Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          btUosQ56olxYnTh3M6ucibmqesTSEQP8Qnqee5i3guY=
Subject key identifier:   AF:EC:70:80:F2:A0:D8:B0:54:FC:6C:5A:75:A9:8C:6B:76:3C:A1:AA
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       01984AAE8FC16B8CE97E84F1A44AFF3BA22F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          03BE
Signing time:             Sun 27 Jul 2025 07:00:10 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:10 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:10 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: ryS/rXPDfmy42OWbP0wwUQIKZ6VQEAy6iwPMhAes1yU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:8f:c1:6b:8c:e9:7e:84:f1:a4:4a:ff:3b:a2:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Jul 27 07:00:10 2025 GMT
            Not After : Jul 28 07:00:10 2025 GMT
        Subject: CN=afec7080f2a0d8b054fc6c5a75a98c6b763ca1aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:01:df:2e:1a:c4:ed:da:c6:ac:13:f4:df:fc:
                    5f:23:fa:d8:bf:52:88:63:91:10:77:a8:e2:f3:5f:
                    9e:9b:cf:be:ea:2c:e7:b4:bf:2a:95:13:e9:e5:10:
                    ab:d7:f7:b5:ee:ed:49:6a:71:fb:bc:6c:37:74:e3:
                    98:1b:70:d8:00:df:f4:e8:7a:db:d8:6e:89:40:07:
                    a3:54:6c:17:79:5e:2e:11:41:ad:22:21:05:d5:bc:
                    e6:e8:24:98:25:e3:a1:24:fd:fc:6f:ef:5f:8a:d9:
                    ab:91:9d:2e:ab:f4:be:48:c1:dc:66:f5:3b:2f:9a:
                    b5:0c:d5:3e:2a:1a:43:a3:fa:b8:8d:e4:27:c9:d0:
                    a7:27:70:71:58:51:9c:dc:55:8f:b2:a4:ad:d9:ee:
                    a5:fe:01:69:3d:98:6b:3b:bb:e3:36:47:47:d3:5a:
                    02:52:d9:03:4d:12:9a:30:b5:5a:e2:36:b6:7f:be:
                    eb:e6:4f:e1:4a:74:80:46:72:42:fc:4c:0e:c0:fe:
                    76:81:b0:51:92:f2:09:bc:53:60:84:0c:1d:d7:9f:
                    b0:d4:e5:f5:0e:e1:c2:f9:3a:a9:f9:a6:d8:02:91:
                    e6:49:48:36:6e:cb:b6:40:a7:b7:0f:19:02:02:f1:
                    37:c3:6e:1f:d4:83:3e:11:bb:1b:95:f4:78:a1:2e:
                    ee:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:EC:70:80:F2:A0:D8:B0:54:FC:6C:5A:75:A9:8C:6B:76:3C:A1:AA
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:e7:c8:ff:e2:35:64:af:64:ec:8c:e0:c2:3d:77:cb:99:59:
         6b:f0:9c:10:37:bf:bc:2b:c2:38:0e:c1:1f:19:a1:b0:03:a7:
         e8:1d:4b:40:a5:8a:29:11:77:ac:c8:4f:f6:bd:60:58:13:f9:
         f1:8f:c2:15:fa:21:db:07:7a:f8:12:f3:a2:6f:29:fe:a9:1c:
         d9:61:84:60:06:1f:81:13:4b:68:1b:42:fe:80:52:ec:8c:d2:
         73:d7:79:22:b9:eb:57:a6:e1:95:83:db:58:aa:25:06:99:b3:
         24:64:e9:65:7e:e2:90:c3:10:49:9f:0f:7a:7e:eb:28:1a:91:
         05:49:7b:91:38:b3:9b:04:74:e6:07:ba:9e:bc:ff:64:81:ce:
         d3:a7:9b:90:0b:b6:f0:96:ee:e6:0c:1e:ab:d8:b7:92:b9:50:
         a4:47:cb:76:a1:9b:87:0c:0d:22:89:81:21:8d:ca:12:6e:54:
         de:90:f9:fb:ae:8f:d4:f9:1d:89:38:77:9f:ae:66:6c:3b:18:
         12:7e:ab:e5:3a:61:56:fc:85:8e:48:bb:6c:23:68:42:2e:81:
         9b:29:66:75:28:86:7b:de:87:27:5d:c4:df:ec:f8:30:87:ac:
         ff:fa:ed:06:21:61:47:89:25:fb:ac:15:2f:31:d6:0a:f5:73:
         2b:99:7d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKro/Ba4zpfoTxpEr/O6IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwNzI3MDcwMDEwWhcNMjUwNzI4MDcwMDEwWjAzMTEwLwYDVQQD
EyhhZmVjNzA4MGYyYTBkOGIwNTRmYzZjNWE3NWE5OGM2Yjc2M2NhMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQHfLhrE7drGrBP03/xfI/rYv1KI
Y5EQd6ji81+em8++6izntL8qlRPp5RCr1/e17u1JanH7vGw3dOOYG3DYAN/06Hrb
2G6JQAejVGwXeV4uEUGtIiEF1bzm6CSYJeOhJP38b+9fitmrkZ0uq/S+SMHcZvU7
L5q1DNU+KhpDo/q4jeQnydCnJ3BxWFGc3FWPsqSt2e6l/gFpPZhrO7vjNkdH01oC
UtkDTRKaMLVa4ja2f77r5k/hSnSARnJC/EwOwP52gbBRkvIJvFNghAwd15+w1OX1
DuHC+Tqp+abYApHmSUg2bsu2QKe3DxkCAvE3w24f1IM+EbsblfR4oS7uowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/scIDyoNiwVPxsWnWpjGt2PKGqMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACOfI/+I1
ZK9k7Izgwj13y5lZa/CcEDe/vCvCOA7BHxmhsAOn6B1LQKWKKRF3rMhP9r1gWBP5
8Y/CFfoh2wd6+BLzom8p/qkc2WGEYAYfgRNLaBtC/oBS7IzSc9d5IrnrV6bhlYPb
WKolBpmzJGTpZX7ikMMQSZ8Pen7rKBqRBUl7kTizmwR05ge6nrz/ZIHO06ebkAu2
8Jbu5gweq9i3krlQpEfLdqGbhwwNIomBIY3KEm5U3pD5+66P1PkdiTh3n65mbDsY
En6r5TphVvyFjki7bCNoQi6BmylmdSiGe96HJ13E3+z4MIes//rtBiFhR4kl+6wV
LzHWCvVzK5l9xg==
-----END CERTIFICATE-----