Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          mTYQa3Xvj293XOK2J976elvZJ0bmu4QYGvYi0P6Rz1I=
Subject key identifier:   7B:5A:D5:D9:41:60:0F:22:5B:DA:31:56:B9:19:60:5C:E9:B5:FA:16
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       019A71B88DBEE001E90AFE487A14EAF98855
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          0366
Signing time:             Tue 11 Nov 2025 07:01:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:51 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: QBndUe9ADHu5lxI8tCeQh+WhKRqd14UZ38BMgMvidVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8d:be:e0:01:e9:0a:fe:48:7a:14:ea:f9:88:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Nov 11 07:01:51 2025 GMT
            Not After : Nov 12 07:01:51 2025 GMT
        Subject: CN=7b5ad5d941600f225bda3156b919605ce9b5fa16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:0c:d7:79:9d:23:86:a6:05:08:e0:f8:5b:38:
                    18:91:03:d4:85:5f:f3:21:4b:d9:75:a8:7f:ca:a5:
                    11:46:b6:92:c8:88:a5:fb:3d:75:9b:e0:91:7f:93:
                    8a:39:bb:c2:cc:2f:b7:32:10:f7:39:fe:bd:91:bd:
                    98:7e:57:f6:f5:ed:48:5d:0c:a7:00:96:84:f7:44:
                    55:f0:43:02:d7:fe:37:22:84:1f:a5:8a:34:87:a7:
                    28:56:ce:01:61:ed:36:b5:be:81:2f:65:b7:51:62:
                    3c:c0:ea:35:a4:c1:63:52:0c:b2:bb:e8:0d:1f:05:
                    1f:cc:1f:7b:c8:a0:9b:22:6a:c0:e5:37:87:df:4b:
                    0c:ea:56:bd:6e:77:e3:3d:71:82:3b:fc:60:43:44:
                    94:74:2a:e2:95:49:dd:06:76:eb:1b:3f:20:9b:5d:
                    0a:76:87:02:56:77:e5:5d:9b:61:9b:5d:80:8f:36:
                    ca:bb:a0:9f:35:10:95:76:ce:60:27:33:fd:c2:dd:
                    ea:e6:e0:68:eb:e3:fd:9f:2e:a1:35:92:bc:ac:4e:
                    b1:14:e1:35:e8:e4:8b:4e:98:79:8c:78:20:f5:3d:
                    98:5d:76:30:26:9d:1b:91:cf:67:2a:e7:bc:7a:e5:
                    d9:46:69:dd:03:5d:3b:c5:00:e4:c5:8a:86:87:7a:
                    7a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:5A:D5:D9:41:60:0F:22:5B:DA:31:56:B9:19:60:5C:E9:B5:FA:16
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a7:3d:c7:6c:2d:6c:5f:4e:c0:c0:3c:12:28:43:86:a2:ea:
         99:2b:d3:dc:86:ac:e1:ad:f5:1e:d7:89:ff:dd:37:3c:f5:50:
         b1:db:52:aa:19:d8:22:3f:5d:dc:b4:9d:5e:90:60:28:3a:6f:
         87:a5:dc:a1:bb:27:72:9c:52:be:b1:ee:36:19:8f:c6:2b:d4:
         a5:30:2a:a0:64:f7:a1:b4:7f:2d:fe:3f:da:10:04:5c:f0:4b:
         5b:03:04:8d:5f:b3:fb:8e:f2:d8:79:41:d0:1e:45:fd:e3:73:
         74:35:86:6e:a9:24:a4:9f:d7:25:53:81:c4:63:a7:89:38:a7:
         b8:4d:5f:c2:04:4b:6f:b0:d7:10:ad:c4:1b:f5:88:87:37:19:
         5e:92:94:3d:ba:93:72:0c:b1:7c:e7:84:0c:a3:e4:4e:e5:9a:
         87:53:65:32:b5:5b:6a:0b:7e:66:81:b8:9a:a8:d1:b6:60:2e:
         f4:81:cc:5a:6c:ac:6b:42:f5:87:57:60:0f:73:86:33:13:da:
         a6:83:e7:db:df:5f:5f:1a:8a:37:46:08:0c:65:d5:84:2e:9d:
         d9:46:69:21:0f:6e:15:bf:19:4a:c9:7e:dc:2b:0b:7f:1b:de:
         9a:7a:5d:85:8c:16:15:48:16:81:58:01:ec:4d:4e:d9:12:01:
         5b:fc:9b:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuI2+4AHpCv5IehTq+YhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUxMTExMDcwMTUxWhcNMjUxMTEyMDcwMTUxWjAzMTEwLwYDVQQD
Eyg3YjVhZDVkOTQxNjAwZjIyNWJkYTMxNTZiOTE5NjA1Y2U5YjVmYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wzXeZ0jhqYFCOD4WzgYkQPUhV/z
IUvZdah/yqURRraSyIil+z11m+CRf5OKObvCzC+3MhD3Of69kb2Yflf29e1IXQyn
AJaE90RV8EMC1/43IoQfpYo0h6coVs4BYe02tb6BL2W3UWI8wOo1pMFjUgyyu+gN
HwUfzB97yKCbImrA5TeH30sM6la9bnfjPXGCO/xgQ0SUdCrilUndBnbrGz8gm10K
docCVnflXZthm12AjzbKu6CfNRCVds5gJzP9wt3q5uBo6+P9ny6hNZK8rE6xFOE1
6OSLTph5jHgg9T2YXXYwJp0bkc9nKue8euXZRmndA107xQDkxYqGh3p6JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHta1dlBYA8iW9oxVrkZYFzptfoWMB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6c9x2wt
bF9OwMA8EihDhqLqmSvT3Ias4a31HteJ/903PPVQsdtSqhnYIj9d3LSdXpBgKDpv
h6XcobsncpxSvrHuNhmPxivUpTAqoGT3obR/Lf4/2hAEXPBLWwMEjV+z+47y2HlB
0B5F/eNzdDWGbqkkpJ/XJVOBxGOniTinuE1fwgRLb7DXEK3EG/WIhzcZXpKUPbqT
cgyxfOeEDKPkTuWah1NlMrVbagt+ZoG4mqjRtmAu9IHMWmysa0L1h1dgD3OGMxPa
poPn299fXxqKN0YIDGXVhC6d2UZpIQ9uFb8ZSsl+3CsLfxvemnpdhYwWFUgWgVgB
7E1O2RIBW/ybdA==
-----END CERTIFICATE-----