Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          l0Dfxd8+iFnTZLhwO4kmr+k3VUElEcHLiOQ83zcDGtY=
Subject key identifier:   B1:F9:50:72:F2:F9:7E:99:35:BA:AB:BC:D3:4B:56:65:66:AC:73:19
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       0198D6617D30149FA2CDC7C08439BEDE14FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:02:49 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:49 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:49 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: kOGab8zVTrKXM1+5ey9VviPXXsoI7D4j1rgv13jtufg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:7d:30:14:9f:a2:cd:c7:c0:84:39:be:de:14:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Aug 23 10:02:49 2025 GMT
            Not After : Aug 24 10:02:49 2025 GMT
        Subject: CN=b1f95072f2f97e9935baabbcd34b566566ac7319
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a6:06:dc:ac:27:83:08:6e:64:c7:bb:55:cd:
                    49:37:e1:90:c4:0e:d7:5e:21:1a:82:ae:27:5f:55:
                    c3:1f:95:d3:6f:77:02:a1:91:04:0a:0b:97:7b:a2:
                    cd:c8:4d:b5:ca:97:15:9b:a2:b7:00:0f:a8:fb:29:
                    f1:15:70:76:13:11:70:51:dd:95:dc:93:d2:8d:0a:
                    6b:a8:12:8a:f3:a9:65:49:f2:cf:c4:91:c5:5f:40:
                    e7:27:b0:16:5c:43:8f:84:3e:d3:9e:67:4e:ee:e2:
                    f5:67:60:90:70:78:5b:e2:27:16:d3:f6:d9:cf:52:
                    c9:59:fe:14:c0:4e:17:d3:88:1d:b9:2a:54:ed:10:
                    45:10:c8:86:06:e2:ca:9a:a6:e2:e6:83:7b:fb:e7:
                    b7:97:cc:0a:8b:d3:bd:62:2e:e5:d2:79:fa:31:05:
                    25:86:a4:7a:65:02:0d:59:d1:8b:f9:e7:71:7c:3a:
                    05:10:8f:da:b2:e4:8a:78:99:e0:59:2d:98:72:01:
                    d1:42:00:b3:49:67:bb:a4:f8:6c:54:7e:a7:07:27:
                    9c:fd:64:bd:e9:51:28:22:2b:28:79:92:6e:0d:b6:
                    a2:79:5b:de:6b:57:f1:e0:79:f0:ff:d2:20:47:9b:
                    64:cd:be:f2:a5:54:cb:07:1d:9c:36:23:72:7a:0b:
                    6d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:F9:50:72:F2:F9:7E:99:35:BA:AB:BC:D3:4B:56:65:66:AC:73:19
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:9a:d7:e5:c8:d7:6a:2d:12:49:cd:50:29:4c:09:6c:78:74:
         9b:69:08:a6:dd:f0:a7:50:3a:4e:11:e4:34:5a:ea:5e:c7:78:
         6d:a0:a2:ae:c7:5d:7e:40:e9:c3:59:02:65:de:80:e0:d4:22:
         cf:ea:9c:48:b9:96:c8:3b:40:48:80:d6:9b:0a:a5:71:22:3e:
         ca:5e:ec:d9:e8:12:89:e2:08:a1:3e:a5:95:42:c5:27:52:df:
         da:7e:e1:0f:21:a9:07:4d:20:1e:df:1d:62:b3:08:7a:b6:57:
         fe:86:1b:27:1e:3f:bf:a7:07:df:b3:3a:46:e7:58:d2:cc:06:
         8e:d9:4c:c0:d8:24:7f:0f:92:da:bc:f0:47:49:52:36:65:f1:
         11:21:1d:d5:87:29:06:ce:08:48:74:30:00:8e:a1:ae:95:6a:
         11:e1:ca:e9:43:d8:ea:8f:3c:9f:72:cb:4e:13:ef:60:ce:c0:
         d9:5a:49:b9:14:dc:5e:97:6d:1e:93:1d:6f:7f:58:c4:84:30:
         25:33:e8:63:ef:2b:a9:8f:19:60:ae:e5:a2:bd:8b:2a:64:4b:
         a1:40:0e:9f:a6:ab:7c:c0:84:56:d7:50:53:d0:b3:47:b9:35:
         51:92:39:7b:77:0d:94:0e:05:ff:72:56:4e:4e:8d:74:59:ce:
         87:10:db:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYX0wFJ+izcfAhDm+3hT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwODIzMTAwMjQ5WhcNMjUwODI0MTAwMjQ5WjAzMTEwLwYDVQQD
EyhiMWY5NTA3MmYyZjk3ZTk5MzViYWFiYmNkMzRiNTY2NTY2YWM3MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qYG3KwngwhuZMe7Vc1JN+GQxA7X
XiEagq4nX1XDH5XTb3cCoZEECguXe6LNyE21ypcVm6K3AA+o+ynxFXB2ExFwUd2V
3JPSjQprqBKK86llSfLPxJHFX0DnJ7AWXEOPhD7TnmdO7uL1Z2CQcHhb4icW0/bZ
z1LJWf4UwE4X04gduSpU7RBFEMiGBuLKmqbi5oN7++e3l8wKi9O9Yi7l0nn6MQUl
hqR6ZQINWdGL+edxfDoFEI/asuSKeJngWS2YcgHRQgCzSWe7pPhsVH6nByec/WS9
6VEoIisoeZJuDbaieVvea1fx4Hnw/9IgR5tkzb7ypVTLBx2cNiNyegttSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLH5UHLy+X6ZNbqrvNNLVmVmrHMZMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl5rX5cjX
ai0SSc1QKUwJbHh0m2kIpt3wp1A6ThHkNFrqXsd4baCirsddfkDpw1kCZd6A4NQi
z+qcSLmWyDtASIDWmwqlcSI+yl7s2egSieIIoT6llULFJ1Lf2n7hDyGpB00gHt8d
YrMIerZX/oYbJx4/v6cH37M6RudY0swGjtlMwNgkfw+S2rzwR0lSNmXxESEd1Ycp
Bs4ISHQwAI6hrpVqEeHK6UPY6o88n3LLThPvYM7A2VpJuRTcXpdtHpMdb39YxIQw
JTPoY+8rqY8ZYK7lor2LKmRLoUAOn6arfMCEVtdQU9CzR7k1UZI5e3cNlA4F/3JW
Tk6NdFnOhxDbTw==
-----END CERTIFICATE-----