Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          hlE+q6JU7z9Z9pszHq1/1uaxxboPLs1+rP6MSdDHud0=
Subject key identifier:   9D:79:A0:BE:6A:05:AA:38:FA:00:66:A8:44:FE:E1:D9:C1:C2:54:42
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       019892CA1309F6C9095FCF6BFF0917088F95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          100D
Signing time:             Sun 10 Aug 2025 07:02:53 +0000
Manifest this update:     Sun 10 Aug 2025 07:02:53 +0000
Manifest next update:     Mon 11 Aug 2025 07:02:53 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: qxIrZwhrZVkWTYqaItVVraTI5L1KZhva9NFEwD8EDGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:02:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:ca:13:09:f6:c9:09:5f:cf:6b:ff:09:17:08:8f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Aug 10 07:02:53 2025 GMT
            Not After : Aug 11 07:02:53 2025 GMT
        Subject: CN=9d79a0be6a05aa38fa0066a844fee1d9c1c25442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:67:ae:ae:13:11:3a:1d:68:04:67:8c:e3:68:
                    db:3d:f3:39:a6:e3:f1:85:45:08:79:f6:da:71:0b:
                    bb:eb:97:3b:0a:7c:bb:f0:6b:36:07:30:b8:06:54:
                    16:c6:dc:a7:28:9b:d5:4a:cd:b4:bd:8b:fc:69:ea:
                    f8:7c:db:6b:98:dd:2c:dc:a7:e2:18:c5:dc:eb:c4:
                    2f:15:62:4e:c7:90:01:a9:90:57:61:88:65:3d:8e:
                    b9:dc:33:80:51:36:38:fd:77:b0:f7:96:79:86:7c:
                    2e:3c:00:8a:59:35:26:4f:c1:f0:56:cc:07:34:a7:
                    df:68:05:22:b4:e8:af:81:3a:17:6d:bc:ad:b7:0e:
                    c6:9b:26:d5:85:a2:b4:35:4f:c3:b1:e2:03:b8:ea:
                    44:3f:7e:d5:7b:a3:88:4d:4e:dd:15:b9:41:a0:47:
                    bc:d6:ec:1d:3d:57:a9:8e:9a:0d:70:56:27:86:26:
                    d6:2f:da:9d:b2:48:45:8e:93:8a:fa:9d:fd:a6:95:
                    15:d6:90:f9:80:d7:5d:e0:dd:6c:b1:bf:15:15:cb:
                    53:b5:c5:0c:c6:21:3a:6c:99:cb:46:00:e8:be:21:
                    74:c0:fd:5e:2b:73:5a:20:5a:3f:60:a6:af:02:57:
                    2c:c9:6f:69:3e:73:80:0f:58:5a:0a:6f:c0:bf:4a:
                    c4:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:79:A0:BE:6A:05:AA:38:FA:00:66:A8:44:FE:E1:D9:C1:C2:54:42
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:79:9f:aa:ae:b8:3a:ee:43:f6:0a:71:ef:34:db:61:f3:ae:
         2f:e2:a7:2a:8a:b2:c4:86:1f:c7:c3:de:f6:0e:94:89:54:ec:
         3e:14:32:5d:2f:81:68:85:b7:62:63:c9:f0:5e:d5:dd:dd:1f:
         4d:a1:a5:f6:07:af:4f:c1:50:73:10:42:1f:b6:96:27:cc:f1:
         ff:ab:9d:e1:f8:4a:c3:3a:f5:e5:0c:58:1a:82:92:fb:04:61:
         57:e6:ba:86:6e:fc:87:c2:33:3e:26:09:b5:35:70:5e:83:22:
         bb:fa:72:66:52:5a:a5:22:68:a2:7b:33:99:41:e4:b8:c9:bf:
         50:53:70:5d:90:f7:c6:6f:e0:7d:5c:0d:8e:78:77:08:6e:62:
         dc:2e:df:62:cd:e2:9b:57:d7:5d:d0:40:5e:a2:18:06:da:7f:
         d2:1c:39:71:90:20:fc:1c:fe:cf:a9:a7:7b:ff:fc:84:f6:3a:
         6d:1b:53:e1:c9:c7:98:68:0e:1d:b9:af:e6:ac:4a:7a:8e:43:
         6c:b1:36:dc:e0:ba:41:07:cd:dc:06:26:a0:59:59:58:2c:34:
         c8:ab:db:5d:c0:b2:0e:6a:d8:ca:11:72:2a:ed:d5:de:de:78:
         c1:97:df:af:a0:7b:63:6a:c8:8c:b5:7e:60:65:79:e8:3f:d3:
         8d:95:12:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSyhMJ9skJX89r/wkXCI+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjUwODEwMDcwMjUzWhcNMjUwODExMDcwMjUzWjAzMTEwLwYDVQQD
Eyg5ZDc5YTBiZTZhMDVhYTM4ZmEwMDY2YTg0NGZlZTFkOWMxYzI1NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12eurhMROh1oBGeM42jbPfM5puPx
hUUIefbacQu765c7Cny78Gs2BzC4BlQWxtynKJvVSs20vYv8aer4fNtrmN0s3Kfi
GMXc68QvFWJOx5ABqZBXYYhlPY653DOAUTY4/Xew95Z5hnwuPACKWTUmT8HwVswH
NKffaAUitOivgToXbbyttw7GmybVhaK0NU/DseIDuOpEP37Ve6OITU7dFblBoEe8
1uwdPVepjpoNcFYnhibWL9qdskhFjpOK+p39ppUV1pD5gNdd4N1ssb8VFctTtcUM
xiE6bJnLRgDoviF0wP1eK3NaIFo/YKavAlcsyW9pPnOAD1haCm/Av0rEewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ15oL5qBao4+gBmqET+4dnBwlRCMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnmfqq64
Ou5D9gpx7zTbYfOuL+KnKoqyxIYfx8Pe9g6UiVTsPhQyXS+BaIW3YmPJ8F7V3d0f
TaGl9gevT8FQcxBCH7aWJ8zx/6ud4fhKwzr15QxYGoKS+wRhV+a6hm78h8IzPiYJ
tTVwXoMiu/pyZlJapSJoonszmUHkuMm/UFNwXZD3xm/gfVwNjnh3CG5i3C7fYs3i
m1fXXdBAXqIYBtp/0hw5cZAg/Bz+z6mne//8hPY6bRtT4cnHmGgOHbmv5qxKeo5D
bLE23OC6QQfN3AYmoFlZWCw0yKvbXcCyDmrYyhFyKu3V3t54wZffr6B7Y2rIjLV+
YGV56D/TjZUS9g==
-----END CERTIFICATE-----