Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          1klUigocq+RWWzVT5HIDzyWe3PA00Bhft7B6H7qtO0s=
Subject key identifier:   7F:09:8F:51:38:2B:FA:4C:D7:40:DE:24:17:26:81:59:4B:73:96:49
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       0196C5030E6265828AA5092848E3EB9AE1AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          017F
Signing time:             Mon 12 May 2025 15:00:33 +0000
Manifest this update:     Mon 12 May 2025 15:00:33 +0000
Manifest next update:     Tue 13 May 2025 15:00:33 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: R7gJ5bHsyRUU/gHdlsva6aZohTHy6sNgjRrHDUZSbsk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:03:0e:62:65:82:8a:a5:09:28:48:e3:eb:9a:e1:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: May 12 15:00:33 2025 GMT
            Not After : May 13 15:00:33 2025 GMT
        Subject: CN=7f098f51382bfa4cd740de24172681594b739649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:75:1f:5c:22:03:95:f6:96:0d:50:b3:8a:4d:
                    6e:f0:65:77:7b:92:be:da:43:f2:f9:33:74:87:e5:
                    7e:89:9d:09:0f:91:96:e9:6a:e1:02:77:20:c2:db:
                    e8:28:c2:9c:51:70:ad:61:c5:45:f4:0b:03:47:55:
                    9b:d6:cf:28:67:86:37:aa:e2:14:f0:9e:97:73:06:
                    45:a4:7f:72:a8:54:ea:10:59:e3:31:fb:04:af:75:
                    71:96:b9:f2:1c:08:4d:22:e2:9b:24:ff:24:3b:b3:
                    f4:c4:30:6d:d1:14:e0:7c:57:2b:4c:e7:74:7e:02:
                    6e:11:61:6f:19:b9:8f:a7:80:45:db:07:45:2c:f9:
                    96:a5:f0:eb:ed:76:c8:fe:5f:f7:af:94:67:94:35:
                    7d:cd:c4:24:7c:c4:9c:1c:11:29:70:fd:29:0e:5a:
                    1b:7e:ad:be:6a:5c:0b:2b:69:8c:63:c6:b8:68:4f:
                    71:7f:a0:4d:69:18:a7:c9:87:f0:3b:b4:c7:70:f3:
                    b0:10:fb:71:c3:d0:0b:0e:6f:91:4a:21:5a:a1:f4:
                    a5:03:b9:92:6c:2a:fb:6c:cc:fc:06:3f:83:1b:db:
                    41:c2:ba:9d:a4:88:c3:2b:c6:a1:3b:25:fd:30:f1:
                    da:90:35:3c:f0:e6:fe:50:33:c5:51:ed:13:08:f6:
                    eb:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:09:8F:51:38:2B:FA:4C:D7:40:DE:24:17:26:81:59:4B:73:96:49
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:a7:6f:3a:78:cb:da:ec:e4:00:da:c0:8f:57:93:a1:c2:a0:
         eb:66:8a:6a:0a:45:2c:63:b3:d8:df:ee:49:f4:95:17:87:31:
         5b:e5:35:6b:71:41:e6:59:8c:a6:c0:c6:3c:26:16:b7:39:5c:
         d1:f6:9f:f8:cd:22:85:fc:50:ad:c1:b1:06:24:e3:e1:8d:d3:
         07:e2:59:de:c8:37:97:13:82:13:eb:95:2a:87:b6:38:38:d1:
         71:f3:cd:3e:34:74:0e:1a:62:ac:0a:aa:78:93:b6:9e:ce:39:
         d3:7e:c2:c1:51:c4:51:1a:62:e7:03:97:fb:c1:5e:b3:39:f7:
         0d:fd:b5:6a:b0:0e:f6:0f:ff:56:fc:ca:e7:36:cb:cb:60:8e:
         85:a0:79:2d:71:b9:26:8c:ff:b5:f8:79:28:90:b2:c9:05:d3:
         fe:6f:3c:2f:3f:d9:77:a1:47:9f:0f:c1:c3:a9:d2:44:71:34:
         75:36:fe:f6:90:91:f0:2b:18:21:bf:f3:d8:93:9a:79:30:f3:
         01:5d:38:30:8c:25:3b:8a:74:74:f2:c2:63:75:d2:97:76:ea:
         1f:b5:5c:5f:46:51:45:89:a3:9c:4e:d4:01:ac:9f:2d:d0:1f:
         98:9f:ce:65:4b:6d:ca:0d:e1:c3:f9:9b:23:14:f4:ca:49:67:
         47:8f:95:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFAw5iZYKKpQkoSOPrmuGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUwNTEyMTUwMDMzWhcNMjUwNTEzMTUwMDMzWjAzMTEwLwYDVQQD
Eyg3ZjA5OGY1MTM4MmJmYTRjZDc0MGRlMjQxNzI2ODE1OTRiNzM5NjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnUfXCIDlfaWDVCzik1u8GV3e5K+
2kPy+TN0h+V+iZ0JD5GW6WrhAncgwtvoKMKcUXCtYcVF9AsDR1Wb1s8oZ4Y3quIU
8J6XcwZFpH9yqFTqEFnjMfsEr3VxlrnyHAhNIuKbJP8kO7P0xDBt0RTgfFcrTOd0
fgJuEWFvGbmPp4BF2wdFLPmWpfDr7XbI/l/3r5RnlDV9zcQkfMScHBEpcP0pDlob
fq2+alwLK2mMY8a4aE9xf6BNaRinyYfwO7THcPOwEPtxw9ALDm+RSiFaofSlA7mS
bCr7bMz8Bj+DG9tBwrqdpIjDK8ahOyX9MPHakDU88Ob+UDPFUe0TCPbrGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8Jj1E4K/pM10DeJBcmgVlLc5ZJMB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKdvOnjL
2uzkANrAj1eTocKg62aKagpFLGOz2N/uSfSVF4cxW+U1a3FB5lmMpsDGPCYWtzlc
0faf+M0ihfxQrcGxBiTj4Y3TB+JZ3sg3lxOCE+uVKoe2ODjRcfPNPjR0DhpirAqq
eJO2ns45037CwVHEURpi5wOX+8Feszn3Df21arAO9g//VvzK5zbLy2COhaB5LXG5
Joz/tfh5KJCyyQXT/m88Lz/Zd6FHnw/Bw6nSRHE0dTb+9pCR8CsYIb/z2JOaeTDz
AV04MIwlO4p0dPLCY3XSl3bqH7VcX0ZRRYmjnE7UAayfLdAfmJ/OZUttyg3hw/mb
IxT0yklnR4+V4Q==
-----END CERTIFICATE-----