Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          spnj/1wo94ElAp9mMRmUBr+QB4n+KZRkE+7opLfHY+Y=
Subject key identifier:   D7:90:AA:4D:2F:61:CF:75:16:9A:63:57:41:77:44:CC:CB:39:DF:B6
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       019751FD227BA8AC70630D1E6649228CCAD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          01C8
Signing time:             Mon 09 Jun 2025 00:00:33 +0000
Manifest this update:     Mon 09 Jun 2025 00:00:33 +0000
Manifest next update:     Tue 10 Jun 2025 00:00:33 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: EhCpGPBPkz0sY589KklqOBtPmnmgR4p6MDKQ6YgE8bQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:fd:22:7b:a8:ac:70:63:0d:1e:66:49:22:8c:ca:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Jun  9 00:00:33 2025 GMT
            Not After : Jun 10 00:00:33 2025 GMT
        Subject: CN=d790aa4d2f61cf75169a6357417744cccb39dfb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9b:71:5d:66:f2:70:99:06:c6:00:11:9b:71:
                    22:58:f5:95:aa:ee:12:0d:c5:2d:9d:8e:77:82:e1:
                    4e:68:09:3c:46:28:19:62:14:58:8b:5c:73:b3:96:
                    99:e8:ae:1a:c3:8b:50:f2:c4:3b:27:a4:42:49:f1:
                    be:80:99:ea:00:d7:69:11:f0:8f:8a:0b:7a:40:fd:
                    31:cb:e2:38:e4:39:b9:6f:f1:8d:06:8a:c0:2e:ab:
                    88:f4:16:06:0d:a4:f1:fe:e3:43:41:56:88:14:eb:
                    de:5f:3f:58:16:5e:dd:e3:43:c6:4a:d6:1b:e6:be:
                    1a:36:42:56:55:59:5c:44:cb:03:ae:26:0e:2e:6d:
                    18:a7:b9:39:a4:d7:d9:c0:15:e4:45:3a:6f:02:7b:
                    d0:7e:40:ac:6e:ce:1d:eb:9e:90:08:af:59:55:05:
                    4b:dd:57:2b:6b:f2:89:9e:5b:02:17:08:28:f4:eb:
                    e1:0e:1f:d1:b4:1d:d0:bd:03:88:60:2b:a0:50:26:
                    c8:ca:22:6f:f6:b3:29:31:f7:cb:91:a8:9e:2f:fa:
                    e2:69:2c:84:da:81:57:7f:0e:5a:87:90:b4:fb:0d:
                    96:dc:7b:60:e5:1d:c4:55:cc:c7:81:66:f9:68:8e:
                    83:a0:68:c8:c4:db:69:c8:83:72:b1:aa:47:f1:ab:
                    c1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:90:AA:4D:2F:61:CF:75:16:9A:63:57:41:77:44:CC:CB:39:DF:B6
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:20:02:18:83:85:f0:ec:91:ed:53:82:9f:1d:70:23:cf:83:
         6c:d6:d9:0e:53:b2:5c:fd:b1:a4:fb:65:f0:3f:00:92:ce:da:
         68:c3:ee:3c:c2:eb:6f:33:a7:bb:dd:86:47:b6:dd:9f:61:ab:
         f8:6a:68:54:c1:71:ba:3e:14:fe:00:d8:20:62:23:9b:f6:a8:
         17:b9:fe:1d:ef:dd:96:1e:e2:7e:6e:6d:9e:05:27:86:d8:aa:
         65:59:30:82:47:34:22:6a:d5:2c:30:4c:ac:ea:7e:d7:58:42:
         cc:ce:73:b3:b7:e2:45:4a:5a:e7:79:5f:5b:61:01:c1:9b:45:
         e6:06:64:6c:53:d2:7e:70:05:8d:5d:e2:4a:0b:ef:b9:d6:96:
         a3:11:54:73:60:30:22:c2:ff:60:9f:8c:6e:46:44:10:32:64:
         f3:60:98:cd:0e:ca:ec:2f:83:e9:41:ba:b0:52:c2:d2:9e:b6:
         48:05:51:f8:ce:51:9f:60:52:2b:9d:c3:e7:b0:79:ec:7d:d4:
         12:eb:91:64:b9:73:fd:ce:ee:14:29:30:49:47:56:ee:d1:75:
         46:32:ac:12:d9:24:a5:77:14:12:5f:3d:88:01:b8:d6:8f:1e:
         b3:bf:e6:14:5e:b4:8c:ff:6c:1d:8a:20:ab:fa:2f:c3:d9:a8:
         f1:d6:8f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdR/SJ7qKxwYw0eZkkijMrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUwNjA5MDAwMDMzWhcNMjUwNjEwMDAwMDMzWjAzMTEwLwYDVQQD
EyhkNzkwYWE0ZDJmNjFjZjc1MTY5YTYzNTc0MTc3NDRjY2NiMzlkZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJtxXWbycJkGxgARm3EiWPWVqu4S
DcUtnY53guFOaAk8RigZYhRYi1xzs5aZ6K4aw4tQ8sQ7J6RCSfG+gJnqANdpEfCP
igt6QP0xy+I45Dm5b/GNBorALquI9BYGDaTx/uNDQVaIFOveXz9YFl7d40PGStYb
5r4aNkJWVVlcRMsDriYOLm0Yp7k5pNfZwBXkRTpvAnvQfkCsbs4d656QCK9ZVQVL
3Vcra/KJnlsCFwgo9OvhDh/RtB3QvQOIYCugUCbIyiJv9rMpMffLkaieL/riaSyE
2oFXfw5ah5C0+w2W3Htg5R3EVczHgWb5aI6DoGjIxNtpyINysapH8avBCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeQqk0vYc91FppjV0F3RMzLOd+2MB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABSACGIOF
8OyR7VOCnx1wI8+DbNbZDlOyXP2xpPtl8D8Aks7aaMPuPMLrbzOnu92GR7bdn2Gr
+GpoVMFxuj4U/gDYIGIjm/aoF7n+He/dlh7ifm5tngUnhtiqZVkwgkc0ImrVLDBM
rOp+11hCzM5zs7fiRUpa53lfW2EBwZtF5gZkbFPSfnAFjV3iSgvvudaWoxFUc2Aw
IsL/YJ+MbkZEEDJk82CYzQ7K7C+D6UG6sFLC0p62SAVR+M5Rn2BSK53D57B57H3U
EuuRZLlz/c7uFCkwSUdW7tF1RjKsEtkkpXcUEl89iAG41o8es7/mFF60jP9sHYog
q/ovw9mo8daPGQ==
-----END CERTIFICATE-----