Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          GR80podrtWvrAqRZm/ScU9JY5wiVV5LVppb970JMGbE=
Subject key identifier:   73:CE:3D:69:F3:15:D0:72:39:60:DD:9C:83:5F:1C:71:B5:4B:3B:30
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       0198D660C0AC2A305AE9DA3EB99C506B70F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          0291
Signing time:             Sat 23 Aug 2025 10:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:01 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: OcbJNcHt3dvT1cYrNyaDKMLmP5P53SSa7EEzVkFWnJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:c0:ac:2a:30:5a:e9:da:3e:b9:9c:50:6b:70:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Aug 23 10:02:01 2025 GMT
            Not After : Aug 24 10:02:01 2025 GMT
        Subject: CN=73ce3d69f315d0723960dd9c835f1c71b54b3b30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3c:d9:a9:61:71:21:eb:9b:0f:d6:25:3a:f8:
                    f7:26:aa:7a:c9:d2:34:b5:43:3b:22:b1:7c:13:70:
                    85:63:dc:81:26:a4:a1:bf:c4:f2:15:00:9a:9a:47:
                    96:fb:cf:28:9d:bb:fb:d1:c4:7d:50:9f:99:1e:1a:
                    f6:1a:59:f3:fb:06:49:f7:c4:ab:d6:2b:5e:fe:b5:
                    a9:39:94:09:b3:73:b4:f5:87:04:86:7e:38:f8:d4:
                    52:45:48:d2:ee:57:0e:82:07:23:96:2a:d2:ec:92:
                    56:2d:a3:3c:c9:05:f6:3c:43:82:ef:72:99:2d:0d:
                    f0:cb:33:c2:38:bb:73:de:77:8e:5d:cd:cf:ba:60:
                    f7:bb:55:bf:7f:81:85:b6:39:67:d3:3e:0b:56:d1:
                    07:17:91:b3:67:0f:74:d6:ca:a4:fd:2d:55:de:11:
                    b2:90:21:94:60:7c:cc:5a:f7:85:29:05:03:46:59:
                    11:91:8c:17:d0:27:b9:5b:f6:de:cd:8e:51:83:b7:
                    4c:39:bb:cd:8f:40:a7:e4:32:0d:3d:2e:ec:ed:7c:
                    00:59:52:fd:73:88:ee:8b:60:50:7e:21:d0:49:06:
                    6a:9d:5a:5e:97:09:90:af:c1:de:62:eb:78:00:ae:
                    3b:11:0f:9a:34:25:67:b6:2a:cf:68:bc:56:20:2b:
                    b6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:CE:3D:69:F3:15:D0:72:39:60:DD:9C:83:5F:1C:71:B5:4B:3B:30
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:0d:df:4e:c8:54:a1:24:c9:88:ba:05:6e:76:11:c9:40:7e:
         37:fc:5c:fc:2a:63:d0:4d:50:1f:c5:d6:21:5e:93:ca:f5:ec:
         32:d2:b5:f1:f6:d6:fe:a0:c3:ba:15:c1:22:fc:15:b0:0e:51:
         c1:1a:25:db:bd:91:d4:61:f0:75:a6:dc:28:60:8c:23:fb:b8:
         a3:2a:d0:aa:62:27:fc:eb:5f:c7:6f:47:2c:c6:83:c0:8c:25:
         16:3f:b2:3f:01:5a:1b:34:31:12:7a:92:c4:fb:a0:ca:6c:4f:
         85:bd:30:26:49:3d:8f:26:01:cd:84:55:9a:90:51:a8:c9:5c:
         5d:29:b0:bd:e3:b3:cf:15:1f:21:29:dd:f6:62:85:92:2a:3f:
         de:5e:ce:75:a8:59:f3:45:78:95:08:74:03:cd:cf:82:ba:66:
         2e:c9:4a:44:ea:2f:a2:ca:b6:ea:59:7f:51:19:54:74:ee:ab:
         a2:97:f8:cf:b9:be:0d:51:58:57:c1:89:e2:cb:f0:2e:6f:5f:
         6c:3d:2c:62:c1:f8:f6:20:10:80:65:80:46:2c:1b:53:4e:55:
         90:39:4b:cd:f9:76:03:fe:1f:39:28:4e:ed:6a:2a:e9:e0:74:
         5e:05:e5:bb:5f:0a:c7:c5:b2:00:0e:e4:b6:50:95:57:e1:ac:
         9d:2c:84:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMCsKjBa6do+uZxQa3D4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUwODIzMTAwMjAxWhcNMjUwODI0MTAwMjAxWjAzMTEwLwYDVQQD
Eyg3M2NlM2Q2OWYzMTVkMDcyMzk2MGRkOWM4MzVmMWM3MWI1NGIzYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjzZqWFxIeubD9YlOvj3Jqp6ydI0
tUM7IrF8E3CFY9yBJqShv8TyFQCamkeW+88onbv70cR9UJ+ZHhr2Glnz+wZJ98Sr
1ite/rWpOZQJs3O09YcEhn44+NRSRUjS7lcOggcjlirS7JJWLaM8yQX2PEOC73KZ
LQ3wyzPCOLtz3neOXc3PumD3u1W/f4GFtjln0z4LVtEHF5GzZw901sqk/S1V3hGy
kCGUYHzMWveFKQUDRlkRkYwX0Ce5W/bezY5Rg7dMObvNj0Cn5DINPS7s7XwAWVL9
c4jui2BQfiHQSQZqnVpelwmQr8HeYut4AK47EQ+aNCVntirPaLxWICu2SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPOPWnzFdByOWDdnINfHHG1SzswMB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQ3fTshU
oSTJiLoFbnYRyUB+N/xc/Cpj0E1QH8XWIV6TyvXsMtK18fbW/qDDuhXBIvwVsA5R
wRol272R1GHwdabcKGCMI/u4oyrQqmIn/Otfx29HLMaDwIwlFj+yPwFaGzQxEnqS
xPugymxPhb0wJkk9jyYBzYRVmpBRqMlcXSmwveOzzxUfISnd9mKFkio/3l7OdahZ
80V4lQh0A83PgrpmLslKROovosq26ll/URlUdO6ropf4z7m+DVFYV8GJ4svwLm9f
bD0sYsH49iAQgGWARiwbU05VkDlLzfl2A/4fOShO7Woq6eB0XgXlu18Kx8WyAA7k
tlCVV+GsnSyEgg==
-----END CERTIFICATE-----