Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
File:                     qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json)
Hash identifier:          nhlsPT+jjnUgsrZuoVrG0rQH5xoYvu0G8eFZuP7LVHs=
Subject key identifier:   82:9B:32:92:EA:0E:AA:AD:74:38:4B:10:B3:F3:40:75:32:9F:CB:26
Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F
Certificate issuer:       /CN=a9a7c1a2537fd0354087599787caa842fed60b7f
Certificate serial:       0199FDD951D4BC8803899C8260100E511B6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
Manifest number:          0982
Signing time:             Sun 19 Oct 2025 19:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:41 +0000
Files and hashes:         1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: OblATYGbhANbgEMnvTwV+ljXJeDajEU0ZjvD2R6G46s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:51:d4:bc:88:03:89:9c:82:60:10:0e:51:1b:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f
        Validity
            Not Before: Oct 19 19:01:41 2025 GMT
            Not After : Oct 20 19:01:41 2025 GMT
        Subject: CN=829b3292ea0eaaad74384b10b3f34075329fcb26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9a:55:71:d0:00:b1:06:55:70:3c:b8:0c:d1:
                    69:25:34:6b:c6:46:2c:eb:26:c2:aa:a7:8d:87:ac:
                    d6:c4:b1:f9:94:81:44:30:de:2d:92:9d:cc:da:e4:
                    68:97:63:1a:8a:fd:84:bb:61:3b:f8:03:d9:0b:54:
                    9f:2c:4e:6b:48:76:0a:7e:c4:43:5a:f0:75:99:97:
                    b9:c5:de:5f:9f:84:e2:cd:5d:48:87:d2:44:82:19:
                    32:e8:58:42:3f:a4:e7:c8:1b:13:8f:f5:c6:1f:81:
                    e4:e5:53:d5:f4:0a:39:48:ca:da:99:f6:11:04:f7:
                    05:da:c1:ed:3f:8f:bf:b1:35:23:00:72:25:84:cd:
                    5d:45:ea:17:93:36:70:64:0b:ef:17:32:4e:2c:6f:
                    82:3a:19:0e:33:a8:f1:6a:60:6a:b4:8b:88:be:9f:
                    84:a1:a8:49:bc:e0:9e:33:c3:46:aa:18:56:2b:2e:
                    85:0b:cf:c0:18:37:38:84:e3:f2:9c:df:e2:b6:56:
                    5b:7f:95:c4:83:ac:25:7c:d3:6b:f1:16:01:54:31:
                    ec:51:ba:02:1e:6e:96:91:eb:f6:54:f5:7a:ce:a5:
                    0c:62:5b:c7:ee:60:0e:f1:bb:a1:db:74:9b:d5:ef:
                    a6:62:e0:df:52:2e:3d:4c:b7:3e:e4:b6:33:2f:e1:
                    c3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:9B:32:92:EA:0E:AA:AD:74:38:4B:10:B3:F3:40:75:32:9F:CB:26
            X509v3 Authority Key Identifier:
                keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:6d:44:ac:bb:b2:38:68:99:fd:79:28:c3:48:58:fd:19:2f:
         a2:a4:93:81:53:bc:43:f3:a3:d9:4c:49:59:cb:fe:9e:35:d5:
         5c:b3:22:37:54:39:8f:ec:8c:ea:b2:da:11:50:e7:87:e1:50:
         75:0d:92:41:65:52:bc:24:54:9e:80:08:78:34:fa:ba:c3:1a:
         4d:f3:a2:a2:27:c0:6b:7c:41:11:ec:49:8b:d9:f2:04:68:d4:
         f3:99:eb:e7:27:f5:0c:d9:0f:f7:9c:9f:25:25:33:ac:ac:33:
         31:32:ff:96:66:84:ca:80:4b:02:13:f9:a5:59:48:ae:c5:15:
         41:fa:85:e4:da:f7:90:8f:4d:04:76:a1:a3:c9:d6:8c:06:a7:
         1a:ce:5e:25:23:f5:81:d3:37:00:c4:f0:bc:53:b1:df:7e:95:
         80:bd:9f:62:17:04:60:aa:06:33:69:f3:45:ba:ac:08:c4:16:
         21:e7:f2:28:aa:2e:e6:8c:dc:a2:61:b5:a4:24:1e:1f:89:ee:
         d5:72:e8:94:0f:71:6e:29:7d:fe:71:8f:97:08:49:30:55:20:
         76:b0:f1:2b:cc:69:53:75:79:c6:c1:aa:8f:4c:7d:da:a4:e5:
         cd:3b:24:2d:e2:2c:91:93:39:8b:e6:80:50:62:af:98:3e:c6:
         0b:08:25:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92VHUvIgDiZyCYBAOURttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk
NjBiN2YwHhcNMjUxMDE5MTkwMTQxWhcNMjUxMDIwMTkwMTQxWjAzMTEwLwYDVQQD
Eyg4MjliMzI5MmVhMGVhYWFkNzQzODRiMTBiM2YzNDA3NTMyOWZjYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJpVcdAAsQZVcDy4DNFpJTRrxkYs
6ybCqqeNh6zWxLH5lIFEMN4tkp3M2uRol2Maiv2Eu2E7+APZC1SfLE5rSHYKfsRD
WvB1mZe5xd5fn4TizV1Ih9JEghky6FhCP6TnyBsTj/XGH4Hk5VPV9Ao5SMramfYR
BPcF2sHtP4+/sTUjAHIlhM1dReoXkzZwZAvvFzJOLG+COhkOM6jxamBqtIuIvp+E
oahJvOCeM8NGqhhWKy6FC8/AGDc4hOPynN/itlZbf5XEg6wlfNNr8RYBVDHsUboC
Hm6Wkev2VPV6zqUMYlvH7mAO8buh23Sb1e+mYuDfUi49TLc+5LYzL+HDBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKbMpLqDqqtdDhLELPzQHUyn8smMB8GA1UdIwQY
MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt
NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3
LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALG1ErLuy
OGiZ/Xkow0hY/RkvoqSTgVO8Q/Oj2UxJWcv+njXVXLMiN1Q5j+yM6rLaEVDnh+FQ
dQ2SQWVSvCRUnoAIeDT6usMaTfOioifAa3xBEexJi9nyBGjU85nr5yf1DNkP95yf
JSUzrKwzMTL/lmaEyoBLAhP5pVlIrsUVQfqF5Nr3kI9NBHaho8nWjAanGs5eJSP1
gdM3AMTwvFOx336VgL2fYhcEYKoGM2nzRbqsCMQWIefyKKou5ozcomG1pCQeH4nu
1XLolA9xbil9/nGPlwhJMFUgdrDxK8xpU3V5xsGqj0x92qTlzTskLeIskZM5i+aA
UGKvmD7GCwglpw==
-----END CERTIFICATE-----