Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
File:                     qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft (raw, json)
Hash identifier:          iHld4KeGwgDVdSpT2VUUsMaz7rlrIrjzTZJ1+IBRsFg=
Subject key identifier:   97:8A:B6:5E:B3:53:65:B5:52:BD:46:0D:38:8A:EB:D0:72:77:DF:15
Authority key identifier: A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F
Certificate issuer:       /CN=a9240f027a9409229c59ff630aa2a80f9378a93f
Certificate serial:       0197499F3032533E33323B56A8CA66D62CED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
Manifest number:          10CF
Signing time:             Sat 07 Jun 2025 09:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:58 +0000
Files and hashes:         1: qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl (hash: MKvO3+TBoiGJArTM+IW2WcnLgDa7esbnk9Fr2z2lHxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:30:32:53:3e:33:32:3b:56:a8:ca:66:d6:2c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9240f027a9409229c59ff630aa2a80f9378a93f
        Validity
            Not Before: Jun  7 09:00:58 2025 GMT
            Not After : Jun  8 09:00:58 2025 GMT
        Subject: CN=978ab65eb35365b552bd460d388aebd07277df15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cf:69:5a:44:71:b0:12:68:85:29:c7:72:d7:
                    09:5d:62:3c:b6:bc:66:6a:c0:99:a7:df:33:bf:00:
                    a5:64:98:d7:63:0e:c4:1a:2c:a7:e7:8e:d1:87:25:
                    6d:69:54:a7:5e:66:60:72:7f:ea:6f:1f:f1:76:48:
                    35:4c:79:69:2d:30:ce:c2:0c:1a:28:07:35:aa:9b:
                    a2:4e:55:52:6a:ac:01:f4:cd:70:ff:76:c5:85:66:
                    75:f4:7d:5e:bd:69:78:cf:70:48:04:bc:76:f0:1a:
                    e7:f9:eb:43:be:10:8c:b1:3b:2f:96:a2:60:05:6a:
                    3b:26:a9:25:99:2e:73:a1:29:f8:b6:65:e5:59:45:
                    6e:30:1a:d0:e1:6d:ed:bd:d0:37:78:7c:b1:13:ff:
                    e5:c0:21:17:0a:97:25:5e:bd:4c:a2:69:ba:39:de:
                    aa:16:fd:a6:44:35:78:62:d6:fd:7b:f8:11:37:68:
                    78:db:5d:06:64:f9:c1:05:c7:57:6e:48:ae:e1:eb:
                    b4:2d:af:18:e3:8f:d7:b6:f8:fc:35:a4:de:0f:1e:
                    96:cc:35:6a:04:d5:58:34:9f:e7:39:b4:ea:8d:69:
                    b2:e1:3c:f5:d8:25:98:50:d0:0a:69:d7:fa:57:e6:
                    05:4e:73:9e:67:a2:56:25:e6:9f:e1:91:5c:67:ae:
                    93:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:8A:B6:5E:B3:53:65:B5:52:BD:46:0D:38:8A:EB:D0:72:77:DF:15
            X509v3 Authority Key Identifier:
                keyid:A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:4e:e7:cd:63:24:a4:1e:57:65:74:a1:4b:6f:c8:9c:9c:ef:
         e5:aa:2d:25:91:6a:70:02:c3:bd:ad:51:75:ac:0d:28:21:0b:
         8b:ee:4e:f1:7d:a7:d8:91:14:1c:9f:78:ff:4e:30:d8:74:b8:
         47:a5:02:50:0a:3a:3c:bd:9c:b7:ad:0d:21:67:16:22:53:07:
         4e:91:c9:7e:09:cf:5e:94:2c:ec:75:8b:39:90:db:b6:5f:ae:
         02:bc:42:ad:f3:b3:be:a6:3b:0e:3b:d6:0f:c5:3a:f1:c0:55:
         b3:26:11:c1:ee:1d:c2:d4:ea:bb:41:74:b0:48:1a:9c:46:ab:
         dd:29:b4:46:3b:cf:6c:a5:11:d0:79:21:36:5d:4f:14:a1:72:
         ec:4b:02:2e:93:ba:7a:90:3c:4b:8e:55:11:13:20:95:f6:cf:
         60:d4:69:c8:4a:94:f7:d2:2b:89:e3:3d:50:2a:d1:bd:d4:3d:
         1d:63:3e:07:4a:39:57:85:b6:78:48:7b:c5:96:e3:00:f4:74:
         c4:82:c8:10:26:85:14:24:1b:05:45:f6:e2:41:6a:5c:ce:dc:
         41:e5:ad:5b:96:9d:90:f5:ea:f8:8a:a6:3c:0f:4a:ce:3d:bd:
         16:8e:e7:b6:56:9a:86:82:17:1d:75:0c:9b:af:be:4f:1e:5c:
         d0:36:6b:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnzAyUz4zMjtWqMpm1iztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjQwZjAyN2E5NDA5MjI5YzU5ZmY2MzBhYTJhODBmOTM3
OGE5M2YwHhcNMjUwNjA3MDkwMDU4WhcNMjUwNjA4MDkwMDU4WjAzMTEwLwYDVQQD
Eyg5NzhhYjY1ZWIzNTM2NWI1NTJiZDQ2MGQzODhhZWJkMDcyNzdkZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM9pWkRxsBJohSnHctcJXWI8trxm
asCZp98zvwClZJjXYw7EGiyn547RhyVtaVSnXmZgcn/qbx/xdkg1THlpLTDOwgwa
KAc1qpuiTlVSaqwB9M1w/3bFhWZ19H1evWl4z3BIBLx28Brn+etDvhCMsTsvlqJg
BWo7JqklmS5zoSn4tmXlWUVuMBrQ4W3tvdA3eHyxE//lwCEXCpclXr1Momm6Od6q
Fv2mRDV4Ytb9e/gRN2h4210GZPnBBcdXbkiu4eu0La8Y44/Xtvj8NaTeDx6WzDVq
BNVYNJ/nObTqjWmy4Tz12CWYUNAKadf6V+YFTnOeZ6JWJeaf4ZFcZ66TjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeKtl6zU2W1Ur1GDTiK69Byd98VMB8GA1UdIwQY
MBaAFKkkDwJ6lAkinFn/YwqiqA+TeKk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2Qt
M2QxYjNhODZjZTg3LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2QtM2QxYjNhODZjZTg3
LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABU7nzWMk
pB5XZXShS2/InJzv5aotJZFqcALDva1RdawNKCELi+5O8X2n2JEUHJ94/04w2HS4
R6UCUAo6PL2ct60NIWcWIlMHTpHJfgnPXpQs7HWLOZDbtl+uArxCrfOzvqY7DjvW
D8U68cBVsyYRwe4dwtTqu0F0sEganEar3Sm0RjvPbKUR0HkhNl1PFKFy7EsCLpO6
epA8S45VERMglfbPYNRpyEqU99IrieM9UCrRvdQ9HWM+B0o5V4W2eEh7xZbjAPR0
xILIECaFFCQbBUX24kFqXM7cQeWtW5adkPXq+IqmPA9Kzj29Fo7ntlaahoIXHXUM
m6++Tx5c0DZr2w==
-----END CERTIFICATE-----