6f:fb:93:1d:
                    e0:cf:60:e5:cb:ea:b6:6b:e2:08:7a:31:ec:72:1d:
                    8c:26:30:5b:e6:3d:f9:7a:a1:08:01:a0:30:c8:0e:
                    6c:92:51:a9:d8:c4:1c:8e:bf:9a:08:48:06:2e:10:
                    90:1c:cf:44:42:2a:0d:93:37:c0:0c:68:f8:73:85:
                    d6:8f:1c:56:92:be:a9:70:9d:6d:f7:62:34:3c:dc:
                    b7:7d:30:32:e7:06:06:83:a7:f8:c9:8e:94:56:5a:
                    c4:b5:88:ad:d2:43:0c:11:91:84:b2:78:4f:e0:14:
                    6e:72:8c:89:d4:be:fd:74:48:42:ff:93:13:60:92:
                    b2:62:43:11:35:20:84:bf:9f:8d:89:b7:da:99:2e:
                    0c:1c:46:76:7a:f3:dd:4f:32:2b:78:b7:ad:0b:ab:
                    b0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:03:AE:72:21:65:48:BA:5C:3D:FF:1F:D3:3A:B4:C5:DD:24:F2:5D
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:9d:dd:0d:85:4d:46:54:81:64:a8:c2:f9:24:c6:7c:bf:b3:
         5c:b1:df:66:3d:50:98:ac:aa:0d:a8:1a:74:1f:48:bc:e1:d2:
         6d:65:bc:e5:b6:f6:99:67:52:7b:3e:44:ec:52:0a:1d:66:05:
         55:54:33:52:60:c1:0e:21:d5:74:50:96:c4:3e:e4:2a:7a:fa:
         b3:6d:b9:c1:5e:21:05:25:fb:d9:35:49:0f:03:9a:c9:83:f5:
         e5:0d:b8:5e:8a:91:05:7b:3b:28:00:be:56:8c:5a:98:b3:96:
         a4:eb:cb:47:19:b7:64:0a:71:ff:59:fc:53:72:fa:8a:42:ce:
         bc:46:a4:2b:28:aa:4d:ba:d3:8a:20:a5:c8:dd:2e:bf:38:63:
         2f:d9:b7:c1:15:24:ca:3a:6d:92:45:d5:28:2a:34:2f:11:d9:
         ac:57:0d:d0:54:4f:1a:f4:73:c9:08:af:99:ec:49:10:a1:c9:
         af:49:2d:aa:bb:87:0c:68:85:ab:23:74:1d:11:8f:73:1c:38:
         b4:db:89:cc:82:f8:7d:0f:cd:31:36:b0:58:9c:b0:4c:f6:5c:
         04:b5:14:5b:b5:95:93:68:29:7a:e1:30:2a:a9:8a:b0:0d:db:
         29:f5:df:ed:4e:4b:5a:a0:dc:fa:63:66:05:2a:d1:60:e0:6c:
         81:5e:ba:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j00/3BLrbkvSNQ/G4KB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUxMDE5MTMwMTEzWhcNMjUxMDIwMTMwMTEzWjAzMTEwLwYDVQQD
EygzMjAzYWU3MjIxNjU0OGJhNWMzZGZmMWZkMzNhYjRjNWRkMjRmMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/t6IDcuuRoagaCkne61VQqdt+hL
Z4priMEM+CtanEZBp3k35GilJmQV1P1LnhnCs6KZi9zNePzIQmiXGke1sYmSx0Kh
tIHw/oSAAx0rskpkPINUwLTOjM+WI35RLEcYbayaBW/7kx3gz2Dly+q2a+IIejHs
ch2MJjBb5j35eqEIAaAwyA5sklGp2MQcjr+aCEgGLhCQHM9EQioNkzfADGj4c4XW
jxxWkr6pcJ1t92I0PNy3fTAy5wYGg6f4yY6UVlrEtYit0kMMEZGEsnhP4BRucoyJ
1L79dEhC/5MTYJKyYkMRNSCEv5+NibfamS4MHEZ2evPdTzIreLetC6uweQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIDrnIhZUi6XD3/H9M6tMXdJPJdMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANp3dDYVN
RlSBZKjC+STGfL+zXLHfZj1QmKyqDagadB9IvOHSbWW85bb2mWdSez5E7FIKHWYF
VVQzUmDBDiHVdFCWxD7kKnr6s225wV4hBSX72TVJDwOayYP15Q24XoqRBXs7KAC+
VoxamLOWpOvLRxm3ZApx/1n8U3L6ikLOvEakKyiqTbrTiiClyN0uvzhjL9m3wRUk
yjptkkXVKCo0LxHZrFcN0FRPGvRzyQivmexJEKHJr0ktqruHDGiFqyN0HRGPcxw4
tNuJzIL4fQ/NMTawWJywTPZcBLUUW7WVk2gpeuEwKqmKsA3bKfXf7U5LWqDc+mNm
BSrRYOBsgV66Ug==
-----END CERTIFICATE-----