Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
File:                     qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json)
Hash identifier:          1l9ENDu/1gyxyQzPsnK04a4puPynpfdGUPYOa+ICDzI=
Subject key identifier:   5D:D9:AF:3A:9A:66:C5:E8:9E:06:83:71:BE:45:BE:C2:B5:4D:F1:46
Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F
Certificate issuer:       /CN=a9a7c1a2537fd0354087599787caa842fed60b7f
Certificate serial:       01965CF1C69919215AFB858E09BB606D40CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
Manifest number:          07A1
Signing time:             Tue 22 Apr 2025 10:01:10 +0000
Manifest this update:     Tue 22 Apr 2025 10:01:10 +0000
Manifest next update:     Wed 23 Apr 2025 10:01:10 +0000
Files and hashes:         1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: 46kCCh8s7Q9F0OGkjQCTeFLGtbZyvn3x6lDhusz8rW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 10:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f1:c6:99:19:21:5a:fb:85:8e:09:bb:60:6d:40:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f
        Validity
            Not Before: Apr 22 10:01:10 2025 GMT
            Not After : Apr 23 10:01:10 2025 GMT
        Subject: CN=5dd9af3a9a66c5e89e068371be45bec2b54df146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:33:3b:9b:8b:3f:8c:ed:8e:f3:aa:c6:6a:8f:
                    ba:f3:6d:86:10:01:de:05:a4:8d:c8:a8:e7:18:e5:
                    19:32:c8:cb:03:80:47:1f:4f:18:62:8d:df:c8:d1:
                    2c:81:e6:d9:57:8a:41:ee:6e:8e:71:d1:0b:7c:a6:
                    66:64:e4:6d:93:06:ea:5e:8f:7e:1b:a6:9b:20:06:
                    a8:85:de:bc:10:7c:fc:af:31:20:a2:59:a3:c8:4f:
                    af:4c:d6:ca:5d:10:de:e7:11:3a:cf:05:8a:b9:d1:
                    a2:35:78:0c:a9:03:83:79:05:40:36:ce:2a:88:6b:
                    a5:7a:41:24:fb:f6:9c:92:e6:77:ca:48:1b:2e:8b:
                    29:6e:0d:66:7d:b4:fe:11:af:7a:3e:b8:94:b3:56:
                    8b:3a:c9:78:73:d4:f3:b7:27:20:26:21:87:a3:2d:
                    44:46:cc:23:c3:25:0d:7b:34:f4:72:a1:9f:1a:37:
                    d0:78:06:36:d2:3e:ca:9d:b4:5d:97:08:8b:c1:b9:
                    db:80:22:67:71:d4:a4:5d:7f:f6:03:36:b4:6b:74:
                    81:cb:3e:fa:c8:d9:51:0e:a5:1a:0d:57:50:9d:81:
                    1c:55:d2:3f:88:a2:1f:85:75:67:b2:5d:ab:3a:54:
                    f8:6c:e5:16:5f:5c:bf:66:30:a3:80:0e:b9:23:96:
                    de:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D9:AF:3A:9A:66:C5:E8:9E:06:83:71:BE:45:BE:C2:B5:4D:F1:46
            X509v3 Authority Key Identifier:
                keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:b2:68:59:73:1e:98:b3:d5:2d:ee:24:91:84:a4:12:0e:75:
         93:b6:f1:be:a6:58:e4:e2:82:7e:1f:be:8d:31:a8:41:0b:25:
         19:3b:fe:69:71:39:b2:20:d1:09:c7:77:d5:5b:84:3e:37:08:
         df:4c:5f:57:d1:73:61:a1:20:54:43:88:a2:8f:c1:63:63:11:
         8d:83:2e:2e:a3:43:07:45:f8:42:d4:4a:73:89:ae:08:7a:aa:
         2f:cb:2c:1d:b3:5f:26:73:59:ef:30:ee:43:e4:ea:d8:5a:be:
         a8:4c:a8:95:24:4e:b3:cb:1d:04:82:50:10:76:cd:1e:90:ba:
         62:89:bf:e6:82:d5:c8:d0:56:48:ca:02:17:06:1a:8a:57:8e:
         12:ed:5c:e4:06:47:45:b6:09:27:31:ec:3a:e3:5d:5b:58:1c:
         a1:98:7e:40:90:ef:b1:c7:25:03:7b:6e:7d:5e:e5:49:f3:51:
         20:28:ef:03:4c:89:78:a7:e5:8c:fd:02:5b:a3:ba:45:b1:3d:
         52:5a:74:76:0e:bd:15:12:7d:48:6a:e8:73:d4:2d:4f:72:2b:
         40:33:cf:46:ad:7d:71:e3:71:4f:3c:84:56:48:f1:67:0e:86:
         af:92:e3:f5:ef:51:ac:1b:38:36:05:82:7a:b4:a8:b9:a8:5a:
         95:53:1b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8caZGSFa+4WOCbtgbUDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk
NjBiN2YwHhcNMjUwNDIyMTAwMTEwWhcNMjUwNDIzMTAwMTEwWjAzMTEwLwYDVQQD
Eyg1ZGQ5YWYzYTlhNjZjNWU4OWUwNjgzNzFiZTQ1YmVjMmI1NGRmMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDM7m4s/jO2O86rGao+6822GEAHe
BaSNyKjnGOUZMsjLA4BHH08YYo3fyNEsgebZV4pB7m6OcdELfKZmZORtkwbqXo9+
G6abIAaohd68EHz8rzEgolmjyE+vTNbKXRDe5xE6zwWKudGiNXgMqQODeQVANs4q
iGulekEk+/ackuZ3ykgbLospbg1mfbT+Ea96PriUs1aLOsl4c9TztycgJiGHoy1E
RswjwyUNezT0cqGfGjfQeAY20j7KnbRdlwiLwbnbgCJncdSkXX/2Aza0a3SByz76
yNlRDqUaDVdQnYEcVdI/iKIfhXVnsl2rOlT4bOUWX1y/ZjCjgA65I5be4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3ZrzqaZsXongaDcb5FvsK1TfFGMB8GA1UdIwQY
MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt
NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3
LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7JoWXMe
mLPVLe4kkYSkEg51k7bxvqZY5OKCfh++jTGoQQslGTv+aXE5siDRCcd31VuEPjcI
30xfV9FzYaEgVEOIoo/BY2MRjYMuLqNDB0X4QtRKc4muCHqqL8ssHbNfJnNZ7zDu
Q+Tq2Fq+qEyolSROs8sdBIJQEHbNHpC6Yom/5oLVyNBWSMoCFwYaileOEu1c5AZH
RbYJJzHsOuNdW1gcoZh+QJDvscclA3tufV7lSfNRICjvA0yJeKfljP0CW6O6RbE9
Ulp0dg69FRJ9SGroc9QtT3IrQDPPRq19ceNxTzyEVkjxZw6Gr5Lj9e9RrBs4NgWC
erSouahalVMbgA==
-----END CERTIFICATE-----