Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
File:                     QL_e36qTma09VTH6RxoSs7_jfhI.mft (raw, json)
Hash identifier:          vRiejLNsvucO/3xX072aUR3BuwklWE6LcGs85nDaaqw=
Subject key identifier:   3C:58:C1:F7:21:F0:B6:10:03:EA:FC:5B:FC:11:BF:00:E0:87:47:A8
Authority key identifier: 40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
Certificate issuer:       /CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Certificate serial:       019044F8B983C8F6A40A8925CF3A3C63F205
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
Manifest number:          04FB
Signing time:             Sun 23 Jun 2024 12:01:09 +0000
Manifest this update:     Sun 23 Jun 2024 12:01:09 +0000
Manifest next update:     Mon 24 Jun 2024 12:01:09 +0000
Files and hashes:         1: GwkO3rz6AgdBiNzLEo4XvzaeMQc.roa (hash: Bn4d1iggK7KVZMUMWRluUdrbUjnZ2dokn+Kfa7Izaa4=)
                          2: QL_e36qTma09VTH6RxoSs7_jfhI.crl (hash: iJNTtMAvOcUu+0eyGr/zEe6USU1HjFZhDymznqKiIgI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 12:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:f8:b9:83:c8:f6:a4:0a:89:25:cf:3a:3c:63:f2:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
        Validity
            Not Before: Jun 23 12:01:09 2024 GMT
            Not After : Jun 24 12:01:09 2024 GMT
        Subject: CN=3c58c1f721f0b61003eafc5bfc11bf00e08747a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5e:de:c3:81:34:fe:26:29:c3:c6:95:dd:b2:
                    b2:60:75:88:17:78:c0:6c:2e:ca:78:57:ef:eb:67:
                    dd:6d:8e:93:1c:67:51:74:b3:b1:af:30:86:72:f2:
                    be:26:13:4d:26:4b:d7:b1:73:1b:cb:54:3a:71:94:
                    70:0d:09:be:d6:61:a8:95:4a:f2:9a:b7:47:38:3c:
                    17:bf:b3:fe:4d:80:48:aa:df:d8:09:d1:29:a9:99:
                    fb:30:cd:ef:23:58:ac:47:61:38:43:0d:79:26:07:
                    e4:0a:4d:37:bd:24:6d:f5:c4:e4:cc:89:6a:74:66:
                    60:c2:5d:92:ae:7a:09:a2:86:79:67:e3:6a:1b:fd:
                    30:28:b3:6e:32:a0:fb:ac:5b:74:f2:45:99:0f:f6:
                    d8:b5:49:a2:ae:60:af:60:68:9b:bd:42:3e:da:d0:
                    27:cd:28:d0:4a:4a:66:a2:6d:35:0a:68:ba:2d:92:
                    1b:16:ce:35:a0:4e:f6:5d:8b:26:c9:ee:35:49:13:
                    e4:36:67:0b:43:b2:0a:e8:0c:0b:af:d8:b2:99:ae:
                    83:9f:b4:67:5f:f1:dd:a0:b6:31:02:0f:5f:c9:9c:
                    89:a9:15:d2:4d:c4:7d:ca:ed:69:2b:f5:41:7f:59:
                    e2:37:d6:33:81:7c:4b:ad:94:8d:d5:95:df:ac:e4:
                    2f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:58:C1:F7:21:F0:B6:10:03:EA:FC:5B:FC:11:BF:00:E0:87:47:A8
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:64:26:96:bc:5f:ad:8d:c3:9d:ca:d1:48:36:1b:7e:e1:1f:
         0c:8e:0e:90:61:54:cf:d5:bd:f3:7d:ce:b6:01:95:3d:51:a8:
         ba:76:3b:85:0b:8c:e5:fc:88:ac:c7:c0:2e:fa:0b:40:62:fa:
         a5:c4:09:85:b9:56:03:a7:e6:b3:33:06:27:9c:9e:7f:83:d2:
         45:8a:63:1f:17:37:9b:ba:a0:ca:c2:84:99:ab:ea:ae:7f:1e:
         42:9e:5d:32:83:01:4d:03:d7:79:88:f4:eb:68:78:e8:53:64:
         e4:7e:a9:ef:f2:0c:23:67:9f:7f:7e:83:69:84:31:55:88:53:
         90:c0:3b:d4:a0:00:9e:0c:99:f3:4a:51:ec:9a:27:7c:73:a0:
         a1:2e:0e:41:4b:fb:01:63:f7:7e:b4:ce:19:93:a7:b0:47:5d:
         e9:19:54:c5:58:38:de:55:6c:a1:8e:83:f4:47:95:f7:d6:cb:
         e5:5f:7d:58:cd:c3:19:db:80:3c:93:77:a2:62:52:b0:f8:77:
         57:04:4e:2e:d3:36:f2:99:bf:33:4d:ae:6c:eb:b1:00:88:c7:
         ca:6a:fe:c0:d1:85:40:18:dd:d1:28:66:f7:b2:e5:5d:88:78:
         7e:e1:cc:96:65:fd:6d:f8:43:5b:09:41:9e:c5:41:f0:de:fc:
         7c:fa:d1:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBE+LmDyPakCoklzzo8Y/IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZWRmYWE5Mzk5YWQzZDU1MzFmYTQ3MWExMmIzYmZl
MzdlMTIwHhcNMjQwNjIzMTIwMTA5WhcNMjQwNjI0MTIwMTA5WjAzMTEwLwYDVQQD
EygzYzU4YzFmNzIxZjBiNjEwMDNlYWZjNWJmYzExYmYwMGUwODc0N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul7ew4E0/iYpw8aV3bKyYHWIF3jA
bC7KeFfv62fdbY6THGdRdLOxrzCGcvK+JhNNJkvXsXMby1Q6cZRwDQm+1mGolUry
mrdHODwXv7P+TYBIqt/YCdEpqZn7MM3vI1isR2E4Qw15JgfkCk03vSRt9cTkzIlq
dGZgwl2SrnoJooZ5Z+NqG/0wKLNuMqD7rFt08kWZD/bYtUmirmCvYGibvUI+2tAn
zSjQSkpmom01Cmi6LZIbFs41oE72XYsmye41SRPkNmcLQ7IK6AwLr9iyma6Dn7Rn
X/HdoLYxAg9fyZyJqRXSTcR9yu1pK/VBf1niN9YzgXxLrZSN1ZXfrOQvGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxYwfch8LYQA+r8W/wRvwDgh0eoMB8GA1UdIwQY
MBaAFEC/3t+qk5mtPVUx+kcaErO/434SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYt
OGU5ODUxYjdmODExLzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYtOGU5ODUxYjdmODEx
LzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsWQmlrxf
rY3DncrRSDYbfuEfDI4OkGFUz9W9833OtgGVPVGounY7hQuM5fyIrMfALvoLQGL6
pcQJhblWA6fmszMGJ5yef4PSRYpjHxc3m7qgysKEmavqrn8eQp5dMoMBTQPXeYj0
62h46FNk5H6p7/IMI2eff36DaYQxVYhTkMA71KAAngyZ80pR7JonfHOgoS4OQUv7
AWP3frTOGZOnsEdd6RlUxVg43lVsoY6D9EeV99bL5V99WM3DGduAPJN3omJSsPh3
VwROLtM28pm/M02ubOuxAIjHymr+wNGFQBjd0Shm97LlXYh4fuHMlmX9bfhDWwlB
nsVB8N78fPrRUw==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:53:53 2024 by rpki-client on console-ams.rpki-client.org