Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
File:                     QBMclDl36gqT787s000dXRyxgq8.mft (raw, json)
Hash identifier:          1onDYRkLWGAX9CSup22A8pcvYobm0at/LpI9xm9vD+4=
Subject key identifier:   26:7B:C5:B2:3E:00:9F:9E:72:9F:76:63:8C:D2:66:5D:F8:35:80:DA
Authority key identifier: 40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF
Certificate issuer:       /CN=40131c943977ea0a93efceecd34d1d5d1cb182af
Certificate serial:       0190452F55D49CD5B14D1E7EC00482C317E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
Manifest number:          0A87
Signing time:             Sun 23 Jun 2024 13:00:48 +0000
Manifest this update:     Sun 23 Jun 2024 13:00:48 +0000
Manifest next update:     Mon 24 Jun 2024 13:00:48 +0000
Files and hashes:         1: QBMclDl36gqT787s000dXRyxgq8.crl (hash: kWsC8dxjx8GBy24rJVzc+h8w35a8VRqZdBEqFs8YYd0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:2f:55:d4:9c:d5:b1:4d:1e:7e:c0:04:82:c3:17:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40131c943977ea0a93efceecd34d1d5d1cb182af
        Validity
            Not Before: Jun 23 13:00:48 2024 GMT
            Not After : Jun 24 13:00:48 2024 GMT
        Subject: CN=267bc5b23e009f9e729f76638cd2665df83580da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:46:44:30:46:af:0c:da:47:4b:d6:a2:a6:2b:
                    7e:55:64:39:7c:c9:ae:34:22:b0:c8:9b:fc:c6:f4:
                    a3:07:fa:36:38:f9:c6:c5:5a:c6:39:10:e1:4a:04:
                    0e:2e:e0:03:35:13:70:0b:16:97:5a:78:07:74:d5:
                    55:31:61:3a:1a:ce:42:24:11:82:93:d2:32:f8:6b:
                    11:81:e0:25:bd:9f:18:b1:60:91:06:46:a6:53:d9:
                    02:75:8a:c6:e7:5e:d9:1c:e1:86:c3:77:87:b6:c6:
                    1a:f2:d5:94:45:54:a6:6e:0e:b2:4b:93:ca:d5:db:
                    b4:8b:5e:b4:ef:4e:79:98:3c:a5:00:f8:45:7c:87:
                    b5:fe:98:5d:a1:5e:9f:1b:19:e0:a4:b3:f1:9b:b3:
                    10:cc:97:28:9a:41:2e:5d:07:1a:3f:b2:80:fd:46:
                    d2:ba:dd:1c:4c:e1:ca:1d:3b:f1:01:32:65:dc:20:
                    0d:da:5d:8c:af:46:de:1c:19:ed:56:c9:d1:b9:9f:
                    0d:a2:12:f7:47:16:38:3d:6e:06:c3:0e:dc:72:ca:
                    9b:1a:c9:ef:e9:a2:70:d3:9c:97:1e:fa:c3:8e:14:
                    6f:18:96:f0:d9:d1:13:f0:cd:7d:30:9f:54:14:62:
                    a5:b6:ee:30:62:cb:07:83:3f:b7:d9:ec:08:2d:86:
                    5f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:7B:C5:B2:3E:00:9F:9E:72:9F:76:63:8C:D2:66:5D:F8:35:80:DA
            X509v3 Authority Key Identifier:
                keyid:40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:d1:00:fc:86:ff:5b:14:8e:97:ae:63:2f:52:47:87:a8:e4:
         76:d4:66:40:2b:37:2c:1f:50:7d:ba:d1:7c:63:b9:ed:c1:cc:
         52:12:0a:d9:9b:b0:8e:1c:09:be:c7:ef:2e:b0:ce:5c:f2:9c:
         dc:f0:d0:4c:5c:10:f1:ea:d6:7f:a4:7c:7f:73:76:c0:0b:7b:
         28:30:4b:84:3a:3e:88:8a:57:49:38:0e:ba:93:94:d2:35:63:
         6b:e4:7b:01:49:f4:20:99:7d:99:c5:82:8d:96:fc:47:72:cb:
         61:71:96:d1:44:71:e9:27:f8:b9:65:e4:ff:8b:cc:3f:e9:a5:
         5f:aa:3f:ac:bb:a4:2a:e7:ca:97:bc:65:ca:68:f7:cd:d4:66:
         9a:04:eb:c0:36:bd:da:f4:4d:5d:0a:c3:a5:4c:b0:c4:48:b3:
         6f:20:6e:2a:7b:91:84:21:f8:f1:49:e6:37:ba:47:d6:55:33:
         9b:de:73:5b:c4:62:b1:37:7f:55:19:b1:df:96:2e:a5:87:54:
         fb:b7:9a:05:96:86:f6:5c:7f:d2:83:0d:4a:1f:a0:f3:c8:74:
         46:96:92:ba:82:d8:5b:ce:a2:e8:d5:8e:58:d2:df:94:a3:92:
         dc:3d:0f:9f:52:26:35:e7:40:3f:b2:1b:f8:23:f7:34:3e:90:
         da:1f:9f:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBFL1XUnNWxTR5+wASCwxfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTMxYzk0Mzk3N2VhMGE5M2VmY2VlY2QzNGQxZDVkMWNi
MTgyYWYwHhcNMjQwNjIzMTMwMDQ4WhcNMjQwNjI0MTMwMDQ4WjAzMTEwLwYDVQQD
EygyNjdiYzViMjNlMDA5ZjllNzI5Zjc2NjM4Y2QyNjY1ZGY4MzU4MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUZEMEavDNpHS9aipit+VWQ5fMmu
NCKwyJv8xvSjB/o2OPnGxVrGORDhSgQOLuADNRNwCxaXWngHdNVVMWE6Gs5CJBGC
k9Iy+GsRgeAlvZ8YsWCRBkamU9kCdYrG517ZHOGGw3eHtsYa8tWURVSmbg6yS5PK
1du0i1607055mDylAPhFfIe1/phdoV6fGxngpLPxm7MQzJcomkEuXQcaP7KA/UbS
ut0cTOHKHTvxATJl3CAN2l2Mr0beHBntVsnRuZ8NohL3RxY4PW4Gww7ccsqbGsnv
6aJw05yXHvrDjhRvGJbw2dET8M19MJ9UFGKltu4wYssHgz+32ewILYZfFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZ7xbI+AJ+ecp92Y4zSZl34NYDaMB8GA1UdIwQY
MBaAFEATHJQ5d+oKk+/O7NNNHV0csYKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEt
MmI2NDlkNWViYWYzLzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEtMmI2NDlkNWViYWYz
LzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9EA/Ib/
WxSOl65jL1JHh6jkdtRmQCs3LB9QfbrRfGO57cHMUhIK2ZuwjhwJvsfvLrDOXPKc
3PDQTFwQ8erWf6R8f3N2wAt7KDBLhDo+iIpXSTgOupOU0jVja+R7AUn0IJl9mcWC
jZb8R3LLYXGW0URx6Sf4uWXk/4vMP+mlX6o/rLukKufKl7xlymj3zdRmmgTrwDa9
2vRNXQrDpUywxEizbyBuKnuRhCH48UnmN7pH1lUzm95zW8RisTd/VRmx35YupYdU
+7eaBZaG9lx/0oMNSh+g88h0RpaSuoLYW86i6NWOWNLflKOS3D0Pn1ImNedAP7Ib
+CP3ND6Q2h+fAA==
-----END CERTIFICATE-----