Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
File:                     QL_e36qTma09VTH6RxoSs7_jfhI.mft (raw, json)
Hash identifier:          svi1NKaUj99y4+yLEFntgkDC8z6axX4f463WsLGHx2M=
Subject key identifier:   7E:1E:95:A7:49:85:07:F9:43:B7:6E:01:0B:51:70:2C:36:02:A5:3A
Authority key identifier: 40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
Certificate issuer:       /CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Certificate serial:       01901E5890B6A549B32F8E0A3417ADC0267C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
Manifest number:          04E7
Signing time:             Sun 16 Jun 2024 00:00:38 +0000
Manifest this update:     Sun 16 Jun 2024 00:00:38 +0000
Manifest next update:     Mon 17 Jun 2024 00:00:38 +0000
Files and hashes:         1: GwkO3rz6AgdBiNzLEo4XvzaeMQc.roa (hash: Bn4d1iggK7KVZMUMWRluUdrbUjnZ2dokn+Kfa7Izaa4=)
                          2: QL_e36qTma09VTH6RxoSs7_jfhI.crl (hash: MtGXr1FVe7SCz3OBoStWWgV7t5xcbUkQ/RE92yfG+YI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:58:90:b6:a5:49:b3:2f:8e:0a:34:17:ad:c0:26:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
        Validity
            Not Before: Jun 16 00:00:38 2024 GMT
            Not After : Jun 17 00:00:38 2024 GMT
        Subject: CN=7e1e95a7498507f943b76e010b51702c3602a53a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d5:56:21:90:7d:4a:c1:93:a7:b5:36:e5:1d:
                    5d:68:f6:06:9d:c0:e0:0c:40:eb:f1:8b:0d:cc:11:
                    58:a0:6b:f1:eb:f7:d0:8a:94:5a:01:01:f3:bb:40:
                    32:05:46:78:5c:32:8a:9b:dc:32:5e:45:7a:94:e2:
                    f6:56:44:6e:0f:36:37:8c:6a:9b:24:e3:d6:cd:3a:
                    55:0f:cc:fe:7a:fe:56:01:b4:f0:1f:5d:fd:9c:79:
                    81:a3:ec:d3:c1:e6:db:a4:56:39:0b:62:d4:d3:07:
                    bc:87:b9:d8:11:ab:77:a2:74:3e:9f:09:19:c2:a9:
                    07:31:9c:83:a1:a1:79:5f:b6:53:21:e7:7d:86:9f:
                    6b:2e:b7:e2:f4:12:d1:7f:d2:01:1a:e5:d1:ee:fb:
                    02:d4:8b:9b:fe:1d:42:7e:0e:4c:bc:2a:87:ab:74:
                    4f:09:66:72:c5:20:c0:45:b3:11:62:6d:6e:8b:1a:
                    ed:0d:04:be:72:76:59:d3:cd:ff:10:e6:1d:20:8a:
                    9c:72:49:8a:a6:f4:0f:0a:83:11:ad:b4:18:8f:2d:
                    13:76:9d:42:d3:c5:c0:5a:64:cd:cd:65:57:33:0f:
                    50:33:6a:36:d4:12:47:ed:19:e6:ed:53:f5:3d:74:
                    96:b2:8b:43:36:ae:0c:bb:c1:d2:48:0b:bb:7c:90:
                    86:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:1E:95:A7:49:85:07:F9:43:B7:6E:01:0B:51:70:2C:36:02:A5:3A
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:c0:4e:0d:c8:21:bd:89:63:ac:0a:0b:f8:67:f1:5b:b1:d8:
         6b:d5:b5:22:67:e4:fa:ec:b8:cd:67:3b:b6:cc:36:63:04:20:
         61:9c:0b:b2:2c:dc:e8:20:75:73:48:53:93:7a:4a:fe:da:6b:
         07:13:95:67:8d:e7:e8:7e:c9:6f:b7:5d:10:3a:a2:ea:3b:be:
         ec:88:ef:b0:db:1b:d4:be:9e:3c:3a:45:50:e5:4c:b4:e4:55:
         df:c3:94:fa:e9:9e:bf:72:70:c3:c5:01:e4:c7:e2:e7:9d:07:
         b8:05:56:5c:c2:51:54:93:ed:b4:88:db:9f:0b:c2:1d:b1:d2:
         89:16:7f:fe:95:71:24:41:d2:f0:0d:da:e3:6f:69:c2:02:c6:
         17:74:49:94:5d:6c:ba:3a:ac:2a:69:c8:32:64:ae:fc:7c:cf:
         4e:0a:65:1a:d6:59:be:e8:4a:6e:cb:bc:54:8d:5c:f6:0e:05:
         79:ad:3c:81:4a:8f:18:cf:9d:f9:35:c0:92:4e:93:bb:29:18:
         8a:f2:b0:31:d6:fd:cd:45:0d:c2:bd:c3:78:5f:e2:4d:1b:ae:
         9f:dc:dd:b2:bb:5c:25:4d:7e:70:fa:b5:8a:1e:83:2b:41:99:
         68:02:b5:af:c9:8a:29:cd:7a:31:18:65:d4:9a:ae:fc:29:ec:
         f1:3d:a1:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAeWJC2pUmzL44KNBetwCZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZWRmYWE5Mzk5YWQzZDU1MzFmYTQ3MWExMmIzYmZl
MzdlMTIwHhcNMjQwNjE2MDAwMDM4WhcNMjQwNjE3MDAwMDM4WjAzMTEwLwYDVQQD
Eyg3ZTFlOTVhNzQ5ODUwN2Y5NDNiNzZlMDEwYjUxNzAyYzM2MDJhNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9VWIZB9SsGTp7U25R1daPYGncDg
DEDr8YsNzBFYoGvx6/fQipRaAQHzu0AyBUZ4XDKKm9wyXkV6lOL2VkRuDzY3jGqb
JOPWzTpVD8z+ev5WAbTwH139nHmBo+zTwebbpFY5C2LU0we8h7nYEat3onQ+nwkZ
wqkHMZyDoaF5X7ZTIed9hp9rLrfi9BLRf9IBGuXR7vsC1Iub/h1Cfg5MvCqHq3RP
CWZyxSDARbMRYm1uixrtDQS+cnZZ083/EOYdIIqcckmKpvQPCoMRrbQYjy0Tdp1C
08XAWmTNzWVXMw9QM2o21BJH7Rnm7VP1PXSWsotDNq4Mu8HSSAu7fJCGCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4eladJhQf5Q7duAQtRcCw2AqU6MB8GA1UdIwQY
MBaAFEC/3t+qk5mtPVUx+kcaErO/434SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYt
OGU5ODUxYjdmODExLzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYtOGU5ODUxYjdmODEx
LzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAecBODcgh
vYljrAoL+GfxW7HYa9W1Imfk+uy4zWc7tsw2YwQgYZwLsizc6CB1c0hTk3pK/tpr
BxOVZ43n6H7Jb7ddEDqi6ju+7IjvsNsb1L6ePDpFUOVMtORV38OU+umev3Jww8UB
5Mfi550HuAVWXMJRVJPttIjbnwvCHbHSiRZ//pVxJEHS8A3a429pwgLGF3RJlF1s
ujqsKmnIMmSu/HzPTgplGtZZvuhKbsu8VI1c9g4Fea08gUqPGM+d+TXAkk6TuykY
ivKwMdb9zUUNwr3DeF/iTRuun9zdsrtcJU1+cPq1ih6DK0GZaAK1r8mKKc16MRhl
1Jqu/Cns8T2hOQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:05:20 2024 by rpki-client on console-ams.rpki-client.org