Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          OfWBv3Lt3+xswjVkboWCo0xN+mClnuwu6C46R0BDLNQ=
Subject key identifier:   23:48:FB:A0:2C:FF:54:B6:6F:72:47:EA:0E:4B:C6:4C:6F:AB:E3:C9
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       019578D92B9A1B30AE8F5530DB6B2C50091B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          D3
Signing time:             Sun 09 Mar 2025 03:00:53 +0000
Manifest this update:     Sun 09 Mar 2025 03:00:53 +0000
Manifest next update:     Mon 10 Mar 2025 03:00:53 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: MhnwsY2Qi6QVC3kT6IWPWi+4iLFmR4Fk1mrGBiCteFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 09 Mar 2025 21:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:78:d9:2b:9a:1b:30:ae:8f:55:30:db:6b:2c:50:09:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Mar  9 03:00:53 2025 GMT
            Not After : Mar 10 03:00:53 2025 GMT
        Subject: CN=2348fba02cff54b66f7247ea0e4bc64c6fabe3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:70:9c:b3:bc:9f:63:27:2b:dd:ce:e9:bb:39:
                    60:4e:b7:71:7c:93:1e:5c:c7:b5:8e:3c:6b:8b:9f:
                    00:ed:f3:8c:22:a3:c0:76:3a:cb:4e:dd:09:9e:1f:
                    2e:fc:83:aa:22:cd:00:43:05:93:83:72:11:cb:ce:
                    80:eb:49:a4:4a:f3:aa:0f:9b:89:d8:e7:c2:14:0c:
                    7a:18:0f:ec:58:52:39:67:2c:1c:df:9f:79:6e:f6:
                    75:e5:8c:e1:4a:1b:80:a5:7f:25:40:23:d6:a2:84:
                    27:d0:9c:93:52:8d:ac:35:b5:f0:6c:52:d9:71:f8:
                    06:d9:23:7e:5e:70:8e:51:a9:29:b2:99:b4:b0:d2:
                    71:09:83:b9:fa:2e:cc:89:16:d0:34:97:84:5e:0f:
                    c5:37:36:7e:a5:2c:30:0b:e4:4f:ef:68:e9:49:a7:
                    ad:29:ce:ab:4b:60:86:c2:c6:57:fb:bb:14:06:84:
                    81:90:6c:4a:49:26:66:8f:02:82:04:c2:5d:6a:de:
                    68:28:3d:65:6b:6d:0e:bd:1a:68:97:15:c7:c8:a2:
                    11:93:10:a2:2a:6a:84:a6:8e:9f:90:94:8e:b0:4b:
                    1f:78:2c:29:be:ba:98:e8:a0:45:f4:1a:3a:03:db:
                    2e:ae:db:41:65:51:6a:3c:5e:ee:29:e3:1e:b8:85:
                    74:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:48:FB:A0:2C:FF:54:B6:6F:72:47:EA:0E:4B:C6:4C:6F:AB:E3:C9
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:9b:36:4d:df:e1:c6:3c:1f:52:ac:20:46:b1:c8:27:63:78:
         d5:af:b7:3a:b4:6e:9c:b7:1a:c0:f9:ac:91:b6:2a:8d:eb:0c:
         af:e3:7b:7c:3b:d5:19:77:2f:9d:8b:0b:62:5c:16:4a:17:a2:
         d0:a9:63:dd:7b:53:f7:31:8c:b5:79:41:9d:5a:d4:d9:2c:38:
         14:8e:85:fe:18:c2:2b:6f:f2:88:4d:8f:30:10:a1:35:7d:c0:
         ed:f8:b8:d5:15:06:1d:71:7b:c9:3e:93:f1:70:95:aa:9a:a6:
         a3:20:1f:56:5b:e9:14:3e:44:8e:03:75:6b:90:c9:7f:4c:df:
         58:aa:7f:5d:99:a2:e8:27:a4:65:e2:a9:67:92:63:91:98:2a:
         a8:54:c1:9c:2e:a7:84:18:89:ab:a5:26:e5:bc:9f:6f:cd:c9:
         34:ad:af:83:a6:b3:d7:9b:d4:52:99:1d:0a:89:36:17:cb:af:
         a1:63:c5:5a:71:b8:0c:58:f0:58:50:f1:c2:f3:30:9e:69:f6:
         43:9d:30:cd:b9:36:1d:c2:2c:4e:5b:8a:13:14:fa:3c:11:ba:
         af:a7:d1:dc:75:9c:6e:ec:b3:24:67:91:6d:4c:0b:4b:f6:f5:
         32:89:98:20:02:db:36:3c:fb:a1:58:2b:1d:b5:76:6a:4a:97:
         3d:16:aa:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV42SuaGzCuj1Uw22ssUAkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUwMzA5MDMwMDUzWhcNMjUwMzEwMDMwMDUzWjAzMTEwLwYDVQQD
EygyMzQ4ZmJhMDJjZmY1NGI2NmY3MjQ3ZWEwZTRiYzY0YzZmYWJlM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXCcs7yfYycr3c7puzlgTrdxfJMe
XMe1jjxri58A7fOMIqPAdjrLTt0Jnh8u/IOqIs0AQwWTg3IRy86A60mkSvOqD5uJ
2OfCFAx6GA/sWFI5Zywc3595bvZ15YzhShuApX8lQCPWooQn0JyTUo2sNbXwbFLZ
cfgG2SN+XnCOUakpspm0sNJxCYO5+i7MiRbQNJeEXg/FNzZ+pSwwC+RP72jpSaet
Kc6rS2CGwsZX+7sUBoSBkGxKSSZmjwKCBMJdat5oKD1la20OvRpolxXHyKIRkxCi
KmqEpo6fkJSOsEsfeCwpvrqY6KBF9Bo6A9surttBZVFqPF7uKeMeuIV0+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNI+6As/1S2b3JH6g5Lxkxvq+PJMB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYps2Td/h
xjwfUqwgRrHIJ2N41a+3OrRunLcawPmskbYqjesMr+N7fDvVGXcvnYsLYlwWShei
0Klj3XtT9zGMtXlBnVrU2Sw4FI6F/hjCK2/yiE2PMBChNX3A7fi41RUGHXF7yT6T
8XCVqpqmoyAfVlvpFD5EjgN1a5DJf0zfWKp/XZmi6CekZeKpZ5JjkZgqqFTBnC6n
hBiJq6Um5byfb83JNK2vg6az15vUUpkdCok2F8uvoWPFWnG4DFjwWFDxwvMwnmn2
Q50wzbk2HcIsTluKExT6PBG6r6fR3HWcbuyzJGeRbUwLS/b1MomYIALbNjz7oVgr
HbV2akqXPRaqvg==
-----END CERTIFICATE-----