Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          ftyIejwgV+jpivC2CmKdHrnduWEPip+aomTVw8+2mCM=
Subject key identifier:   B0:B2:09:7E:90:42:52:31:BD:E0:64:87:DF:DB:39:E1:A7:38:CF:11
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       0197B8902F3AE07BEB719A713E5CE10680DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          01FD
Signing time:             Sat 28 Jun 2025 22:02:26 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:26 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:26 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: 4154Z501NzimBB8tABW/R9eu7CgNQkK4Cz+Hkxe0b0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:2f:3a:e0:7b:eb:71:9a:71:3e:5c:e1:06:80:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Jun 28 22:02:26 2025 GMT
            Not After : Jun 29 22:02:26 2025 GMT
        Subject: CN=b0b2097e90425231bde06487dfdb39e1a738cf11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e8:bc:65:e2:7a:03:04:e6:75:b3:d5:22:5f:
                    86:62:71:c8:bb:4d:b4:43:a5:10:e5:a0:4d:91:77:
                    e8:bd:57:7f:f3:e1:81:6e:87:9d:21:a7:96:2f:0f:
                    0c:64:cf:0f:b2:5e:50:dc:a7:81:b3:1b:73:92:3d:
                    ab:8f:11:f0:be:f5:75:0e:63:06:d2:b6:f5:e9:1a:
                    d8:bc:d1:12:59:05:25:61:01:77:ef:7e:3c:cf:d4:
                    1f:5b:c8:61:29:6c:e8:21:ea:19:b3:8d:a6:19:ac:
                    54:19:75:fb:16:d7:bd:ae:7e:15:22:b0:cf:72:7e:
                    01:fe:c2:3e:ba:51:9b:29:62:83:bd:59:f7:8e:65:
                    e2:23:e2:a8:42:43:cc:13:6d:96:f8:10:6e:1d:98:
                    28:4c:13:4f:54:4d:2e:68:83:13:24:4a:31:e2:63:
                    4e:85:d5:17:69:27:4d:fb:a9:75:49:51:50:b6:bf:
                    7e:de:b9:b3:a2:1d:43:71:1b:18:3a:83:4c:32:7d:
                    53:76:9b:d5:3b:27:a7:e2:c0:30:80:78:9a:63:25:
                    d0:4d:12:03:c1:d9:db:7c:3b:4e:68:08:0f:95:e2:
                    06:df:bb:6f:0b:ce:b9:b6:fb:7c:e7:40:38:ac:d5:
                    f2:c0:36:da:d0:51:44:73:61:53:41:9e:61:64:76:
                    ef:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B2:09:7E:90:42:52:31:BD:E0:64:87:DF:DB:39:E1:A7:38:CF:11
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:f0:92:2f:4f:60:11:dc:77:e6:e8:c4:4a:f2:e4:9e:46:e1:
         f7:1f:95:b9:36:95:5b:19:ac:01:f2:16:d5:ed:d9:53:75:c5:
         1a:6e:b0:fd:f6:3d:c9:52:9d:59:4c:de:a0:cb:ba:0d:00:94:
         55:50:f0:f8:c7:89:cb:1d:8e:0a:a0:01:63:5c:11:fd:69:85:
         7a:5d:88:d8:61:ac:8f:47:32:b6:27:a0:ae:b5:23:0a:bb:24:
         15:4c:aa:f7:df:7e:03:51:06:17:23:d9:2f:73:13:ad:44:c2:
         04:56:db:b7:8e:f4:ff:70:5d:55:22:9f:5d:7b:96:4a:84:c3:
         9f:74:62:2a:e0:60:06:c5:4b:e7:9b:d2:ae:cb:9f:df:19:6c:
         79:d7:c2:b7:6c:b7:07:7b:f3:bb:7c:e1:02:2b:c0:58:fb:12:
         d8:8a:a7:a1:a8:37:5c:2a:2b:20:0e:e2:0e:a9:0b:51:0c:10:
         5f:e6:b3:6e:36:66:64:5e:d5:c3:7b:6f:5f:e9:19:ba:38:02:
         62:29:f9:f2:b3:5a:0f:db:7e:7c:ec:f4:55:2f:ac:09:c9:96:
         a4:10:b8:31:9f:4c:c6:c1:bb:1b:71:22:17:9b:68:70:fd:40:
         c0:0a:eb:7f:e1:f6:eb:79:a7:67:9a:c0:a7:1f:54:bb:29:46:
         af:a5:ef:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kC864HvrcZpxPlzhBoDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUwNjI4MjIwMjI2WhcNMjUwNjI5MjIwMjI2WjAzMTEwLwYDVQQD
EyhiMGIyMDk3ZTkwNDI1MjMxYmRlMDY0ODdkZmRiMzllMWE3MzhjZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOi8ZeJ6AwTmdbPVIl+GYnHIu020
Q6UQ5aBNkXfovVd/8+GBboedIaeWLw8MZM8Psl5Q3KeBsxtzkj2rjxHwvvV1DmMG
0rb16RrYvNESWQUlYQF37348z9QfW8hhKWzoIeoZs42mGaxUGXX7Fte9rn4VIrDP
cn4B/sI+ulGbKWKDvVn3jmXiI+KoQkPME22W+BBuHZgoTBNPVE0uaIMTJEox4mNO
hdUXaSdN+6l1SVFQtr9+3rmzoh1DcRsYOoNMMn1TdpvVOyen4sAwgHiaYyXQTRID
wdnbfDtOaAgPleIG37tvC865tvt850A4rNXywDba0FFEc2FTQZ5hZHbvsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCyCX6QQlIxveBkh9/bOeGnOM8RMB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfCSL09g
Edx35ujESvLknkbh9x+VuTaVWxmsAfIW1e3ZU3XFGm6w/fY9yVKdWUzeoMu6DQCU
VVDw+MeJyx2OCqABY1wR/WmFel2I2GGsj0cytiegrrUjCrskFUyq999+A1EGFyPZ
L3MTrUTCBFbbt470/3BdVSKfXXuWSoTDn3RiKuBgBsVL55vSrsuf3xlsedfCt2y3
B3vzu3zhAivAWPsS2Iqnoag3XCorIA7iDqkLUQwQX+azbjZmZF7Vw3tvX+kZujgC
Yin58rNaD9t+fOz0VS+sCcmWpBC4MZ9MxsG7G3EiF5tocP1AwArrf+H263mnZ5rA
px9UuylGr6Xvmw==
-----END CERTIFICATE-----