Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          8R71zAUMGXhvoSyawjRUDAgwlwG00RpketWiU24wQcA=
Subject key identifier:   62:B8:A3:96:30:0E:FB:A4:7F:8C:81:AF:C1:DD:EC:F0:EA:F9:7C:C6
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       0198D6602EA3A17EF5680B757B2B259C6776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          1030
Signing time:             Sat 23 Aug 2025 10:01:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:24 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: 0dwVF/ZbvYu4FHF309iMySxsliaDiShrD7drLh+VxoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:2e:a3:a1:7e:f5:68:0b:75:7b:2b:25:9c:67:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Aug 23 10:01:24 2025 GMT
            Not After : Aug 24 10:01:24 2025 GMT
        Subject: CN=62b8a396300efba47f8c81afc1ddecf0eaf97cc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2c:7d:84:65:1a:25:e6:f6:dd:d7:a1:de:f2:
                    bb:e8:36:c3:4f:ba:10:f9:a0:e7:b7:a1:24:4b:ae:
                    d0:3b:be:02:5f:77:1c:2a:0f:f4:4a:0c:51:50:b6:
                    df:40:d4:9a:3f:f9:c8:ce:1a:fc:b4:1d:6e:f5:97:
                    ac:f8:69:a6:e0:19:d4:2f:3a:37:26:f6:0f:18:a0:
                    5a:b6:b8:be:f5:d3:36:6d:6f:5a:5a:84:e4:1f:2e:
                    91:ec:7b:ae:86:d8:b8:fd:ca:60:94:d4:7b:7d:ec:
                    cd:49:c8:23:c9:73:e8:c3:22:16:c3:d5:5b:3b:8a:
                    ff:11:d6:b3:64:78:ca:6b:d2:df:6b:c5:fb:a3:56:
                    a2:cc:50:76:d9:98:37:c7:60:9c:27:58:de:93:09:
                    81:10:0c:68:2f:df:e0:f7:a4:6a:4e:de:be:12:b8:
                    83:60:73:70:9d:bd:5f:9c:75:4c:ac:10:cb:80:54:
                    02:39:79:14:28:b4:3a:d5:77:c5:9b:27:17:6b:1a:
                    28:df:d6:3b:0b:dc:ec:a1:3a:2d:68:b8:92:96:bf:
                    57:22:63:92:dd:a6:6c:96:f8:a1:2a:b9:0b:8d:28:
                    14:1f:da:9c:39:b6:41:55:bb:a2:2e:d1:c4:44:5f:
                    6f:34:22:00:21:fb:e4:50:c4:f7:62:97:8e:8d:75:
                    b9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B8:A3:96:30:0E:FB:A4:7F:8C:81:AF:C1:DD:EC:F0:EA:F9:7C:C6
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:60:dd:43:15:e7:b6:a7:19:33:56:81:3d:c0:45:30:e5:71:
         80:fa:9c:97:ab:6d:1d:cf:97:8c:ef:8b:15:b8:dd:8a:b5:6d:
         2e:23:73:8c:1b:85:fc:94:a5:ac:0c:4d:fb:f1:1d:30:b6:53:
         22:6a:c1:db:46:a9:39:c2:9e:a6:6c:5f:a3:f1:aa:18:e1:9a:
         c8:07:22:40:6e:1d:26:c0:0c:71:74:7a:e2:33:33:dd:fd:36:
         99:0d:0a:64:d0:8d:29:7b:4f:cc:d0:d6:50:10:a4:8d:32:4c:
         9f:31:0c:2a:f5:25:d6:ba:58:23:f2:69:02:34:67:9c:ec:14:
         07:04:2a:35:7c:c4:7d:7a:b3:c7:9e:18:b2:fe:f1:b5:59:a3:
         c5:75:87:d8:58:bd:9c:0e:3e:49:84:45:4f:ba:05:df:92:62:
         e6:eb:6d:11:9d:0b:70:2c:b3:2b:b7:6f:9f:4c:d5:87:61:17:
         f1:7b:1c:d8:b3:4b:9a:94:b9:f6:e6:29:b1:90:13:9a:2e:b0:
         cd:d3:74:18:59:91:ae:6d:86:9b:0f:d2:17:8c:cc:6f:ae:29:
         4d:75:06:d2:a2:08:85:a8:d4:35:c8:c4:87:f8:de:9d:6f:72:
         c6:7d:68:ad:6d:af:83:77:31:86:6e:62:98:3e:6d:1a:d1:83:
         6e:5f:12:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYC6joX71aAt1eyslnGd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjUwODIzMTAwMTI0WhcNMjUwODI0MTAwMTI0WjAzMTEwLwYDVQQD
Eyg2MmI4YTM5NjMwMGVmYmE0N2Y4YzgxYWZjMWRkZWNmMGVhZjk3Y2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCx9hGUaJeb23deh3vK76DbDT7oQ
+aDnt6EkS67QO74CX3ccKg/0SgxRULbfQNSaP/nIzhr8tB1u9Zes+Gmm4BnULzo3
JvYPGKBatri+9dM2bW9aWoTkHy6R7Huuhti4/cpglNR7fezNScgjyXPowyIWw9Vb
O4r/EdazZHjKa9Lfa8X7o1aizFB22Zg3x2CcJ1jekwmBEAxoL9/g96RqTt6+EriD
YHNwnb1fnHVMrBDLgFQCOXkUKLQ61XfFmycXaxoo39Y7C9zsoTotaLiSlr9XImOS
3aZslvihKrkLjSgUH9qcObZBVbuiLtHERF9vNCIAIfvkUMT3YpeOjXW59QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGK4o5YwDvukf4yBr8Hd7PDq+XzGMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqmDdQxXn
tqcZM1aBPcBFMOVxgPqcl6ttHc+XjO+LFbjdirVtLiNzjBuF/JSlrAxN+/EdMLZT
ImrB20apOcKepmxfo/GqGOGayAciQG4dJsAMcXR64jMz3f02mQ0KZNCNKXtPzNDW
UBCkjTJMnzEMKvUl1rpYI/JpAjRnnOwUBwQqNXzEfXqzx54Ysv7xtVmjxXWH2Fi9
nA4+SYRFT7oF35Ji5uttEZ0LcCyzK7dvn0zVh2EX8Xsc2LNLmpS59uYpsZATmi6w
zdN0GFmRrm2Gmw/SF4zMb64pTXUG0qIIhajUNcjEh/jenW9yxn1orW2vg3cxhm5i
mD5tGtGDbl8SWw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:06 2025 by rpki-client