Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
File:                     qoxALCO4BeCVMBFbvkREAg9PIDQ.mft (raw, json)
Hash identifier:          dG91Oxir30uDSZRvZEuT+ZfVus51r7M4KaO5wjTL6HQ=
Subject key identifier:   CA:73:05:FB:6F:1E:83:B8:20:E4:A1:31:65:9C:49:4C:B5:6C:79:1C
Authority key identifier: AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34
Certificate issuer:       /CN=aa8c402c23b805e09530115bbe4444020f4f2034
Certificate serial:       0197B890937F03535DE2F3E28179CDCFCAF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
Manifest number:          06B4
Signing time:             Sat 28 Jun 2025 22:02:51 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:51 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:51 +0000
Files and hashes:         1: qoxALCO4BeCVMBFbvkREAg9PIDQ.crl (hash: vdcAvaYZFkD2EbVbkB+cd10ZSnYQh2/3HYc60v5p3Rk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:93:7f:03:53:5d:e2:f3:e2:81:79:cd:cf:ca:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8c402c23b805e09530115bbe4444020f4f2034
        Validity
            Not Before: Jun 28 22:02:51 2025 GMT
            Not After : Jun 29 22:02:51 2025 GMT
        Subject: CN=ca7305fb6f1e83b820e4a131659c494cb56c791c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:25:f5:ec:de:b5:b3:71:72:78:99:44:d0:5f:
                    f1:92:bc:77:39:4a:1a:a4:22:2e:9e:74:44:9f:48:
                    9f:f3:e3:bc:8a:54:7d:6d:7d:af:bb:0b:7e:65:c8:
                    61:62:c9:47:0e:d3:f4:cf:37:4f:56:6d:19:93:37:
                    09:26:e8:de:f4:a5:41:c8:45:45:c9:6f:45:6a:7e:
                    6c:a5:b9:5a:7d:38:7f:2b:f3:50:22:8e:a7:21:dc:
                    c3:e6:89:14:f9:7a:b8:9c:dd:77:41:f5:4c:2b:2b:
                    75:52:b4:47:e4:21:40:a9:20:07:81:b7:b7:e4:1c:
                    26:42:97:4f:98:42:4d:34:db:28:41:7e:ec:1a:d4:
                    a4:d9:88:23:df:5d:60:7c:cf:28:9e:99:56:f5:35:
                    8b:ef:5b:da:c3:8c:10:62:1a:11:03:a4:16:e8:0f:
                    28:d7:6d:bd:cb:cb:3a:f3:ba:a9:66:fc:59:c4:c9:
                    2c:c1:13:ab:6d:72:c9:4f:61:45:b8:47:4d:8e:24:
                    2e:5c:91:99:79:f8:b3:67:08:b8:f9:1f:d2:51:4e:
                    78:34:86:42:8f:0c:c4:87:32:cf:ff:14:68:5b:92:
                    b5:fa:5f:60:2e:56:50:a7:e5:a7:c7:32:95:24:78:
                    39:ea:d6:57:03:67:88:fa:63:59:92:07:c8:8f:97:
                    48:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:73:05:FB:6F:1E:83:B8:20:E4:A1:31:65:9C:49:4C:B5:6C:79:1C
            X509v3 Authority Key Identifier:
                keyid:AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:cd:4d:24:09:83:af:c0:8d:9c:47:48:4c:36:fe:57:60:0d:
         82:ec:fa:62:04:13:de:d6:03:c1:7d:3b:11:b0:40:e2:c7:2f:
         1d:fd:25:95:37:0e:42:0c:5d:39:ca:48:fa:17:63:c7:0e:30:
         b9:68:21:46:e3:70:bd:bc:58:25:ec:cc:2b:ff:07:1c:c8:a2:
         e7:ca:f2:79:ac:91:e4:7e:c7:b5:f6:d2:b3:f0:5b:4d:44:d0:
         c1:b8:31:f6:60:e9:a2:f8:d2:f4:db:a7:e5:e2:3a:3e:76:79:
         80:8d:f8:62:e6:3e:39:67:4c:ce:c0:aa:11:d9:8c:95:0a:5f:
         67:13:f5:32:29:6d:5b:5d:82:7b:3f:ea:37:52:fe:d3:66:b8:
         ad:03:26:70:23:cc:e0:42:2a:01:27:20:ff:87:78:df:1f:3c:
         03:c0:c4:06:04:0b:d3:1d:8b:de:ab:9f:4b:c6:1d:ac:50:05:
         61:67:21:52:e5:c4:f9:2c:15:04:bf:76:91:49:a7:e4:07:28:
         ac:95:c3:be:d4:1c:30:c7:5a:bc:6c:79:5f:21:46:38:c6:f7:
         bf:33:6c:54:f0:46:77:76:fa:cc:26:f3:5a:93:63:3a:19:55:
         9c:61:96:4e:20:24:ea:3c:a7:ef:5c:dd:f7:18:38:bf:dd:e6:
         77:09:de:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kJN/A1Nd4vPigXnNz8r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGM0MDJjMjNiODA1ZTA5NTMwMTE1YmJlNDQ0NDAyMGY0
ZjIwMzQwHhcNMjUwNjI4MjIwMjUxWhcNMjUwNjI5MjIwMjUxWjAzMTEwLwYDVQQD
EyhjYTczMDVmYjZmMWU4M2I4MjBlNGExMzE2NTljNDk0Y2I1NmM3OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyX17N61s3FyeJlE0F/xkrx3OUoa
pCIunnREn0if8+O8ilR9bX2vuwt+ZchhYslHDtP0zzdPVm0ZkzcJJuje9KVByEVF
yW9Fan5spblafTh/K/NQIo6nIdzD5okU+Xq4nN13QfVMKyt1UrRH5CFAqSAHgbe3
5BwmQpdPmEJNNNsoQX7sGtSk2Ygj311gfM8onplW9TWL71vaw4wQYhoRA6QW6A8o
1229y8s687qpZvxZxMkswROrbXLJT2FFuEdNjiQuXJGZefizZwi4+R/SUU54NIZC
jwzEhzLP/xRoW5K1+l9gLlZQp+WnxzKVJHg56tZXA2eI+mNZkgfIj5dIKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpzBftvHoO4IOShMWWcSUy1bHkcMB8GA1UdIwQY
MBaAFKqMQCwjuAXglTARW75ERAIPTyA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMt
NGY2YWYwODgzOTc5LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMtNGY2YWYwODgzOTc5
LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgc1NJAmD
r8CNnEdITDb+V2ANguz6YgQT3tYDwX07EbBA4scvHf0llTcOQgxdOcpI+hdjxw4w
uWghRuNwvbxYJezMK/8HHMii58ryeayR5H7HtfbSs/BbTUTQwbgx9mDpovjS9Nun
5eI6PnZ5gI34YuY+OWdMzsCqEdmMlQpfZxP1MiltW12Cez/qN1L+02a4rQMmcCPM
4EIqAScg/4d43x88A8DEBgQL0x2L3qufS8YdrFAFYWchUuXE+SwVBL92kUmn5Aco
rJXDvtQcMMdavGx5XyFGOMb3vzNsVPBGd3b6zCbzWpNjOhlVnGGWTiAk6jyn71zd
9xg4v93mdwne+w==
-----END CERTIFICATE-----