Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
File:                     QBMclDl36gqT787s000dXRyxgq8.mft (raw, json)
Hash identifier:          bN510uI3pe3ao3fKg4WWKtz/TLQncZ3ishWxvcioPU8=
Subject key identifier:   B6:22:CE:E8:F1:A9:17:8F:8D:50:21:20:E8:36:F5:CF:00:39:48:52
Authority key identifier: 40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF
Certificate issuer:       /CN=40131c943977ea0a93efceecd34d1d5d1cb182af
Certificate serial:       01901E9010FE2484F68C0FDB290D6107DD05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
Manifest number:          0A73
Signing time:             Sun 16 Jun 2024 01:01:16 +0000
Manifest this update:     Sun 16 Jun 2024 01:01:16 +0000
Manifest next update:     Mon 17 Jun 2024 01:01:16 +0000
Files and hashes:         1: QBMclDl36gqT787s000dXRyxgq8.crl (hash: jnYXr+JwsL9t+6gcALwTIaSVfP4boWZ6/zSPmpmx5RM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:90:10:fe:24:84:f6:8c:0f:db:29:0d:61:07:dd:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40131c943977ea0a93efceecd34d1d5d1cb182af
        Validity
            Not Before: Jun 16 01:01:16 2024 GMT
            Not After : Jun 17 01:01:16 2024 GMT
        Subject: CN=b622cee8f1a9178f8d502120e836f5cf00394852
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cb:be:d1:4e:f0:be:20:e1:c7:37:d0:4a:81:
                    10:49:42:9f:5d:9d:59:70:a1:bf:78:03:8f:53:e4:
                    29:62:05:3e:ef:8c:3d:61:38:b1:58:06:41:8b:a1:
                    19:fc:af:49:d3:4a:41:64:1c:83:9a:f7:80:f0:39:
                    bf:74:3c:0b:39:96:0b:9b:3e:ea:35:cf:b2:85:a8:
                    1b:5e:88:63:59:30:6d:a7:f9:15:aa:1b:69:db:62:
                    87:5c:c8:4e:2a:5c:0b:db:77:44:87:3c:02:b7:7c:
                    2e:98:f5:79:78:49:0d:7c:13:2a:11:b6:8d:ee:07:
                    17:c8:29:ff:77:74:81:8a:3a:0d:42:bf:c5:1c:67:
                    7e:10:92:19:37:a2:a9:1d:c1:da:b6:f1:b6:42:6c:
                    0c:54:42:9a:c7:c1:a4:8b:03:92:36:74:3c:31:ea:
                    e5:8b:cb:07:d9:b7:d5:5b:6b:5c:08:c2:88:03:c6:
                    8e:d3:25:64:66:a4:6b:fa:9e:7f:fe:2e:4d:68:d3:
                    bb:4d:73:9f:10:ec:ac:a0:ac:8c:9f:5b:f3:d2:7d:
                    de:8a:d2:af:91:19:39:93:0b:42:41:8c:5e:38:46:
                    f5:36:63:53:24:ba:f6:ee:6e:f3:0d:6c:93:5d:d9:
                    b2:a7:0c:87:59:d9:58:06:05:ec:32:de:02:ba:91:
                    92:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:22:CE:E8:F1:A9:17:8F:8D:50:21:20:E8:36:F5:CF:00:39:48:52
            X509v3 Authority Key Identifier:
                keyid:40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:3a:88:ec:36:b7:04:88:71:20:78:2e:c0:fe:f0:d3:5d:a8:
         7e:b2:be:46:85:05:ba:2f:38:d7:5b:ae:24:37:77:f1:05:80:
         07:2b:5d:58:05:da:9e:b2:00:c8:d5:d5:2a:18:89:a5:7f:13:
         da:e5:44:d2:89:47:f5:51:de:34:cc:45:36:b7:df:42:a1:ce:
         ce:fe:d3:fe:a2:05:4c:06:fe:b7:e1:bc:5a:e3:10:b8:c5:35:
         3b:86:7d:7e:3a:1d:dd:30:f3:29:5a:23:6c:5b:be:e6:ee:cd:
         df:90:51:0c:da:6e:f8:93:e2:9d:77:de:14:92:11:a2:58:1c:
         2b:41:47:d2:57:ce:bc:84:01:a3:53:4e:6e:11:9d:49:a1:96:
         d8:b1:01:c5:76:3e:65:3c:a6:d4:f8:a6:76:c6:68:5c:bf:97:
         95:1d:b5:cf:78:1d:94:88:ff:16:01:3a:23:f2:aa:72:25:d1:
         31:3c:02:b9:37:ab:d8:3a:c9:a0:ad:72:74:46:91:45:60:0d:
         ee:98:b3:17:22:08:18:8e:13:dd:1f:8e:6b:e6:39:99:4e:6a:
         d4:03:68:e6:58:36:53:d4:0f:9e:21:82:c5:59:3f:99:2c:fc:
         28:f0:2e:15:1d:c8:f6:84:ed:8e:66:53:78:ad:b6:11:a8:e1:
         12:41:4a:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAekBD+JIT2jA/bKQ1hB90FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTMxYzk0Mzk3N2VhMGE5M2VmY2VlY2QzNGQxZDVkMWNi
MTgyYWYwHhcNMjQwNjE2MDEwMTE2WhcNMjQwNjE3MDEwMTE2WjAzMTEwLwYDVQQD
EyhiNjIyY2VlOGYxYTkxNzhmOGQ1MDIxMjBlODM2ZjVjZjAwMzk0ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8u+0U7wviDhxzfQSoEQSUKfXZ1Z
cKG/eAOPU+QpYgU+74w9YTixWAZBi6EZ/K9J00pBZByDmveA8Dm/dDwLOZYLmz7q
Nc+yhagbXohjWTBtp/kVqhtp22KHXMhOKlwL23dEhzwCt3wumPV5eEkNfBMqEbaN
7gcXyCn/d3SBijoNQr/FHGd+EJIZN6KpHcHatvG2QmwMVEKax8GkiwOSNnQ8Merl
i8sH2bfVW2tcCMKIA8aO0yVkZqRr+p5//i5NaNO7TXOfEOysoKyMn1vz0n3eitKv
kRk5kwtCQYxeOEb1NmNTJLr27m7zDWyTXdmypwyHWdlYBgXsMt4CupGSyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYizujxqRePjVAhIOg29c8AOUhSMB8GA1UdIwQY
MBaAFEATHJQ5d+oKk+/O7NNNHV0csYKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEt
MmI2NDlkNWViYWYzLzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEtMmI2NDlkNWViYWYz
LzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATTqI7Da3
BIhxIHguwP7w012ofrK+RoUFui8411uuJDd38QWABytdWAXanrIAyNXVKhiJpX8T
2uVE0olH9VHeNMxFNrffQqHOzv7T/qIFTAb+t+G8WuMQuMU1O4Z9fjod3TDzKVoj
bFu+5u7N35BRDNpu+JPinXfeFJIRolgcK0FH0lfOvIQBo1NObhGdSaGW2LEBxXY+
ZTym1PimdsZoXL+XlR21z3gdlIj/FgE6I/KqciXRMTwCuTer2DrJoK1ydEaRRWAN
7pizFyIIGI4T3R+Oa+Y5mU5q1ANo5lg2U9QPniGCxVk/mSz8KPAuFR3I9oTtjmZT
eK22EajhEkFKJw==
-----END CERTIFICATE-----