Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
File:                     qoxALCO4BeCVMBFbvkREAg9PIDQ.mft (raw, json)
Hash identifier:          ucPqCGR9ysrueubMIn3QDDPq4KiIvU9yzk1z3JUVVU0=
Subject key identifier:   F9:F1:53:4D:61:91:74:6F:04:D9:07:AE:22:BD:B1:6B:CE:4B:59:FC
Authority key identifier: AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34
Certificate issuer:       /CN=aa8c402c23b805e09530115bbe4444020f4f2034
Certificate serial:       0196AC1F416323B7CB2FA189F5EEEF22F943
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
Manifest number:          0629
Signing time:             Wed 07 May 2025 19:00:51 +0000
Manifest this update:     Wed 07 May 2025 19:00:51 +0000
Manifest next update:     Thu 08 May 2025 19:00:51 +0000
Files and hashes:         1: qoxALCO4BeCVMBFbvkREAg9PIDQ.crl (hash: 7fQtsH17+Rn18RNynSWOG5huzsPiID4HHIjsuHRtUWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:1f:41:63:23:b7:cb:2f:a1:89:f5:ee:ef:22:f9:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8c402c23b805e09530115bbe4444020f4f2034
        Validity
            Not Before: May  7 19:00:51 2025 GMT
            Not After : May  8 19:00:51 2025 GMT
        Subject: CN=f9f1534d6191746f04d907ae22bdb16bce4b59fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0a:8a:6f:e1:e9:fe:38:e8:d0:55:48:01:32:
                    73:b8:35:e3:2e:95:db:b8:30:bf:87:24:b2:b0:64:
                    8e:92:0c:4f:59:4e:ef:d6:63:48:cf:fe:26:6f:bc:
                    87:fd:ff:1b:fd:ca:60:37:2f:e4:50:59:2e:a7:c7:
                    24:5c:74:09:b1:fe:df:dd:e3:39:84:ff:96:99:73:
                    4c:fd:f1:7a:da:8d:f9:2a:fb:02:9e:0e:de:05:5b:
                    e6:b6:44:15:47:63:9a:8a:f3:16:cd:4d:fe:33:51:
                    bd:44:a8:f7:7d:dd:70:f5:b0:f1:33:7d:ad:93:c9:
                    99:ad:4d:33:61:2a:e6:47:e6:00:6b:83:e1:2c:84:
                    36:56:d1:af:f4:8e:f6:c1:1e:ac:7a:02:f4:0a:ca:
                    c8:0c:a1:9f:58:01:f0:cd:95:c3:bc:2b:ae:cb:7a:
                    b5:a2:49:92:b4:dc:98:7d:c6:5b:0b:96:52:a2:1b:
                    29:58:1d:8d:4b:fd:a7:4a:84:2a:27:5e:a7:34:08:
                    36:54:1d:39:33:fa:f3:69:90:6f:69:96:30:f4:58:
                    e3:b0:ce:cb:2f:b8:69:f5:08:9f:eb:e1:ca:ab:5a:
                    87:ac:b8:a1:7e:be:3b:25:29:f3:a3:3b:d4:86:1e:
                    2b:f2:47:48:ea:f6:45:89:cf:a7:0f:d4:c9:eb:17:
                    d0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F1:53:4D:61:91:74:6F:04:D9:07:AE:22:BD:B1:6B:CE:4B:59:FC
            X509v3 Authority Key Identifier:
                keyid:AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ff:64:4d:92:d7:2b:cc:38:c6:36:ef:01:af:8b:ec:aa:83:
         5a:09:29:16:48:ed:8d:f1:e3:55:b2:8a:aa:a6:a7:7a:07:e3:
         d2:ef:c6:a7:bd:8c:ac:24:b6:04:c4:89:ad:86:63:30:d6:a0:
         6c:d6:9a:28:3c:e1:35:f4:0f:3f:22:fc:d7:76:74:1a:35:44:
         d9:71:d0:6f:52:48:ff:d1:a0:35:e2:b6:cd:7b:0f:7f:87:ca:
         f2:a6:6d:c8:67:f6:92:b6:3e:a6:7c:22:32:d7:49:a5:85:64:
         71:26:cc:90:32:16:f6:39:b1:a0:f4:65:32:a2:e3:10:19:73:
         01:f7:4f:47:01:96:c3:e1:00:90:0e:ea:ef:d9:d4:1a:eb:7d:
         a3:09:b3:c5:96:b5:34:43:54:3d:07:54:a2:94:db:ab:2a:ff:
         e5:46:a0:9b:d8:c2:5d:28:3c:fc:e5:21:0e:e8:0f:99:68:b5:
         b6:29:b8:ba:b0:04:9d:07:5c:eb:cf:ae:e9:96:97:f0:0a:cf:
         ac:13:5c:74:c7:a6:15:b8:34:61:d6:44:31:2e:bf:1a:32:2b:
         3c:4d:16:0d:76:a3:94:18:29:9e:10:e1:f4:ca:35:4f:f0:cf:
         a7:e8:2e:06:c0:6b:f9:bf:f0:74:1c:ac:c0:64:0b:80:e3:d6:
         b1:49:eb:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasH0FjI7fLL6GJ9e7vIvlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGM0MDJjMjNiODA1ZTA5NTMwMTE1YmJlNDQ0NDAyMGY0
ZjIwMzQwHhcNMjUwNTA3MTkwMDUxWhcNMjUwNTA4MTkwMDUxWjAzMTEwLwYDVQQD
EyhmOWYxNTM0ZDYxOTE3NDZmMDRkOTA3YWUyMmJkYjE2YmNlNGI1OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqKb+Hp/jjo0FVIATJzuDXjLpXb
uDC/hySysGSOkgxPWU7v1mNIz/4mb7yH/f8b/cpgNy/kUFkup8ckXHQJsf7f3eM5
hP+WmXNM/fF62o35KvsCng7eBVvmtkQVR2OaivMWzU3+M1G9RKj3fd1w9bDxM32t
k8mZrU0zYSrmR+YAa4PhLIQ2VtGv9I72wR6segL0CsrIDKGfWAHwzZXDvCuuy3q1
okmStNyYfcZbC5ZSohspWB2NS/2nSoQqJ16nNAg2VB05M/rzaZBvaZYw9FjjsM7L
L7hp9Qif6+HKq1qHrLihfr47JSnzozvUhh4r8kdI6vZFic+nD9TJ6xfQJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnxU01hkXRvBNkHriK9sWvOS1n8MB8GA1UdIwQY
MBaAFKqMQCwjuAXglTARW75ERAIPTyA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMt
NGY2YWYwODgzOTc5LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMtNGY2YWYwODgzOTc5
LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXP9kTZLX
K8w4xjbvAa+L7KqDWgkpFkjtjfHjVbKKqqanegfj0u/Gp72MrCS2BMSJrYZjMNag
bNaaKDzhNfQPPyL813Z0GjVE2XHQb1JI/9GgNeK2zXsPf4fK8qZtyGf2krY+pnwi
MtdJpYVkcSbMkDIW9jmxoPRlMqLjEBlzAfdPRwGWw+EAkA7q79nUGut9owmzxZa1
NENUPQdUopTbqyr/5Uagm9jCXSg8/OUhDugPmWi1tim4urAEnQdc68+u6ZaX8ArP
rBNcdMemFbg0YdZEMS6/GjIrPE0WDXajlBgpnhDh9Mo1T/DPp+guBsBr+b/wdBys
wGQLgOPWsUnr0w==
-----END CERTIFICATE-----