Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          VaimE7ACZHVWo3YPR2MN6w1ZCD5Lx2OmYeNjAv3qNuY=
Subject key identifier:   0F:AC:AF:98:11:E3:E9:AC:D6:51:E1:AC:B2:7F:EF:64:F3:6E:3C:20
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       01988EEBD537E639DE320142531C3B37F913
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          06C1
Signing time:             Sat 09 Aug 2025 13:01:16 +0000
Manifest this update:     Sat 09 Aug 2025 13:01:16 +0000
Manifest next update:     Sun 10 Aug 2025 13:01:16 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: VAY7Se2tCVGG7lBwGcnRujcLcLqMAVRmi3mhlDpvEzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:eb:d5:37:e6:39:de:32:01:42:53:1c:3b:37:f9:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Aug  9 13:01:16 2025 GMT
            Not After : Aug 10 13:01:16 2025 GMT
        Subject: CN=0facaf9811e3e9acd651e1acb27fef64f36e3c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9e:5a:7d:c4:f5:28:95:41:d3:ee:d8:75:48:
                    da:4b:92:a7:dd:20:27:ec:c8:96:05:82:bf:fb:a5:
                    4f:36:39:44:82:0f:e6:28:ca:d2:46:09:69:f4:ec:
                    9f:94:12:d9:e8:e9:71:98:fb:15:cd:85:e9:a2:db:
                    ec:9d:fe:89:84:f2:c0:72:98:7a:b8:6f:65:4d:f2:
                    67:32:3f:47:93:87:18:2f:d1:a9:78:e4:ae:97:2d:
                    15:3b:41:05:76:3e:f7:1e:bd:75:19:c9:c2:7e:c0:
                    14:22:3f:49:f0:7f:a4:ea:c3:23:0b:98:9f:76:99:
                    33:4e:2f:65:0d:84:46:71:20:65:30:f6:be:b5:24:
                    9d:a0:6a:e0:eb:01:57:15:d4:c5:2a:92:bb:92:31:
                    67:49:fb:5e:e7:bf:be:cc:19:bb:12:f5:8d:05:a0:
                    46:b7:15:09:54:d9:58:88:8e:78:4d:51:2e:a9:ed:
                    1c:70:26:e8:50:f3:5b:d4:c8:66:e3:df:51:97:0f:
                    45:ac:2c:32:4f:fe:32:7f:80:8b:c5:55:ea:2a:14:
                    2b:53:d1:ee:17:02:8a:00:c9:07:73:cf:f0:33:f7:
                    27:86:94:01:34:db:fe:f5:4b:1d:16:ad:9a:2d:dd:
                    64:da:c8:b5:32:78:c4:d1:21:af:d5:86:35:6f:fe:
                    ed:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:AC:AF:98:11:E3:E9:AC:D6:51:E1:AC:B2:7F:EF:64:F3:6E:3C:20
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:95:44:64:98:0e:ee:29:94:10:dd:84:0e:58:37:1a:85:c1:
         79:5c:a5:df:e9:cd:0a:13:b2:56:fb:02:c1:aa:fb:a4:30:a1:
         1d:12:86:29:fc:df:d2:8a:b7:80:c3:91:87:df:aa:ec:ed:66:
         f8:08:1e:e8:ed:ec:43:44:e2:2d:e5:6d:5b:c6:80:2b:40:99:
         9f:b9:1d:f0:09:e0:c6:df:f9:cc:fc:83:77:cf:8c:4c:b0:8f:
         76:d0:23:62:d7:0c:99:9d:e0:7c:c0:67:f7:19:20:3e:23:9b:
         7c:74:53:c5:5f:09:29:3c:cd:59:6a:e2:3f:35:7c:57:b2:83:
         d0:8c:f0:7d:1f:ea:56:8e:6a:c1:91:e0:0f:3b:6b:18:f5:7b:
         4c:35:d1:10:67:3b:46:f8:f8:e0:8b:b9:93:dd:ca:ca:ca:97:
         d9:ac:86:93:77:c5:1f:6b:0b:92:2d:91:f2:37:a0:f8:66:e3:
         de:93:94:9c:1a:55:07:96:e0:c3:8f:69:74:4d:9f:03:a1:4d:
         12:8e:d4:2c:30:f5:da:37:69:23:ed:b0:7b:52:a1:70:01:de:
         29:ed:c5:db:96:1c:7f:32:fc:af:0b:10:87:7d:04:1f:e4:df:
         79:0d:51:cb:4e:c0:bd:1e:32:d4:9a:c0:6e:ef:b2:94:cd:67:
         8d:9a:06:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO69U35jneMgFCUxw7N/kTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUwODA5MTMwMTE2WhcNMjUwODEwMTMwMTE2WjAzMTEwLwYDVQQD
EygwZmFjYWY5ODExZTNlOWFjZDY1MWUxYWNiMjdmZWY2NGYzNmUzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ5afcT1KJVB0+7YdUjaS5Kn3SAn
7MiWBYK/+6VPNjlEgg/mKMrSRglp9OyflBLZ6OlxmPsVzYXpotvsnf6JhPLAcph6
uG9lTfJnMj9Hk4cYL9GpeOSuly0VO0EFdj73Hr11GcnCfsAUIj9J8H+k6sMjC5if
dpkzTi9lDYRGcSBlMPa+tSSdoGrg6wFXFdTFKpK7kjFnSfte57++zBm7EvWNBaBG
txUJVNlYiI54TVEuqe0ccCboUPNb1Mhm499Rlw9FrCwyT/4yf4CLxVXqKhQrU9Hu
FwKKAMkHc8/wM/cnhpQBNNv+9UsdFq2aLd1k2si1MnjE0SGv1YY1b/7tCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+sr5gR4+ms1lHhrLJ/72TzbjwgMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5VEZJgO
7imUEN2EDlg3GoXBeVyl3+nNChOyVvsCwar7pDChHRKGKfzf0oq3gMORh9+q7O1m
+Age6O3sQ0TiLeVtW8aAK0CZn7kd8Angxt/5zPyDd8+MTLCPdtAjYtcMmZ3gfMBn
9xkgPiObfHRTxV8JKTzNWWriPzV8V7KD0IzwfR/qVo5qwZHgDztrGPV7TDXREGc7
Rvj44Iu5k93KysqX2ayGk3fFH2sLki2R8jeg+Gbj3pOUnBpVB5bgw49pdE2fA6FN
Eo7ULDD12jdpI+2we1KhcAHeKe3F25YcfzL8rwsQh30EH+TfeQ1Ry07AvR4y1JrA
bu+ylM1njZoGaw==
-----END CERTIFICATE-----