Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
File:                     qoxALCO4BeCVMBFbvkREAg9PIDQ.mft (raw, json)
Hash identifier:          AtrifN3KidRtGHFZR2yD2f3cnvA8rzJyt7+1l40pb2s=
Subject key identifier:   9C:94:A5:0F:DA:9D:88:33:7F:86:27:58:C3:0C:C6:DB:68:D2:45:D7
Authority key identifier: AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34
Certificate issuer:       /CN=aa8c402c23b805e09530115bbe4444020f4f2034
Certificate serial:       01974A7A85EF997C4B5D24DCDEF6C1BF5CC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
Manifest number:          067B
Signing time:             Sat 07 Jun 2025 13:00:33 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:33 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:33 +0000
Files and hashes:         1: qoxALCO4BeCVMBFbvkREAg9PIDQ.crl (hash: xlgGHHXyYYlWK1crdZ2CHVgvkB/Pevc7zymk088hn1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:85:ef:99:7c:4b:5d:24:dc:de:f6:c1:bf:5c:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8c402c23b805e09530115bbe4444020f4f2034
        Validity
            Not Before: Jun  7 13:00:33 2025 GMT
            Not After : Jun  8 13:00:33 2025 GMT
        Subject: CN=9c94a50fda9d88337f862758c30cc6db68d245d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:84:35:aa:31:30:84:9b:dd:ba:00:76:8a:57:
                    a8:18:13:97:b5:1c:6e:50:18:09:1b:30:65:e7:89:
                    62:b4:3c:58:7e:7b:85:4c:92:99:49:c6:79:ff:9b:
                    45:d2:1b:3d:64:4e:d2:ac:05:cf:1c:8e:60:6a:43:
                    ba:3d:a5:4b:4f:db:32:51:c5:dd:47:5c:98:15:8f:
                    22:8a:76:0c:eb:5e:82:ce:1c:3d:a3:8e:03:a4:76:
                    aa:4e:4a:2a:ab:41:f4:fa:3c:ed:55:27:f4:e3:2b:
                    ab:46:23:9b:ca:c5:bc:47:30:81:17:00:6c:33:0a:
                    47:56:53:58:12:c2:2b:e0:1f:e9:3f:d3:a6:cf:f2:
                    28:34:5a:44:67:70:f7:a6:54:3e:27:f6:e0:09:ac:
                    23:60:c5:f5:5a:64:42:32:ee:27:21:c6:02:a0:88:
                    41:92:ab:65:39:4e:25:de:7f:c0:48:21:a2:63:b1:
                    3c:b4:7a:5b:58:e2:2c:2d:35:f9:54:dd:af:3c:d1:
                    60:ea:22:bb:e0:eb:8b:45:a6:98:35:4a:e5:68:5c:
                    7b:fc:30:9f:6c:95:1d:31:b6:94:27:56:4f:f9:6d:
                    d0:0e:79:c8:5d:ee:83:69:2c:ed:e3:31:30:9f:e8:
                    5f:d2:ea:e9:41:11:25:f3:10:b8:bc:8c:e9:2a:88:
                    f7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:94:A5:0F:DA:9D:88:33:7F:86:27:58:C3:0C:C6:DB:68:D2:45:D7
            X509v3 Authority Key Identifier:
                keyid:AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:c9:46:ed:ac:f8:41:54:8f:c3:cf:21:1e:37:65:44:10:ea:
         df:0e:63:f9:e7:50:f4:47:64:4a:e8:04:a1:e7:4c:75:63:86:
         59:4d:d7:74:be:ce:e9:57:58:9f:e7:ad:83:02:75:79:28:30:
         b2:68:3f:47:40:ab:f4:03:64:82:6c:6d:e0:16:3f:a0:42:c3:
         c7:38:8c:8a:49:c8:32:49:0e:7d:fd:53:51:e1:15:c1:58:70:
         75:7d:56:80:9e:84:f5:01:84:f4:15:94:e5:34:b2:58:ac:af:
         eb:81:0b:96:e1:97:20:97:41:f6:9a:84:62:bc:99:2c:bb:53:
         90:a0:47:f8:9e:17:f2:c0:15:06:ec:a1:5b:72:40:c2:ab:28:
         4b:96:22:c1:6d:2a:2a:ea:bf:24:bb:1a:fe:a3:ab:dd:4b:79:
         6a:05:af:23:9c:f9:ea:ea:f2:58:04:99:82:fe:a9:fd:e3:d4:
         08:9c:cb:6e:8b:53:71:fc:4e:64:b0:e5:2e:7e:82:da:34:5b:
         c6:11:25:f9:ec:59:b1:1f:ab:d2:a7:12:a8:eb:e5:71:f7:c9:
         d7:57:11:87:f6:e6:23:93:fb:a2:f6:e2:14:1a:10:69:bb:19:
         ae:00:95:dc:65:ce:53:45:72:6d:22:de:30:ac:95:72:0b:15:
         ab:07:81:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeoXvmXxLXSTc3vbBv1zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGM0MDJjMjNiODA1ZTA5NTMwMTE1YmJlNDQ0NDAyMGY0
ZjIwMzQwHhcNMjUwNjA3MTMwMDMzWhcNMjUwNjA4MTMwMDMzWjAzMTEwLwYDVQQD
Eyg5Yzk0YTUwZmRhOWQ4ODMzN2Y4NjI3NThjMzBjYzZkYjY4ZDI0NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoQ1qjEwhJvdugB2ileoGBOXtRxu
UBgJGzBl54litDxYfnuFTJKZScZ5/5tF0hs9ZE7SrAXPHI5gakO6PaVLT9syUcXd
R1yYFY8iinYM616Czhw9o44DpHaqTkoqq0H0+jztVSf04yurRiObysW8RzCBFwBs
MwpHVlNYEsIr4B/pP9Omz/IoNFpEZ3D3plQ+J/bgCawjYMX1WmRCMu4nIcYCoIhB
kqtlOU4l3n/ASCGiY7E8tHpbWOIsLTX5VN2vPNFg6iK74OuLRaaYNUrlaFx7/DCf
bJUdMbaUJ1ZP+W3QDnnIXe6DaSzt4zEwn+hf0urpQREl8xC4vIzpKoj3FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyUpQ/anYgzf4YnWMMMxtto0kXXMB8GA1UdIwQY
MBaAFKqMQCwjuAXglTARW75ERAIPTyA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMt
NGY2YWYwODgzOTc5LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMtNGY2YWYwODgzOTc5
LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlslG7az4
QVSPw88hHjdlRBDq3w5j+edQ9EdkSugEoedMdWOGWU3XdL7O6VdYn+etgwJ1eSgw
smg/R0Cr9ANkgmxt4BY/oELDxziMiknIMkkOff1TUeEVwVhwdX1WgJ6E9QGE9BWU
5TSyWKyv64ELluGXIJdB9pqEYryZLLtTkKBH+J4X8sAVBuyhW3JAwqsoS5YiwW0q
Kuq/JLsa/qOr3Ut5agWvI5z56uryWASZgv6p/ePUCJzLbotTcfxOZLDlLn6C2jRb
xhEl+exZsR+r0qcSqOvlcffJ11cRh/bmI5P7ovbiFBoQabsZrgCV3GXOU0VybSLe
MKyVcgsVqweBxw==
-----END CERTIFICATE-----