Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
File:                     sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft (raw, json)
Hash identifier:          0yH4d03pGD6qUrybO4EhZ8JE0ZQw2CPgZiPzmEvoh9M=
Subject key identifier:   63:75:D9:8B:81:DF:79:2E:59:64:9B:96:F5:74:B6:9F:E4:5F:34:FC
Authority key identifier: B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B
Certificate issuer:       /CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
Certificate serial:       0199FE0FD7117639D09028F90713327F7828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
Manifest number:          0381
Signing time:             Sun 19 Oct 2025 20:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:14 +0000
Files and hashes:         1: sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl (hash: OcZ87gyrzm56qhW2ZL73kHOxXaKMO/R9JfCs71euDKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:0f:d7:11:76:39:d0:90:28:f9:07:13:32:7f:78:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
        Validity
            Not Before: Oct 19 20:01:14 2025 GMT
            Not After : Oct 20 20:01:14 2025 GMT
        Subject: CN=6375d98b81df792e59649b96f574b69fe45f34fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:bf:14:12:2c:54:0e:5f:50:53:1b:63:43:df:
                    2a:ce:0c:a6:2f:41:9f:0a:44:f8:0d:e3:0a:0f:ae:
                    c4:a2:13:7a:12:9d:be:53:9a:7b:8b:4e:d7:a1:c7:
                    25:fa:2b:80:76:16:81:18:7e:f4:5e:13:16:cb:8a:
                    78:56:9a:92:39:5b:f3:20:f7:14:a7:47:02:c3:2a:
                    e8:5c:1b:5f:47:03:2c:5d:de:0c:bf:a2:1d:33:de:
                    af:48:03:58:fa:23:51:03:5c:75:c6:13:4c:1f:ee:
                    d6:5a:61:16:69:f9:48:e7:13:34:05:e1:06:59:af:
                    77:56:a0:63:66:c8:15:45:b9:55:b8:40:31:d2:ba:
                    65:6e:da:20:a5:c6:78:74:57:59:f1:eb:6d:5b:5d:
                    f2:ca:d6:27:d5:e9:38:27:c2:57:29:cd:98:fe:de:
                    e2:83:99:42:67:be:7b:0f:bc:00:51:53:53:c3:34:
                    45:78:e4:3f:9f:f0:8b:1f:1d:c3:54:2c:88:e5:ec:
                    58:5b:81:b2:cf:3d:f2:94:8b:5c:6c:80:fe:fe:a2:
                    d2:b9:2a:24:30:89:65:86:83:dc:ee:f7:84:c4:e4:
                    18:19:d4:b0:fc:dd:e8:3f:27:db:eb:13:7c:0b:9a:
                    57:61:7d:23:e1:99:6a:a0:5f:55:b6:a0:94:2c:f0:
                    c0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:75:D9:8B:81:DF:79:2E:59:64:9B:96:F5:74:B6:9F:E4:5F:34:FC
            X509v3 Authority Key Identifier:
                keyid:B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:1f:7f:97:68:48:d5:34:8b:29:3f:84:71:3c:be:7c:6b:b5:
         d7:c5:41:93:bb:44:a6:3e:51:2d:1f:b0:75:ba:ae:8a:67:3a:
         00:1c:3b:3d:bd:4f:9b:5a:f0:0e:d0:f5:24:d8:88:49:70:c4:
         f6:c2:02:69:e5:48:cb:90:13:1b:5e:10:9f:49:91:29:1f:ed:
         fb:b2:9a:e6:96:33:06:87:bd:d9:5e:ab:a6:f4:3e:61:0d:00:
         24:cd:93:5c:5b:ce:c1:f8:0a:a8:dd:8b:96:59:dc:68:ed:1d:
         d5:d7:08:03:5b:1a:1c:1d:05:61:62:05:10:29:51:b7:c0:d7:
         95:f8:15:be:6b:7e:ac:37:c8:49:79:03:68:72:3d:cb:b8:20:
         17:ad:57:42:be:8e:33:04:52:66:f3:ba:0d:fc:8c:31:03:45:
         ed:64:72:96:e4:2e:64:21:bf:b5:af:8a:4c:3d:01:64:4a:2c:
         ed:44:e4:e9:b1:fe:85:d5:ac:22:48:7c:98:b4:92:73:ab:c0:
         65:ad:bf:e0:fc:2a:63:7d:ba:b6:6a:f4:49:f2:c8:ce:f2:5b:
         38:d7:57:3a:18:56:3b:f4:12:56:7e:df:b8:72:fe:69:ff:78:
         34:d7:56:d9:48:f7:54:01:f5:88:3f:45:a8:42:ec:c2:ff:f2:
         7f:f6:5b:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+D9cRdjnQkCj5BxMyf3goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTg1MzcxZTkyZjM5YTJiZTQyNDc2MGIwNGU0N2FkOWRh
M2VkM2IwHhcNMjUxMDE5MjAwMTE0WhcNMjUxMDIwMjAwMTE0WjAzMTEwLwYDVQQD
Eyg2Mzc1ZDk4YjgxZGY3OTJlNTk2NDliOTZmNTc0YjY5ZmU0NWYzNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+L8UEixUDl9QUxtjQ98qzgymL0Gf
CkT4DeMKD67EohN6Ep2+U5p7i07Xoccl+iuAdhaBGH70XhMWy4p4VpqSOVvzIPcU
p0cCwyroXBtfRwMsXd4Mv6IdM96vSANY+iNRA1x1xhNMH+7WWmEWaflI5xM0BeEG
Wa93VqBjZsgVRblVuEAx0rplbtogpcZ4dFdZ8ettW13yytYn1ek4J8JXKc2Y/t7i
g5lCZ757D7wAUVNTwzRFeOQ/n/CLHx3DVCyI5exYW4Gyzz3ylItcbID+/qLSuSok
MIllhoPc7veExOQYGdSw/N3oPyfb6xN8C5pXYX0j4ZlqoF9VtqCULPDAUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGN12YuB33kuWWSblvV0tp/kXzT8MB8GA1UdIwQY
MBaAFLKoU3HpLzmivkJHYLBOR62do+07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMt
OWFiZTRlNmMyYmUxLzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMtOWFiZTRlNmMyYmUx
LzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXR9/l2hI
1TSLKT+EcTy+fGu118VBk7tEpj5RLR+wdbquimc6ABw7Pb1Pm1rwDtD1JNiISXDE
9sICaeVIy5ATG14Qn0mRKR/t+7Ka5pYzBoe92V6rpvQ+YQ0AJM2TXFvOwfgKqN2L
llncaO0d1dcIA1saHB0FYWIFEClRt8DXlfgVvmt+rDfISXkDaHI9y7ggF61XQr6O
MwRSZvO6DfyMMQNF7WRyluQuZCG/ta+KTD0BZEos7UTk6bH+hdWsIkh8mLSSc6vA
Za2/4PwqY326tmr0SfLIzvJbONdXOhhWO/QSVn7fuHL+af94NNdW2Uj3VAH1iD9F
qELswv/yf/Zb+w==
-----END CERTIFICATE-----