Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          Awx887282L9yZKMMvgViL+fNB+bBfiWXPjkwEXSyKZ8=
Subject key identifier:   6D:02:BA:DA:75:69:D3:A5:2F:5E:AA:31:56:39:64:D7:CB:A7:5A:7F
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       0197B88F86A540C048E92A08A6CA3F8475AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          0652
Signing time:             Sat 28 Jun 2025 22:01:42 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:42 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:42 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: EiJ/hb8zdf88REhcsE3A9nEFepOEBpA6kqI2Ylce3M8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:86:a5:40:c0:48:e9:2a:08:a6:ca:3f:84:75:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Jun 28 22:01:42 2025 GMT
            Not After : Jun 29 22:01:42 2025 GMT
        Subject: CN=6d02bada7569d3a52f5eaa31563964d7cba75a7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:78:b7:d7:fd:dc:af:9e:13:68:22:8d:ea:9d:
                    b1:07:a8:e5:39:a5:02:5d:01:83:ea:7d:4d:9c:cc:
                    42:08:5c:40:bc:4f:de:38:82:3a:ef:a4:4a:9c:53:
                    46:1c:01:7a:03:89:34:d3:a9:eb:42:2d:1b:63:cc:
                    41:10:51:b9:61:7f:4e:a1:35:ee:2a:22:40:ed:01:
                    88:c8:23:06:34:5e:c9:e5:dd:5d:ea:62:57:65:77:
                    c7:14:5b:7e:ff:ae:37:cd:a8:e7:c8:ab:c9:cc:b3:
                    ca:d2:b7:c0:c9:f1:18:2a:cc:44:04:40:94:29:77:
                    d1:18:07:1d:62:5d:9d:51:84:e5:48:ad:0f:7c:35:
                    c2:bb:64:95:83:90:b4:49:76:dd:77:d0:cf:7c:d9:
                    20:da:24:6b:e5:e4:b1:f9:fd:14:67:45:61:06:d8:
                    51:0c:41:b6:25:2d:12:2d:92:0c:b6:37:67:42:19:
                    51:4a:43:43:45:09:a5:a2:7f:6d:31:4f:ff:a7:95:
                    f7:cc:0f:8c:b8:77:1a:c8:9b:28:f2:e8:1b:32:ee:
                    18:e8:cc:bd:65:2f:89:c4:fd:dc:1c:73:4b:f3:50:
                    0a:80:5a:5d:74:db:d6:2a:af:c0:c3:17:79:3f:b1:
                    78:2b:84:98:f0:3d:02:73:2d:d0:4b:6f:01:c3:2f:
                    97:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:02:BA:DA:75:69:D3:A5:2F:5E:AA:31:56:39:64:D7:CB:A7:5A:7F
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:ff:2d:52:ba:f5:6c:c3:f8:bf:8e:83:72:f6:d8:e7:90:f8:
         31:a2:66:69:02:56:4c:0f:b5:29:1b:d3:91:cf:47:e2:35:c0:
         48:b1:fd:f5:7b:3a:59:52:6d:e8:68:13:cd:68:6b:95:de:c0:
         0d:a8:98:55:fd:8a:1e:59:72:79:b3:6b:bc:5e:9c:40:27:90:
         40:32:d7:95:6e:d0:cf:b6:7c:d7:9b:a7:86:60:90:0f:f7:f7:
         6c:f3:b4:74:f1:19:ce:1e:15:d4:20:98:d6:c6:38:0b:cc:c1:
         8d:d2:33:a9:88:d4:bd:34:5f:b4:8b:3c:bf:2c:f9:92:64:f7:
         ad:67:92:41:55:eb:84:e8:49:ab:05:93:a2:e4:16:79:63:ef:
         13:90:7e:10:94:0e:98:de:c8:19:c2:98:18:e3:6a:16:0d:8a:
         41:dd:78:aa:ec:33:3f:b4:c3:ca:bc:1d:05:33:03:12:4f:77:
         85:ce:fd:96:8f:c0:7d:d4:eb:a8:4c:2f:52:72:b8:c4:da:a6:
         59:72:9b:2f:aa:ba:7b:24:07:af:e8:1d:00:19:82:dc:fb:3a:
         be:5d:ea:fb:ad:12:2c:d5:7f:d2:87:d9:7b:d3:ac:f2:9a:8e:
         f0:de:7e:10:76:3e:f7:b1:90:5e:f6:97:a1:41:16:f7:d7:b7:
         c3:c8:8c:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j4alQMBI6SoIpso/hHWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUwNjI4MjIwMTQyWhcNMjUwNjI5MjIwMTQyWjAzMTEwLwYDVQQD
Eyg2ZDAyYmFkYTc1NjlkM2E1MmY1ZWFhMzE1NjM5NjRkN2NiYTc1YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXi31/3cr54TaCKN6p2xB6jlOaUC
XQGD6n1NnMxCCFxAvE/eOII676RKnFNGHAF6A4k006nrQi0bY8xBEFG5YX9OoTXu
KiJA7QGIyCMGNF7J5d1d6mJXZXfHFFt+/643zajnyKvJzLPK0rfAyfEYKsxEBECU
KXfRGAcdYl2dUYTlSK0PfDXCu2SVg5C0SXbdd9DPfNkg2iRr5eSx+f0UZ0VhBthR
DEG2JS0SLZIMtjdnQhlRSkNDRQmlon9tMU//p5X3zA+MuHcayJso8ugbMu4Y6My9
ZS+JxP3cHHNL81AKgFpddNvWKq/Awxd5P7F4K4SY8D0Ccy3QS28Bwy+X3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0Cutp1adOlL16qMVY5ZNfLp1p/MB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVP8tUrr1
bMP4v46DcvbY55D4MaJmaQJWTA+1KRvTkc9H4jXASLH99Xs6WVJt6GgTzWhrld7A
DaiYVf2KHllyebNrvF6cQCeQQDLXlW7Qz7Z815unhmCQD/f3bPO0dPEZzh4V1CCY
1sY4C8zBjdIzqYjUvTRftIs8vyz5kmT3rWeSQVXrhOhJqwWTouQWeWPvE5B+EJQO
mN7IGcKYGONqFg2KQd14quwzP7TDyrwdBTMDEk93hc79lo/AfdTrqEwvUnK4xNqm
WXKbL6q6eyQHr+gdABmC3Ps6vl3q+60SLNV/0ofZe9Os8pqO8N5+EHY+97GQXvaX
oUEW99e3w8iMqw==
-----END CERTIFICATE-----