Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
File:                     qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft (raw, json)
Hash identifier:          tV7zjRlcsTEjzLzo26LZNmUWUE5pC96aiqe1JBQyexs=
Subject key identifier:   61:85:8E:C0:5E:F1:6E:4F:21:C8:49:7E:46:41:F0:84:BF:BB:BB:AF
Authority key identifier: A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F
Certificate issuer:       /CN=a9240f027a9409229c59ff630aa2a80f9378a93f
Certificate serial:       019511D93E543D804736A3A30BB0E571C95B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
Manifest number:          0FA9
Signing time:             Mon 17 Feb 2025 03:00:04 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:04 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:04 +0000
Files and hashes:         1: qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl (hash: EiZNDuzV/IOYKmJCU50B2gQrLTeXKKkABs/hlbho82Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:3e:54:3d:80:47:36:a3:a3:0b:b0:e5:71:c9:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9240f027a9409229c59ff630aa2a80f9378a93f
        Validity
            Not Before: Feb 17 03:00:04 2025 GMT
            Not After : Feb 18 03:00:04 2025 GMT
        Subject: CN=61858ec05ef16e4f21c8497e4641f084bfbbbbaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f8:a8:d4:69:8f:b5:f2:d4:55:4a:2e:db:0a:
                    58:3a:fa:f7:5b:54:db:dc:ff:26:af:39:01:ed:06:
                    3f:ce:ab:15:b8:b0:20:6d:da:23:cd:11:3a:8d:d5:
                    fa:75:c5:17:32:da:9e:49:fc:31:5a:00:55:71:7a:
                    4e:c2:5e:e4:11:77:a5:de:7d:91:5d:e6:45:c1:fd:
                    48:8a:06:cd:26:3c:6e:e5:f3:cf:43:f7:ce:28:bc:
                    57:57:95:07:df:66:c5:76:fd:d1:d3:ed:36:65:c4:
                    c9:6b:f9:f0:3b:f1:ae:1e:0e:d2:35:37:66:53:1d:
                    a9:55:14:23:a9:ed:56:0c:11:b3:69:e9:cd:86:ba:
                    b0:a6:27:78:2c:95:a7:2e:e3:b4:2b:e9:82:9d:e7:
                    61:ad:ce:c0:4c:44:e1:ab:85:b0:73:85:19:3f:67:
                    aa:e0:ca:b5:fd:d5:d6:73:2b:1d:bc:9e:ff:82:df:
                    4f:a0:3d:e0:e5:f1:86:d7:99:f1:c3:40:c9:28:dd:
                    6d:39:a7:38:79:90:3c:5b:f2:93:d3:16:36:ea:4b:
                    06:fd:b0:64:ff:fe:d4:30:6a:6e:43:5d:0d:3c:4d:
                    62:47:c2:64:6c:9b:41:58:cb:7a:a6:b3:1d:b4:83:
                    c2:a0:28:a9:66:b6:18:6d:91:45:21:51:4f:86:e6:
                    78:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:85:8E:C0:5E:F1:6E:4F:21:C8:49:7E:46:41:F0:84:BF:BB:BB:AF
            X509v3 Authority Key Identifier:
                keyid:A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:e3:3b:27:8c:74:f6:9c:88:2e:4e:e3:4f:5a:5b:a6:ba:8b:
         8c:4f:7f:8e:af:24:d1:b8:20:2f:10:c7:f9:f5:d6:bf:13:f4:
         4c:c2:82:8c:99:57:8e:d4:d4:f4:de:45:be:23:5d:a0:6d:22:
         25:49:47:d4:d1:65:80:6c:03:17:52:ca:bf:f7:ec:d1:7a:06:
         46:e0:5f:f2:58:a2:c3:31:f3:ca:4f:c4:fd:81:57:4d:ce:c9:
         70:65:3f:8c:99:a9:14:7f:ad:8a:0a:d0:62:c6:60:75:6e:7b:
         bb:87:4e:79:b5:7c:76:ad:f3:b3:8b:90:20:2a:7a:33:bb:46:
         63:78:2c:5e:94:45:66:c5:c8:75:6e:ac:bb:8f:26:73:92:46:
         5a:84:f3:f3:09:ed:93:44:2a:eb:fa:d2:82:26:cb:e9:2f:ee:
         72:c3:15:b3:10:d2:1a:5e:2c:f3:42:c8:e2:89:fb:07:e6:4f:
         5a:90:43:8a:b4:6f:12:aa:18:02:ed:90:3e:e3:f1:09:81:96:
         d5:8c:d7:a3:a7:07:c4:8c:d6:25:f7:42:d2:83:f6:d1:35:21:
         b5:63:7d:59:8f:e7:3f:af:7f:6a:13:42:50:87:38:35:19:6a:
         a4:a5:b5:d8:01:80:58:77:e9:c1:f7:32:50:79:71:96:4e:70:
         19:5b:7f:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2T5UPYBHNqOjC7DlcclbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjQwZjAyN2E5NDA5MjI5YzU5ZmY2MzBhYTJhODBmOTM3
OGE5M2YwHhcNMjUwMjE3MDMwMDA0WhcNMjUwMjE4MDMwMDA0WjAzMTEwLwYDVQQD
Eyg2MTg1OGVjMDVlZjE2ZTRmMjFjODQ5N2U0NjQxZjA4NGJmYmJiYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvio1GmPtfLUVUou2wpYOvr3W1Tb
3P8mrzkB7QY/zqsVuLAgbdojzRE6jdX6dcUXMtqeSfwxWgBVcXpOwl7kEXel3n2R
XeZFwf1IigbNJjxu5fPPQ/fOKLxXV5UH32bFdv3R0+02ZcTJa/nwO/GuHg7SNTdm
Ux2pVRQjqe1WDBGzaenNhrqwpid4LJWnLuO0K+mCnedhrc7ATEThq4Wwc4UZP2eq
4Mq1/dXWcysdvJ7/gt9PoD3g5fGG15nxw0DJKN1tOac4eZA8W/KT0xY26ksG/bBk
//7UMGpuQ10NPE1iR8JkbJtBWMt6prMdtIPCoCipZrYYbZFFIVFPhuZ4mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGFjsBe8W5PIchJfkZB8IS/u7uvMB8GA1UdIwQY
MBaAFKkkDwJ6lAkinFn/YwqiqA+TeKk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2Qt
M2QxYjNhODZjZTg3LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2QtM2QxYjNhODZjZTg3
LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuM7J4x0
9pyILk7jT1pbprqLjE9/jq8k0bggLxDH+fXWvxP0TMKCjJlXjtTU9N5FviNdoG0i
JUlH1NFlgGwDF1LKv/fs0XoGRuBf8liiwzHzyk/E/YFXTc7JcGU/jJmpFH+tigrQ
YsZgdW57u4dOebV8dq3zs4uQICp6M7tGY3gsXpRFZsXIdW6su48mc5JGWoTz8wnt
k0Qq6/rSgibL6S/ucsMVsxDSGl4s80LI4on7B+ZPWpBDirRvEqoYAu2QPuPxCYGW
1YzXo6cHxIzWJfdC0oP20TUhtWN9WY/nP69/ahNCUIc4NRlqpKW12AGAWHfpwfcy
UHlxlk5wGVt/qg==
-----END CERTIFICATE-----