Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
File:                     QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft (raw, json)
Hash identifier:          ojItiFOiKriqMiAL/u/TSr97XSoY/Y/OmIUmnlVjWGw=
Subject key identifier:   AE:A1:FE:0C:45:AE:67:EE:27:3D:F0:C8:9F:17:74:01:D5:26:22:D5
Authority key identifier: 42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84
Certificate issuer:       /CN=424c165b6a49349541c65af9b21580163819f284
Certificate serial:       0198D47426BD0E4A28F596DF323636E542B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
Manifest number:          09E7
Signing time:             Sat 23 Aug 2025 01:03:58 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:58 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:58 +0000
Files and hashes:         1: QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl (hash: FqZlm8WAAWPQfmAmW4L+Ir9YSsq9GrcEoH2kCjCvwNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:26:bd:0e:4a:28:f5:96:df:32:36:36:e5:42:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424c165b6a49349541c65af9b21580163819f284
        Validity
            Not Before: Aug 23 01:03:58 2025 GMT
            Not After : Aug 24 01:03:58 2025 GMT
        Subject: CN=aea1fe0c45ae67ee273df0c89f177401d52622d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fc:7b:43:b9:9c:18:78:2a:7a:39:07:48:a3:
                    e0:48:23:bf:36:7f:2d:59:8f:35:94:d3:21:20:08:
                    99:e5:7e:71:48:7b:83:78:12:4d:72:62:b2:56:f6:
                    fd:d7:3b:03:68:78:08:f4:bd:3b:3e:e9:d0:0f:03:
                    74:ef:c3:c4:df:71:39:f1:f3:a3:0e:d9:64:cd:bf:
                    04:db:39:3a:ac:d4:05:cb:d0:58:8d:f2:c7:4c:27:
                    95:4b:e5:2d:cb:40:27:fb:cc:5d:db:7c:43:a6:e5:
                    98:a0:e9:ca:dd:40:f7:c8:a2:14:46:eb:67:5c:a8:
                    a4:e4:b2:41:0f:9c:f6:2c:f1:c8:d0:af:41:46:42:
                    19:a5:28:19:fe:3d:ea:bc:68:f8:af:65:84:54:e9:
                    f3:68:fa:b7:b0:8c:50:19:0b:f5:fd:17:4c:09:f8:
                    9d:63:a3:ba:bf:4f:74:ec:f5:cb:51:50:6f:75:f6:
                    ec:ef:dd:ed:75:b1:20:80:ee:48:7b:2f:c3:37:95:
                    40:74:36:cb:7a:90:ce:fa:61:0c:ff:c9:66:6b:f9:
                    41:dc:36:08:67:0f:e7:81:b6:81:dd:fb:f9:ef:2c:
                    40:03:7e:a0:df:c8:df:3e:5d:e8:ee:5f:bb:87:8d:
                    d0:11:de:7a:8d:6a:52:b7:43:61:2f:77:16:20:df:
                    55:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:A1:FE:0C:45:AE:67:EE:27:3D:F0:C8:9F:17:74:01:D5:26:22:D5
            X509v3 Authority Key Identifier:
                keyid:42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:8d:a3:e2:48:fc:22:76:f9:81:53:5f:4a:24:65:02:98:88:
         8e:33:5a:25:1b:b2:42:c2:38:bd:4d:12:42:b2:2b:25:8a:ba:
         14:40:5a:d7:a3:36:c1:32:b4:c7:98:c2:5b:0c:fd:97:2f:81:
         a6:15:9b:76:52:b9:49:c7:d9:37:9f:08:4a:c0:8a:1f:ce:25:
         68:0f:20:86:d5:8b:80:ce:ee:60:df:57:83:ad:ba:ff:d3:3f:
         97:74:35:3f:b9:e7:e1:29:a1:b3:ae:e0:e7:74:1e:6f:d2:8a:
         7c:13:bb:bb:d2:1a:cb:c4:eb:ba:a6:17:1d:be:39:b9:56:23:
         71:e6:96:24:6b:72:23:1d:91:b7:e2:f4:57:ec:bf:f8:5d:11:
         a3:08:50:e4:39:7e:c4:9a:fe:80:d2:14:9d:51:67:d4:e3:8c:
         12:e1:16:b6:7f:65:ec:41:69:4d:11:66:9c:1f:70:61:cd:5a:
         0c:ff:73:6e:9d:2c:32:c2:c7:04:5b:fc:1e:76:55:5b:d4:54:
         28:94:c9:9c:0c:bc:c0:ef:5b:17:2f:2e:63:3a:82:2f:7f:cb:
         09:51:20:fc:2f:95:2b:c0:b7:9f:35:53:2e:5f:6e:8e:3b:2a:
         4a:23:f2:56:e8:d5:0f:bb:a6:e7:37:69:54:d6:94:cb:24:54:
         78:ba:7a:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdCa9Dkoo9ZbfMjY25UKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGMxNjViNmE0OTM0OTU0MWM2NWFmOWIyMTU4MDE2Mzgx
OWYyODQwHhcNMjUwODIzMDEwMzU4WhcNMjUwODI0MDEwMzU4WjAzMTEwLwYDVQQD
EyhhZWExZmUwYzQ1YWU2N2VlMjczZGYwYzg5ZjE3NzQwMWQ1MjYyMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Px7Q7mcGHgqejkHSKPgSCO/Nn8t
WY81lNMhIAiZ5X5xSHuDeBJNcmKyVvb91zsDaHgI9L07PunQDwN078PE33E58fOj
Dtlkzb8E2zk6rNQFy9BYjfLHTCeVS+Uty0An+8xd23xDpuWYoOnK3UD3yKIURutn
XKik5LJBD5z2LPHI0K9BRkIZpSgZ/j3qvGj4r2WEVOnzaPq3sIxQGQv1/RdMCfid
Y6O6v0907PXLUVBvdfbs793tdbEggO5Iey/DN5VAdDbLepDO+mEM/8lma/lB3DYI
Zw/ngbaB3fv57yxAA36g38jfPl3o7l+7h43QEd56jWpSt0NhL3cWIN9VNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6h/gxFrmfuJz3wyJ8XdAHVJiLVMB8GA1UdIwQY
MBaAFEJMFltqSTSVQcZa+bIVgBY4GfKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgt
ZWMzYmY0ODE2ZDM2LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgtZWMzYmY0ODE2ZDM2
LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQY2j4kj8
Inb5gVNfSiRlApiIjjNaJRuyQsI4vU0SQrIrJYq6FEBa16M2wTK0x5jCWwz9ly+B
phWbdlK5ScfZN58ISsCKH84laA8ghtWLgM7uYN9Xg626/9M/l3Q1P7nn4Smhs67g
53Qeb9KKfBO7u9Iay8TruqYXHb45uVYjceaWJGtyIx2Rt+L0V+y/+F0RowhQ5Dl+
xJr+gNIUnVFn1OOMEuEWtn9l7EFpTRFmnB9wYc1aDP9zbp0sMsLHBFv8HnZVW9RU
KJTJnAy8wO9bFy8uYzqCL3/LCVEg/C+VK8C3nzVTLl9ujjsqSiPyVujVD7um5zdp
VNaUyyRUeLp6Zg==
-----END CERTIFICATE-----