Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          PMrbEmaYay+VnGzTKdLQ9GR+4/WCWN+MPiTBqdceLHg=
Subject key identifier:   A4:A9:73:30:76:D4:21:C0:2D:CE:27:4F:CF:51:6E:D6:7D:BB:40:76
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       01991809B4431FA885D4E7A9D0B2D1CA75B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          166A
Signing time:             Fri 05 Sep 2025 04:01:53 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:53 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:53 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: Rep7naTlby31xLslPfwd4bg05tvwmiSugrpDN06Jc3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:b4:43:1f:a8:85:d4:e7:a9:d0:b2:d1:ca:75:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Sep  5 04:01:53 2025 GMT
            Not After : Sep  6 04:01:53 2025 GMT
        Subject: CN=a4a9733076d421c02dce274fcf516ed67dbb4076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:63:48:e4:55:ac:fe:29:d3:4f:3f:4e:96:6d:
                    7e:c7:41:9a:5b:a9:1d:fb:82:f4:a5:b8:61:91:2c:
                    85:35:f7:77:0a:03:1d:c8:d3:17:c9:f8:0a:e9:a8:
                    8d:15:d1:a7:9d:08:a7:d2:2a:a6:7c:e2:a4:b7:45:
                    8f:2d:7e:07:2f:67:0c:95:32:b0:fc:08:44:c5:ab:
                    ca:ab:ff:de:90:0b:a5:07:78:30:97:ee:17:32:a7:
                    d6:a9:39:0c:29:5a:a4:51:f7:c2:db:a6:5c:19:fa:
                    da:d0:8b:5a:6a:a4:b5:d6:16:f3:4a:2e:23:d3:0d:
                    8b:82:51:7f:d4:ae:c4:0c:0e:0e:bc:c8:5d:43:98:
                    89:44:c3:c5:9a:9e:51:3f:47:99:12:55:0d:14:d9:
                    f0:9d:ac:eb:8e:e6:c8:8e:0b:84:e8:08:38:5a:6c:
                    47:6a:e3:5b:c0:6c:c8:3c:ac:6e:2c:3b:6a:13:c9:
                    dd:32:de:3a:f5:31:2e:5d:d1:50:d9:92:86:ef:a4:
                    1b:80:6b:a2:19:b1:14:42:66:0d:40:23:fb:40:d5:
                    ff:57:6c:a4:1f:48:a0:90:9e:a0:55:63:98:bd:c8:
                    e0:55:a0:db:5d:5f:fe:45:d1:0f:77:8b:3b:8c:57:
                    dc:5f:c6:64:06:d6:77:bc:6f:d6:af:a6:e5:68:c8:
                    c3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A9:73:30:76:D4:21:C0:2D:CE:27:4F:CF:51:6E:D6:7D:BB:40:76
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:b9:b0:72:2d:cf:5c:22:94:01:41:f6:50:7b:58:b4:65:ef:
         d1:ee:6f:69:db:dc:60:57:2e:ac:38:73:11:bf:e3:e7:70:e5:
         ad:af:4d:74:d5:82:ed:56:4e:78:6d:33:b3:95:76:53:06:7d:
         7c:b8:73:9c:7d:8e:8f:bf:66:2b:ca:66:64:9b:0e:ad:9d:b2:
         67:ac:52:5d:ab:2f:0c:90:f8:13:47:ca:69:db:47:2e:5c:23:
         ac:af:4e:6f:86:05:2d:4d:64:3d:51:40:1f:a7:44:40:ca:49:
         5d:26:08:f6:aa:ae:52:26:81:38:b1:0f:e3:ce:46:9e:15:86:
         fb:c6:d9:c3:9f:1d:d2:e6:4a:d6:20:61:8d:25:82:25:bc:79:
         9c:bc:ea:49:fe:ed:6d:1a:9a:5d:df:04:63:2e:2e:56:0e:41:
         c2:6b:59:fc:fd:69:e5:6b:ef:fc:fa:74:48:ce:a7:05:bf:ca:
         61:ea:b3:db:fa:46:41:83:10:f8:b6:48:64:fb:78:35:aa:91:
         59:36:69:8b:17:9d:ee:cf:a8:83:55:2f:c6:44:62:43:03:48:
         a0:e3:8a:f7:f9:11:a8:af:13:a4:3a:4f:3c:6b:4b:96:3b:2b:
         ff:e1:8c:17:86:50:8b:18:e8:82:3f:c2:d1:13:9f:a5:d1:b6:
         12:ad:51:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCbRDH6iF1Oep0LLRynWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjUwOTA1MDQwMTUzWhcNMjUwOTA2MDQwMTUzWjAzMTEwLwYDVQQD
EyhhNGE5NzMzMDc2ZDQyMWMwMmRjZTI3NGZjZjUxNmVkNjdkYmI0MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGNI5FWs/inTTz9Olm1+x0GaW6kd
+4L0pbhhkSyFNfd3CgMdyNMXyfgK6aiNFdGnnQin0iqmfOKkt0WPLX4HL2cMlTKw
/AhExavKq//ekAulB3gwl+4XMqfWqTkMKVqkUffC26ZcGfra0ItaaqS11hbzSi4j
0w2LglF/1K7EDA4OvMhdQ5iJRMPFmp5RP0eZElUNFNnwnazrjubIjguE6Ag4WmxH
auNbwGzIPKxuLDtqE8ndMt469TEuXdFQ2ZKG76QbgGuiGbEUQmYNQCP7QNX/V2yk
H0igkJ6gVWOYvcjgVaDbXV/+RdEPd4s7jFfcX8ZkBtZ3vG/Wr6blaMjDDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSpczB21CHALc4nT89RbtZ9u0B2MB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdLmwci3P
XCKUAUH2UHtYtGXv0e5vadvcYFcurDhzEb/j53Dlra9NdNWC7VZOeG0zs5V2UwZ9
fLhznH2Oj79mK8pmZJsOrZ2yZ6xSXasvDJD4E0fKadtHLlwjrK9Ob4YFLU1kPVFA
H6dEQMpJXSYI9qquUiaBOLEP485GnhWG+8bZw58d0uZK1iBhjSWCJbx5nLzqSf7t
bRqaXd8EYy4uVg5BwmtZ/P1p5Wvv/Pp0SM6nBb/KYeqz2/pGQYMQ+LZIZPt4NaqR
WTZpixed7s+og1UvxkRiQwNIoOOK9/kRqK8TpDpPPGtLljsr/+GMF4ZQixjogj/C
0ROfpdG2Eq1RBA==
-----END CERTIFICATE-----