Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          vxiZOmZrbS6OLDYcg1IU71eR3LsnvYEYPnCjfZoOIW4=
Subject key identifier:   F4:22:BC:A7:E6:CE:A0:18:0C:A1:5A:AB:17:2E:58:9B:F3:DB:16:81
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       0198D65FE236F37FB2DACDAC7A678EBFF0EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          06E6
Signing time:             Sat 23 Aug 2025 10:01:04 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:04 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:04 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: m/JZ97VU5qMiNLN4jSrYSz29Mm/M5wof5Aa5wZrmc5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:e2:36:f3:7f:b2:da:cd:ac:7a:67:8e:bf:f0:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Aug 23 10:01:04 2025 GMT
            Not After : Aug 24 10:01:04 2025 GMT
        Subject: CN=f422bca7e6cea0180ca15aab172e589bf3db1681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:cc:65:e3:3b:63:c1:a1:f8:88:38:f7:fa:cb:
                    c9:e5:a8:70:ba:25:c8:b9:8c:e5:61:03:d6:ec:26:
                    2c:e5:ba:41:bd:07:1e:3b:c5:ff:bd:92:af:d6:36:
                    71:f1:c9:08:dd:c9:56:c2:40:df:5d:b0:85:dc:ee:
                    fa:9a:ad:4f:a4:66:d2:be:ba:79:f0:73:0c:d3:e3:
                    9f:fb:f3:99:47:1d:58:95:20:ab:63:c4:1e:29:45:
                    57:67:de:a7:e5:24:0f:2d:3a:41:a3:78:87:a7:16:
                    ae:f8:6c:07:2e:d4:02:b1:eb:75:0b:12:4e:b2:3e:
                    35:7b:8a:10:2a:e5:6b:38:76:a2:35:34:24:06:f3:
                    c0:b8:d1:bb:5a:55:9b:ac:70:2d:98:c2:9e:11:b4:
                    d3:47:26:fb:2c:8f:75:28:8b:f0:c2:a2:53:c3:c2:
                    15:98:aa:df:5c:fe:09:06:ae:ea:1b:45:94:c4:92:
                    e3:91:9a:92:88:28:35:90:29:48:3c:6f:31:4d:5f:
                    5c:70:eb:ad:48:3c:07:19:f3:1a:d9:48:74:09:06:
                    54:ff:a4:0b:54:5b:73:2b:e8:c1:fa:2a:e7:77:fa:
                    8c:40:17:09:fe:02:88:a9:a2:e2:a1:60:18:dd:e4:
                    73:b6:52:67:52:0d:9a:77:1d:e3:3f:99:a3:80:5c:
                    28:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:22:BC:A7:E6:CE:A0:18:0C:A1:5A:AB:17:2E:58:9B:F3:DB:16:81
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:59:5b:d9:6a:c6:34:5f:2a:55:cd:a1:04:ae:03:47:ab:83:
         7a:dc:05:66:c8:78:a8:15:96:be:8a:8b:14:e3:75:3e:99:8d:
         cd:44:39:04:6c:a7:35:c0:37:e5:68:37:ee:88:88:cf:6e:e5:
         b8:25:da:cd:6c:cf:7c:01:02:d7:44:43:97:7b:13:02:0d:ec:
         97:0a:2b:48:86:49:64:b4:e7:42:86:27:35:47:f3:46:28:39:
         86:1f:5c:c4:eb:9a:36:1c:da:4b:b7:64:77:4d:6b:f0:31:95:
         4d:a4:e9:26:b7:c6:78:55:56:a6:50:51:18:e5:dd:f9:ff:b3:
         b1:38:09:af:e3:19:60:f5:eb:28:35:df:1d:46:8a:3b:e5:6e:
         b0:85:34:93:52:b5:5e:21:f5:58:9f:08:8a:a4:e1:af:06:f1:
         d1:73:13:f8:7a:11:ec:8c:95:4a:33:55:ec:65:7a:a1:30:d8:
         f2:49:16:75:9a:40:b3:fb:44:62:10:73:07:42:1e:3e:82:3d:
         75:b2:84:c8:ca:96:e7:c5:8f:9a:53:6a:68:83:b7:57:0f:5d:
         74:10:7e:5c:9f:5f:8e:99:d4:77:83:5b:46:c3:85:e5:16:ad:
         4c:fa:3d:08:7d:45:db:1a:ec:d9:ca:fc:b6:26:54:bd:bd:d6:
         92:81:95:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX+I283+y2s2semeOv/DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjUwODIzMTAwMTA0WhcNMjUwODI0MTAwMTA0WjAzMTEwLwYDVQQD
EyhmNDIyYmNhN2U2Y2VhMDE4MGNhMTVhYWIxNzJlNTg5YmYzZGIxNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMxl4ztjwaH4iDj3+svJ5ahwuiXI
uYzlYQPW7CYs5bpBvQceO8X/vZKv1jZx8ckI3clWwkDfXbCF3O76mq1PpGbSvrp5
8HMM0+Of+/OZRx1YlSCrY8QeKUVXZ96n5SQPLTpBo3iHpxau+GwHLtQCset1CxJO
sj41e4oQKuVrOHaiNTQkBvPAuNG7WlWbrHAtmMKeEbTTRyb7LI91KIvwwqJTw8IV
mKrfXP4JBq7qG0WUxJLjkZqSiCg1kClIPG8xTV9ccOutSDwHGfMa2Uh0CQZU/6QL
VFtzK+jB+irnd/qMQBcJ/gKIqaLioWAY3eRztlJnUg2adx3jP5mjgFwoZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQivKfmzqAYDKFaqxcuWJvz2xaBMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApllb2WrG
NF8qVc2hBK4DR6uDetwFZsh4qBWWvoqLFON1PpmNzUQ5BGynNcA35Wg37oiIz27l
uCXazWzPfAEC10RDl3sTAg3slworSIZJZLTnQoYnNUfzRig5hh9cxOuaNhzaS7dk
d01r8DGVTaTpJrfGeFVWplBRGOXd+f+zsTgJr+MZYPXrKDXfHUaKO+VusIU0k1K1
XiH1WJ8IiqThrwbx0XMT+HoR7IyVSjNV7GV6oTDY8kkWdZpAs/tEYhBzB0IePoI9
dbKEyMqW58WPmlNqaIO3Vw9ddBB+XJ9fjpnUd4NbRsOF5RatTPo9CH1F2xrs2cr8
tiZUvb3WkoGVoA==
-----END CERTIFICATE-----