Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
File:                     qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json)
Hash identifier:          qlHvqe8qFxQRQR0RzPb7dKiRG62rDgbdP/ups//D5Os=
Subject key identifier:   73:B4:64:0E:8D:70:AD:64:B0:80:B2:17:79:05:57:72:8F:BA:CC:1C
Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F
Certificate issuer:       /CN=a9a7c1a2537fd0354087599787caa842fed60b7f
Certificate serial:       0198D6611BB94A9DD53C9E796068FC3BF09F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
Manifest number:          08E9
Signing time:             Sat 23 Aug 2025 10:02:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:24 +0000
Files and hashes:         1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: +qFW5/7Jsdt0ft/HgXHZYX2MDF6y05QZ+sQ8YhgOIUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1b:b9:4a:9d:d5:3c:9e:79:60:68:fc:3b:f0:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f
        Validity
            Not Before: Aug 23 10:02:24 2025 GMT
            Not After : Aug 24 10:02:24 2025 GMT
        Subject: CN=73b4640e8d70ad64b080b217790557728fbacc1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fa:00:e1:e9:cd:2e:cf:f0:14:2c:d5:86:95:
                    d8:e8:cc:11:06:39:82:b8:1c:fc:65:64:92:eb:a1:
                    4f:f8:8c:8c:b7:d4:e4:5c:44:46:34:1a:ff:bb:dc:
                    86:c9:b7:89:e4:df:f1:71:35:9b:ba:f8:dc:f0:10:
                    5d:72:d5:2a:9c:70:cf:79:91:b4:3a:17:51:48:ea:
                    98:8e:bf:f4:5d:9f:02:4f:85:de:bc:f9:c9:70:f1:
                    34:15:0a:2a:73:ff:bb:8e:89:d2:bb:80:50:2a:11:
                    d2:c4:cb:ae:6b:1b:db:00:d4:1b:32:04:d8:05:53:
                    65:33:90:8b:f2:3b:46:42:3a:75:56:29:78:93:8c:
                    ea:27:5a:f6:21:33:ab:5e:eb:85:96:24:c6:3c:86:
                    4d:d7:b5:96:08:9d:45:69:65:7e:f1:45:0f:38:04:
                    f2:a2:0b:a2:12:9f:4d:75:5e:44:03:a4:aa:e6:76:
                    ca:d2:4f:e6:cd:2f:56:fd:4f:61:38:3e:29:da:7c:
                    d5:80:fc:f8:c3:41:a0:6e:7f:ef:a3:5a:cb:a4:cd:
                    a6:14:96:c7:09:14:ae:ff:64:4c:3c:bc:58:82:bb:
                    38:81:3a:06:79:2d:54:3f:e5:08:bd:7b:03:5b:a6:
                    92:c6:ba:0b:ab:30:1b:ce:54:cf:a0:f5:c7:94:6a:
                    13:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:B4:64:0E:8D:70:AD:64:B0:80:B2:17:79:05:57:72:8F:BA:CC:1C
            X509v3 Authority Key Identifier:
                keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:ca:be:b2:fd:fd:81:e0:45:55:c4:19:09:9e:a1:9d:4f:ae:
         49:79:d8:be:10:55:77:a4:ee:2e:7f:61:22:a4:86:0f:0e:ac:
         a8:82:11:f3:88:5d:93:c7:92:8f:ea:1f:ba:e3:f2:94:9c:5a:
         47:bc:d6:bb:01:96:ff:5b:ea:8e:64:6b:de:e7:56:d0:75:8e:
         ad:ba:2a:ae:98:3a:06:19:b3:0c:58:fb:9d:ff:e8:7b:bf:f9:
         c6:f4:78:de:b5:95:56:73:75:80:b2:0e:12:3c:a1:ea:3b:dc:
         c2:8a:5c:37:27:20:78:b1:3f:2f:4a:a1:c5:9f:64:c3:1e:cd:
         b2:d5:e4:70:ba:b9:c7:8f:64:27:fb:1b:d3:fe:78:92:b4:b6:
         7d:ce:7c:3f:5c:a1:6a:49:e5:f0:aa:de:82:8c:86:91:36:d1:
         36:ba:47:47:65:9f:47:3e:ef:76:c5:e9:85:2a:1c:72:7b:f4:
         47:35:f6:51:db:48:31:da:28:f0:68:89:e2:b3:4c:f8:7a:7b:
         8e:2c:f2:df:9b:2f:89:88:e2:8f:2c:4d:02:d3:d9:86:65:9f:
         36:e0:5b:b1:18:fd:47:c5:85:d2:a8:70:47:bc:10:0c:a2:9c:
         d5:fa:62:4a:fe:73:36:25:47:73:62:84:cd:f4:39:f0:6b:e9:
         53:61:6a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYRu5Sp3VPJ55YGj8O/CfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk
NjBiN2YwHhcNMjUwODIzMTAwMjI0WhcNMjUwODI0MTAwMjI0WjAzMTEwLwYDVQQD
Eyg3M2I0NjQwZThkNzBhZDY0YjA4MGIyMTc3OTA1NTc3MjhmYmFjYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PoA4enNLs/wFCzVhpXY6MwRBjmC
uBz8ZWSS66FP+IyMt9TkXERGNBr/u9yGybeJ5N/xcTWbuvjc8BBdctUqnHDPeZG0
OhdRSOqYjr/0XZ8CT4XevPnJcPE0FQoqc/+7jonSu4BQKhHSxMuuaxvbANQbMgTY
BVNlM5CL8jtGQjp1Vil4k4zqJ1r2ITOrXuuFliTGPIZN17WWCJ1FaWV+8UUPOATy
oguiEp9NdV5EA6Sq5nbK0k/mzS9W/U9hOD4p2nzVgPz4w0Ggbn/vo1rLpM2mFJbH
CRSu/2RMPLxYgrs4gToGeS1UP+UIvXsDW6aSxroLqzAbzlTPoPXHlGoT7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO0ZA6NcK1ksICyF3kFV3KPuswcMB8GA1UdIwQY
MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt
NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3
LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8q+sv39
geBFVcQZCZ6hnU+uSXnYvhBVd6TuLn9hIqSGDw6sqIIR84hdk8eSj+ofuuPylJxa
R7zWuwGW/1vqjmRr3udW0HWOrboqrpg6BhmzDFj7nf/oe7/5xvR43rWVVnN1gLIO
Ejyh6jvcwopcNycgeLE/L0qhxZ9kwx7NstXkcLq5x49kJ/sb0/54krS2fc58P1yh
aknl8KregoyGkTbRNrpHR2WfRz7vdsXphSoccnv0RzX2UdtIMdoo8GiJ4rNM+Hp7
jizy35sviYjijyxNAtPZhmWfNuBbsRj9R8WF0qhwR7wQDKKc1fpiSv5zNiVHc2KE
zfQ58GvpU2Fq5g==
-----END CERTIFICATE-----