Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft
File:                     0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft (raw, json)
Hash identifier:          pKzIjJKcl5Ra+zJjvgirrXpaBqT/mWM2uL7+gIiHrqA=
Subject key identifier:   A6:61:13:39:BE:74:C8:A3:90:80:98:C3:26:DA:07:A0:4E:A0:50:72
Authority key identifier: D2:A4:01:D1:FC:11:D2:2C:83:D5:D3:F5:6E:DD:48:E9:49:89:CC:17
Certificate issuer:       /CN=d2a401d1fc11d22c83d5d3f56edd48e94989cc17
Certificate serial:       0199FBB36E46032A9BD1A2C07FC3A5A62636
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft
Manifest number:          1B
Signing time:             Sun 19 Oct 2025 09:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 09:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 09:01:04 +0000
Files and hashes:         1: 0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl (hash: ILSCjfysZRR0iXAPbZSAr7x+EJ/juNzYmbFGOoZU/RY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:b3:6e:46:03:2a:9b:d1:a2:c0:7f:c3:a5:a6:26:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a401d1fc11d22c83d5d3f56edd48e94989cc17
        Validity
            Not Before: Oct 19 09:01:04 2025 GMT
            Not After : Oct 20 09:01:04 2025 GMT
        Subject: CN=a6611339be74c8a3908098c326da07a04ea05072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1b:f6:fa:c0:6d:cf:54:59:ce:0d:7c:c8:49:
                    5f:29:29:e4:a3:f8:1e:e0:5d:5f:6b:58:d7:fa:aa:
                    e0:2e:03:18:76:dd:cb:22:2d:ff:43:cf:82:7e:32:
                    2e:85:0d:f9:b0:cb:5b:76:b7:27:50:54:c9:28:47:
                    2d:af:d4:2f:47:f1:71:72:20:5f:58:a9:c2:96:b4:
                    7f:9e:6f:cc:22:ec:ca:69:53:c5:68:f7:74:2e:53:
                    20:ad:63:06:9d:93:9b:9d:fe:65:9e:31:3f:96:d5:
                    0f:9e:ea:67:a0:d7:61:ab:87:4b:4b:13:72:13:ed:
                    f9:1e:37:6f:8d:d3:25:01:d6:40:aa:39:89:86:3e:
                    5f:83:67:aa:2e:b3:d3:3f:3d:e1:94:b8:df:59:c9:
                    1a:24:3e:7e:cd:2f:98:7f:d6:dc:2c:b0:4b:d5:1b:
                    97:da:d2:f1:74:18:be:79:17:ba:65:be:d0:ac:29:
                    0a:2f:b3:f0:8e:07:52:68:07:83:9c:ed:70:f6:ae:
                    e4:f3:6c:45:63:61:a3:40:ed:5f:a6:88:50:49:4e:
                    12:0f:7b:49:b1:db:fa:1e:78:07:e0:6c:8f:74:c7:
                    09:e5:20:be:70:57:69:c8:01:3f:66:5e:e3:c9:a2:
                    65:9e:15:76:10:8d:6d:8a:09:f4:9b:9f:9b:92:ae:
                    26:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:61:13:39:BE:74:C8:A3:90:80:98:C3:26:DA:07:A0:4E:A0:50:72
            X509v3 Authority Key Identifier:
                keyid:D2:A4:01:D1:FC:11:D2:2C:83:D5:D3:F5:6E:DD:48:E9:49:89:CC:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:96:92:15:39:8a:61:a5:63:7c:c1:0a:cb:dc:58:ca:78:a3:
         07:7d:cb:ba:43:10:79:ee:19:54:79:c0:40:52:b2:8e:e8:00:
         0e:8e:8e:97:5d:e7:db:17:60:f1:ea:11:cb:7b:89:06:ae:11:
         95:dc:e6:ab:05:0f:b7:37:21:42:90:72:46:37:a6:2b:9c:c5:
         98:d6:52:8a:d0:e6:ea:e1:3e:04:27:68:38:43:6d:09:c2:47:
         c7:43:32:c9:92:ba:67:4d:ab:71:1d:47:1c:5d:3e:b9:5b:5c:
         7a:b3:4b:75:38:ec:15:fd:1f:51:04:76:1a:b6:22:2b:0e:13:
         27:fc:40:1d:f3:6b:d6:36:3b:71:7c:c3:17:1f:65:13:07:da:
         0c:6a:7b:f3:16:df:55:a3:94:c1:db:fc:5d:84:39:f1:46:53:
         36:0f:65:0f:07:9b:e4:6c:a7:7b:4c:78:3a:06:f4:eb:93:52:
         91:b2:0b:2e:18:fa:5e:db:02:e8:00:58:9c:99:4d:b0:84:47:
         8d:49:41:47:fd:f2:7e:58:1c:4c:21:13:61:9b:97:64:4e:51:
         e3:dc:6e:f6:aa:f2:42:38:78:9d:03:ab:1a:31:34:f9:a9:ec:
         d8:47:34:70:f4:71:65:fe:3c:6d:0d:0f:53:37:95:db:bf:b7:
         8a:b2:18:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s25GAyqb0aLAf8OlpiY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTQwMWQxZmMxMWQyMmM4M2Q1ZDNmNTZlZGQ0OGU5NDk4
OWNjMTcwHhcNMjUxMDE5MDkwMTA0WhcNMjUxMDIwMDkwMTA0WjAzMTEwLwYDVQQD
EyhhNjYxMTMzOWJlNzRjOGEzOTA4MDk4YzMyNmRhMDdhMDRlYTA1MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRv2+sBtz1RZzg18yElfKSnko/ge
4F1fa1jX+qrgLgMYdt3LIi3/Q8+CfjIuhQ35sMtbdrcnUFTJKEctr9QvR/FxciBf
WKnClrR/nm/MIuzKaVPFaPd0LlMgrWMGnZObnf5lnjE/ltUPnupnoNdhq4dLSxNy
E+35HjdvjdMlAdZAqjmJhj5fg2eqLrPTPz3hlLjfWckaJD5+zS+Yf9bcLLBL1RuX
2tLxdBi+eRe6Zb7QrCkKL7PwjgdSaAeDnO1w9q7k82xFY2GjQO1fpohQSU4SD3tJ
sdv6HngH4GyPdMcJ5SC+cFdpyAE/Zl7jyaJlnhV2EI1tign0m5+bkq4m3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZhEzm+dMijkICYwybaB6BOoFByMB8GA1UdIwQY
MBaAFNKkAdH8EdIsg9XT9W7dSOlJicwXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85ZWQzZTItOTBlNS00MjJiLThmMzUt
NDQ4MjQxNWM2MjZkLzEvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85ZWQzZTItOTBlNS00MjJiLThmMzUtNDQ4MjQxNWM2MjZk
LzEvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5aSFTmK
YaVjfMEKy9xYynijB33LukMQee4ZVHnAQFKyjugADo6Ol13n2xdg8eoRy3uJBq4R
ldzmqwUPtzchQpByRjemK5zFmNZSitDm6uE+BCdoOENtCcJHx0MyyZK6Z02rcR1H
HF0+uVtcerNLdTjsFf0fUQR2GrYiKw4TJ/xAHfNr1jY7cXzDFx9lEwfaDGp78xbf
VaOUwdv8XYQ58UZTNg9lDweb5Gyne0x4Ogb065NSkbILLhj6XtsC6ABYnJlNsIRH
jUlBR/3yflgcTCETYZuXZE5R49xu9qryQjh4nQOrGjE0+ans2Ec0cPRxZf48bQ0P
UzeV27+3irIY8g==
-----END CERTIFICATE-----