Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          gukmjt+PP/WP9aISGt0U1maC7ELAWM4ZTebIUgyvi8M=
Subject key identifier:   16:20:E3:01:98:5E:A4:5D:AA:60:0C:0C:80:A9:E4:2D:61:9D:A7:1E
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       01988B7D0DD05807FFA7737C3BB709F561C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          1621
Signing time:             Fri 08 Aug 2025 21:01:25 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:25 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:25 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: /bReFfYnxRJQX/j8ZMns+OUNecmZd7kDfXWcxvRXa6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7d:0d:d0:58:07:ff:a7:73:7c:3b:b7:09:f5:61:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: Aug  8 21:01:25 2025 GMT
            Not After : Aug  9 21:01:25 2025 GMT
        Subject: CN=1620e301985ea45daa600c0c80a9e42d619da71e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e4:8b:e1:97:64:9c:83:f4:67:1e:8b:27:56:
                    e8:6f:f2:07:3b:33:6d:a0:c7:85:72:f0:27:f2:b5:
                    d8:1c:5b:21:0d:47:49:5b:6e:d9:25:8b:e9:8a:ae:
                    c0:b9:0f:e7:8e:12:b6:ce:e5:80:a7:b7:44:da:c0:
                    32:0a:2b:04:9d:3e:51:d1:15:28:5d:98:49:0f:a8:
                    58:78:89:31:98:b9:0a:a7:9d:a1:e1:e6:aa:c1:22:
                    68:01:93:64:e6:a5:c6:f6:00:8a:ba:96:67:a2:2d:
                    3d:64:f7:fc:64:bf:56:2b:0c:0e:3c:ee:ad:5a:32:
                    69:a0:b0:3d:81:ed:98:f8:09:93:07:fd:83:91:3e:
                    76:6b:fa:29:d4:f4:44:a5:b2:44:33:76:d3:58:59:
                    e1:b6:39:e3:e0:39:25:d5:b5:2f:44:f0:0f:9c:66:
                    d0:2a:1c:33:b9:f5:3b:35:1b:db:16:4d:5e:94:3c:
                    da:51:cc:31:6f:74:59:37:3b:4b:8e:de:1e:0f:93:
                    9a:4f:97:fb:36:ed:78:c8:91:56:42:7c:13:d2:71:
                    3a:33:8a:18:bb:ca:07:de:28:d5:bc:90:05:5d:4c:
                    04:39:78:7b:c4:2d:1c:5c:63:cb:eb:28:f1:23:e4:
                    78:55:27:cd:ef:15:4c:d2:1b:05:86:a3:da:28:99:
                    9c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:20:E3:01:98:5E:A4:5D:AA:60:0C:0C:80:A9:E4:2D:61:9D:A7:1E
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d4:68:e9:26:1d:85:c2:0d:86:05:13:44:ca:75:48:67:36:
         38:44:4c:cf:c9:d9:14:2d:53:85:1b:77:cf:db:2e:d3:08:b9:
         64:01:48:17:42:28:0a:56:f3:0b:30:18:dc:8f:6f:5f:aa:79:
         ce:fb:e3:2e:79:21:fc:b7:c2:8b:53:bb:9f:e3:d1:2f:36:87:
         e3:ee:ff:23:b2:8b:e1:e5:ac:57:05:0b:11:34:17:53:9d:e0:
         1a:11:c9:e9:e9:5f:4e:ee:ce:97:1e:96:71:aa:c3:17:8f:44:
         4a:f7:4e:90:71:73:1f:43:e6:bb:ea:df:99:f3:b4:2c:1c:90:
         81:70:cd:24:bf:81:ba:87:69:c1:38:82:30:74:6c:7d:31:4e:
         05:13:44:82:66:8f:9c:ed:9b:a5:6f:7c:e2:6e:3f:25:3b:f4:
         1f:96:66:84:a8:86:48:15:10:df:b5:48:3d:03:26:d9:ae:cb:
         28:61:53:9f:18:ca:5d:93:5e:ae:48:3c:e5:41:16:55:c2:d4:
         16:e7:7d:05:c1:82:cc:9d:55:1e:33:b8:03:f9:a8:1b:8a:9e:
         61:c2:c8:9f:a9:97:5e:30:46:c0:d2:66:7f:13:92:e8:93:5d:
         44:53:16:89:9d:4f:e8:87:b4:a1:9f:d4:14:1e:0d:19:0b:28:
         51:e6:45:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfQ3QWAf/p3N8O7cJ9WHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjUwODA4MjEwMTI1WhcNMjUwODA5MjEwMTI1WjAzMTEwLwYDVQQD
EygxNjIwZTMwMTk4NWVhNDVkYWE2MDBjMGM4MGE5ZTQyZDYxOWRhNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+SL4ZdknIP0Zx6LJ1bob/IHOzNt
oMeFcvAn8rXYHFshDUdJW27ZJYvpiq7AuQ/njhK2zuWAp7dE2sAyCisEnT5R0RUo
XZhJD6hYeIkxmLkKp52h4eaqwSJoAZNk5qXG9gCKupZnoi09ZPf8ZL9WKwwOPO6t
WjJpoLA9ge2Y+AmTB/2DkT52a/op1PREpbJEM3bTWFnhtjnj4Dkl1bUvRPAPnGbQ
KhwzufU7NRvbFk1elDzaUcwxb3RZNztLjt4eD5OaT5f7Nu14yJFWQnwT0nE6M4oY
u8oH3ijVvJAFXUwEOXh7xC0cXGPL6yjxI+R4VSfN7xVM0hsFhqPaKJmc1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYg4wGYXqRdqmAMDICp5C1hnaceMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdRo6SYd
hcINhgUTRMp1SGc2OERMz8nZFC1ThRt3z9su0wi5ZAFIF0IoClbzCzAY3I9vX6p5
zvvjLnkh/LfCi1O7n+PRLzaH4+7/I7KL4eWsVwULETQXU53gGhHJ6elfTu7Olx6W
carDF49ESvdOkHFzH0Pmu+rfmfO0LByQgXDNJL+BuodpwTiCMHRsfTFOBRNEgmaP
nO2bpW984m4/JTv0H5ZmhKiGSBUQ37VIPQMm2a7LKGFTnxjKXZNerkg85UEWVcLU
Fud9BcGCzJ1VHjO4A/moG4qeYcLIn6mXXjBGwNJmfxOS6JNdRFMWiZ1P6Ie0oZ/U
FB4NGQsoUeZFdg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:41 2025 by rpki-client