Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
File:                     qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json)
Hash identifier:          UCj136MSVLC9eS6R2IcGOORWLAsmRq2kAW0MIxv4BKM=
Subject key identifier:   63:59:C4:FF:01:6F:01:13:35:5A:13:67:26:46:6F:90:8C:40:74:7C
Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F
Certificate issuer:       /CN=a9a7c1a2537fd0354087599787caa842fed60b7f
Certificate serial:       0196C15D588F12AA4DF600B6D7894B2A5274
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
Manifest number:          07D5
Signing time:             Sun 11 May 2025 22:00:42 +0000
Manifest this update:     Sun 11 May 2025 22:00:42 +0000
Manifest next update:     Mon 12 May 2025 22:00:42 +0000
Files and hashes:         1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: 5jRk74rOLgkZprcsPRxHxGkpVfz+PfGV0MMDNTLRf9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:58:8f:12:aa:4d:f6:00:b6:d7:89:4b:2a:52:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f
        Validity
            Not Before: May 11 22:00:42 2025 GMT
            Not After : May 12 22:00:42 2025 GMT
        Subject: CN=6359c4ff016f0113355a136726466f908c40747c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f6:b0:16:af:48:b8:33:ca:35:40:ed:29:b1:
                    8d:ae:f9:18:e7:0c:5f:a5:33:44:9b:e9:9e:bb:27:
                    89:e2:34:f7:24:2e:03:40:43:58:7e:0e:43:8e:3a:
                    26:3c:a5:60:9e:2d:60:57:a2:b9:f8:f2:59:2a:4c:
                    e2:1a:01:17:50:ad:79:d5:42:8d:97:a2:74:1e:ee:
                    34:78:0e:ea:ef:5c:b4:c0:46:d1:34:59:f9:3b:68:
                    19:b4:d1:4c:2a:eb:c2:9a:3d:fd:b4:4a:2e:33:4c:
                    de:bf:78:f4:f4:17:cb:d8:ee:35:98:2a:c0:1c:b5:
                    2f:6f:7d:58:02:99:32:9d:30:c3:1a:d3:24:3d:2c:
                    4d:9a:73:49:64:5c:f1:13:ae:c3:59:e2:eb:51:6c:
                    89:11:20:d4:2e:f6:4c:ec:8a:5b:41:06:ee:ad:a0:
                    9f:ad:78:11:47:b3:0c:c7:62:0a:44:cc:22:09:5b:
                    d3:51:25:07:f9:95:91:68:1e:cc:67:1e:57:1c:55:
                    be:2f:dc:cc:ca:00:7a:d8:88:51:c7:91:43:82:fb:
                    83:1c:3c:e7:26:2c:bc:d4:95:97:d6:09:46:4f:0f:
                    b5:30:35:b4:47:44:30:cb:5a:2b:7c:c4:cb:b8:16:
                    ef:d6:d3:ca:a9:3d:85:15:cb:a4:6b:15:cc:d4:9c:
                    27:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:59:C4:FF:01:6F:01:13:35:5A:13:67:26:46:6F:90:8C:40:74:7C
            X509v3 Authority Key Identifier:
                keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:e0:b2:34:aa:d7:e2:c8:56:e4:f3:73:97:57:e9:c0:6f:da:
         82:06:87:4d:79:a4:0c:f0:01:4e:a9:2e:63:dc:d9:82:4b:f7:
         89:6d:66:e7:43:9c:08:bf:09:c6:66:c8:00:f9:35:d3:b2:8b:
         72:d8:8e:53:2f:fb:eb:e5:70:4b:44:14:3b:37:3c:de:1a:b9:
         0d:14:d4:ed:53:1b:38:0a:e6:41:72:82:c8:58:d1:59:be:8b:
         c1:33:67:80:54:7b:8b:bc:04:72:05:5f:0f:bd:67:f3:c1:33:
         70:c0:10:c6:f2:ea:ff:09:6b:2a:7b:c2:9a:a9:c5:35:b3:1e:
         a1:b1:49:5e:c4:79:6b:e8:fe:30:9f:5e:47:b1:7a:b8:eb:24:
         56:7e:85:26:59:f3:77:b2:0f:e7:cc:e8:0c:49:68:29:0d:83:
         89:77:ea:f3:78:fe:56:d4:ba:c3:5f:af:87:1e:3b:40:f6:26:
         ae:72:e0:af:af:1d:07:46:e4:37:d7:47:64:49:ca:12:ad:0a:
         ff:2d:37:74:88:48:5e:37:a4:e5:94:53:be:44:e2:cd:e6:4e:
         df:b1:c8:ad:cb:7a:1a:12:70:7e:09:dd:a2:81:f2:70:bb:82:
         8b:9e:9f:a4:38:37:af:01:12:da:a3:16:ec:03:95:e6:7b:9b:
         72:33:7d:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXViPEqpN9gC214lLKlJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk
NjBiN2YwHhcNMjUwNTExMjIwMDQyWhcNMjUwNTEyMjIwMDQyWjAzMTEwLwYDVQQD
Eyg2MzU5YzRmZjAxNmYwMTEzMzU1YTEzNjcyNjQ2NmY5MDhjNDA3NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/awFq9IuDPKNUDtKbGNrvkY5wxf
pTNEm+meuyeJ4jT3JC4DQENYfg5DjjomPKVgni1gV6K5+PJZKkziGgEXUK151UKN
l6J0Hu40eA7q71y0wEbRNFn5O2gZtNFMKuvCmj39tEouM0zev3j09BfL2O41mCrA
HLUvb31YApkynTDDGtMkPSxNmnNJZFzxE67DWeLrUWyJESDULvZM7IpbQQburaCf
rXgRR7MMx2IKRMwiCVvTUSUH+ZWRaB7MZx5XHFW+L9zMygB62IhRx5FDgvuDHDzn
Jiy81JWX1glGTw+1MDW0R0Qwy1orfMTLuBbv1tPKqT2FFcukaxXM1JwndQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNZxP8BbwETNVoTZyZGb5CMQHR8MB8GA1UdIwQY
MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt
NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3
LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuCyNKrX
4shW5PNzl1fpwG/aggaHTXmkDPABTqkuY9zZgkv3iW1m50OcCL8JxmbIAPk107KL
ctiOUy/76+VwS0QUOzc83hq5DRTU7VMbOArmQXKCyFjRWb6LwTNngFR7i7wEcgVf
D71n88EzcMAQxvLq/wlrKnvCmqnFNbMeobFJXsR5a+j+MJ9eR7F6uOskVn6FJlnz
d7IP58zoDEloKQ2DiXfq83j+VtS6w1+vhx47QPYmrnLgr68dB0bkN9dHZEnKEq0K
/y03dIhIXjek5ZRTvkTizeZO37HIrct6GhJwfgndooHycLuCi56fpDg3rwES2qMW
7AOV5nubcjN9RA==
-----END CERTIFICATE-----