Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
File:                     qoxALCO4BeCVMBFbvkREAg9PIDQ.mft (raw, json)
Hash identifier:          dK0cq1zIrHGU8xCLHC5SbG6JfDVT6pMC+V0mxJD/H2s=
Subject key identifier:   17:11:48:44:A5:43:84:91:DA:92:F0:1F:CF:78:1F:6B:40:44:10:0D
Authority key identifier: AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34
Certificate issuer:       /CN=aa8c402c23b805e09530115bbe4444020f4f2034
Certificate serial:       01964D7E3F74702AC3E36703CA61EB9039C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
Manifest number:          05F8
Signing time:             Sat 19 Apr 2025 10:00:41 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:41 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:41 +0000
Files and hashes:         1: qoxALCO4BeCVMBFbvkREAg9PIDQ.crl (hash: fCdjZY2xuP9dTU6qMcch8QDBRuCySIsnTUpsrFtuvbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:3f:74:70:2a:c3:e3:67:03:ca:61:eb:90:39:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8c402c23b805e09530115bbe4444020f4f2034
        Validity
            Not Before: Apr 19 10:00:41 2025 GMT
            Not After : Apr 20 10:00:41 2025 GMT
        Subject: CN=17114844a5438491da92f01fcf781f6b4044100d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9c:f5:ef:48:f8:10:4b:00:4c:f0:1f:14:52:
                    79:3b:9a:26:48:ae:11:6b:ea:ab:8a:65:3f:7e:63:
                    c0:bd:64:78:a9:fc:12:b5:33:1c:9d:8d:b1:35:b6:
                    ab:b5:8d:60:63:3f:9f:a5:a4:6e:a7:e6:92:c4:73:
                    bc:43:f3:ab:57:0d:ac:3f:e0:d5:32:d8:ab:b7:17:
                    53:9f:1f:a9:23:d6:24:ed:7f:e9:ce:62:8a:20:22:
                    eb:92:ca:1a:7b:8d:53:80:71:a7:95:f2:4a:4e:45:
                    7e:fd:9f:0c:5b:5c:02:8b:d2:5b:56:af:27:62:99:
                    25:1b:95:ba:e3:55:7e:9e:ad:b3:61:ed:10:7f:ab:
                    46:21:c9:27:f4:34:47:9e:b7:4e:5e:7d:da:a3:35:
                    4b:76:37:34:2e:2a:45:50:b5:87:6b:de:35:65:d4:
                    d7:e2:c2:df:91:83:2f:39:1d:5c:be:a6:cb:ae:6f:
                    5d:bd:a7:42:4f:26:53:62:b5:2c:dc:4a:7f:00:84:
                    c1:bf:3b:bc:6e:9a:ea:79:33:a1:f2:cf:20:24:f6:
                    cd:4d:e7:27:f1:01:93:ae:46:da:e5:d5:b9:95:b6:
                    df:a3:35:3a:c2:0d:64:01:25:05:ed:bb:7f:62:e8:
                    96:4a:20:98:d8:92:b6:42:b1:86:e6:5d:28:e6:42:
                    46:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:11:48:44:A5:43:84:91:DA:92:F0:1F:CF:78:1F:6B:40:44:10:0D
            X509v3 Authority Key Identifier:
                keyid:AA:8C:40:2C:23:B8:05:E0:95:30:11:5B:BE:44:44:02:0F:4F:20:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoxALCO4BeCVMBFbvkREAg9PIDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dba306-9199-4b75-a2c3-4f6af0883979/1/qoxALCO4BeCVMBFbvkREAg9PIDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:35:3e:aa:58:9f:6c:8e:85:5d:2b:21:3c:d4:4e:b2:db:cf:
         0c:51:5e:ce:8d:32:82:ff:78:34:ba:ea:ca:af:08:5b:e8:b6:
         df:30:f4:cc:d9:86:4b:79:d3:d5:e1:90:b5:b4:53:28:c9:6c:
         db:8f:e3:f4:29:60:fd:cd:85:40:64:fb:6e:73:f3:01:45:a7:
         81:f1:e6:5f:9c:62:86:ec:76:ab:5d:77:b2:62:fc:d5:4d:81:
         bb:2b:ee:c1:aa:3e:fd:af:30:87:d9:c8:17:23:97:6a:bc:2d:
         a3:47:04:74:15:0f:7a:69:53:c3:1c:f0:3c:75:e8:3e:61:85:
         98:86:60:ff:ee:88:1f:73:e1:50:81:a3:d6:0e:93:1f:45:70:
         6a:a8:2c:6f:62:48:de:10:dc:6c:e6:e0:81:79:15:fa:c3:4a:
         4d:1d:55:d7:32:5f:1e:d5:b2:91:ed:17:8d:d2:a9:36:33:6f:
         56:26:b0:cf:58:df:cf:46:26:2d:2c:39:b1:19:7b:5d:21:aa:
         1d:8b:9b:03:8c:e2:e6:9b:97:a9:c8:dd:20:a1:c9:78:e0:a3:
         74:c5:45:a5:10:1f:95:a8:7f:b1:5e:b1:e6:fa:80:c5:68:4a:
         c8:16:58:05:1c:82:86:65:88:06:54:50:ce:07:76:20:9e:2d:
         b5:fc:da:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfj90cCrD42cDymHrkDnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGM0MDJjMjNiODA1ZTA5NTMwMTE1YmJlNDQ0NDAyMGY0
ZjIwMzQwHhcNMjUwNDE5MTAwMDQxWhcNMjUwNDIwMTAwMDQxWjAzMTEwLwYDVQQD
EygxNzExNDg0NGE1NDM4NDkxZGE5MmYwMWZjZjc4MWY2YjQwNDQxMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopz170j4EEsATPAfFFJ5O5omSK4R
a+qrimU/fmPAvWR4qfwStTMcnY2xNbartY1gYz+fpaRup+aSxHO8Q/OrVw2sP+DV
MtirtxdTnx+pI9Yk7X/pzmKKICLrksoae41TgHGnlfJKTkV+/Z8MW1wCi9JbVq8n
YpklG5W641V+nq2zYe0Qf6tGIckn9DRHnrdOXn3aozVLdjc0LipFULWHa941ZdTX
4sLfkYMvOR1cvqbLrm9dvadCTyZTYrUs3Ep/AITBvzu8bprqeTOh8s8gJPbNTecn
8QGTrkba5dW5lbbfozU6wg1kASUF7bt/YuiWSiCY2JK2QrGG5l0o5kJGFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcRSESlQ4SR2pLwH894H2tARBANMB8GA1UdIwQY
MBaAFKqMQCwjuAXglTARW75ERAIPTyA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMt
NGY2YWYwODgzOTc5LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kYmEzMDYtOTE5OS00Yjc1LWEyYzMtNGY2YWYwODgzOTc5
LzEvcW94QUxDTzRCZUNWTUJGYnZrUkVBZzlQSURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDU+qlif
bI6FXSshPNROstvPDFFezo0ygv94NLrqyq8IW+i23zD0zNmGS3nT1eGQtbRTKMls
24/j9Clg/c2FQGT7bnPzAUWngfHmX5xihux2q113smL81U2Buyvuwao+/a8wh9nI
FyOXarwto0cEdBUPemlTwxzwPHXoPmGFmIZg/+6IH3PhUIGj1g6TH0Vwaqgsb2JI
3hDcbObggXkV+sNKTR1V1zJfHtWyke0XjdKpNjNvViawz1jfz0YmLSw5sRl7XSGq
HYubA4zi5puXqcjdIKHJeOCjdMVFpRAflah/sV6x5vqAxWhKyBZYBRyChmWIBlRQ
zgd2IJ4ttfzaAA==
-----END CERTIFICATE-----