Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          yQwB3Dmwxl2cXBQwtNAmmYZd0iQA05TENWZ6kSQqfRs=
Subject key identifier:   DB:AD:80:50:92:E7:AE:59:91:83:C2:AE:19:BC:EC:18:2D:12:C3:27
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       01958BBB1F4130700989ADB59D600D50B0D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          06A5
Signing time:             Wed 12 Mar 2025 19:00:51 +0000
Manifest this update:     Wed 12 Mar 2025 19:00:51 +0000
Manifest next update:     Thu 13 Mar 2025 19:00:51 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: ZQ2ddgzSikIEL0ffmDktZ35itc/x1u+sSEqwnvuPqfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:1f:41:30:70:09:89:ad:b5:9d:60:0d:50:b0:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Mar 12 19:00:51 2025 GMT
            Not After : Mar 13 19:00:51 2025 GMT
        Subject: CN=dbad805092e7ae599183c2ae19bcec182d12c327
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4e:bb:6f:a7:48:43:3d:b7:13:d9:18:49:15:
                    2e:ac:bc:9d:af:bc:6b:e6:66:c6:aa:40:f8:be:47:
                    12:a6:b2:26:b6:8a:bb:dc:bc:34:77:bc:01:ee:a6:
                    a4:d3:6a:62:c5:ac:f6:ad:19:27:65:a2:44:9b:e5:
                    6c:6e:e9:1e:f9:ca:a6:cc:0e:7a:b0:3b:fc:62:75:
                    ea:db:78:cf:6d:98:5c:9b:0b:20:44:0a:2a:37:d8:
                    88:8f:08:0b:5a:88:6d:7f:f3:e9:f5:1b:53:f7:a0:
                    8f:88:64:59:2b:30:86:41:27:3f:26:81:72:d0:a6:
                    15:ba:be:bb:e9:3e:fe:d7:56:af:ed:fa:90:43:91:
                    c2:9f:70:9b:40:00:29:b6:59:79:43:fb:0a:25:c9:
                    6c:21:30:44:eb:8e:8d:7e:7d:54:55:c5:16:c1:2e:
                    38:6d:fc:49:93:d4:34:87:e2:ec:e9:0d:d8:c6:05:
                    19:39:30:3a:70:b5:88:92:b8:7b:86:41:5c:1b:c1:
                    66:f9:2c:d0:90:18:9a:3d:72:49:4d:1e:6e:11:7f:
                    96:b9:95:7d:6f:ed:53:b1:89:f5:bd:43:c1:81:75:
                    d2:5a:1b:66:5c:4d:f0:12:a3:b7:48:35:e1:77:f2:
                    ac:bf:77:ce:97:08:54:8e:06:d6:a2:d1:e4:08:97:
                    07:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:AD:80:50:92:E7:AE:59:91:83:C2:AE:19:BC:EC:18:2D:12:C3:27
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:23:a6:f1:82:7a:d7:80:4b:ce:28:6f:a1:bf:42:b5:e8:29:
         34:f4:1b:b8:7a:69:29:09:05:b2:79:3f:27:16:6a:70:d9:c7:
         9c:91:51:59:a6:d4:4d:f4:bf:f2:f9:2d:23:9b:73:ab:86:1d:
         0c:9a:a8:37:d5:cc:b3:db:ec:f4:cb:82:f1:f9:7d:c5:c6:04:
         55:18:dd:12:80:c5:8d:28:3b:a5:82:78:34:b5:24:c7:7f:6e:
         a2:a6:86:b8:03:11:2b:fd:a8:fa:c7:87:59:01:2e:94:f0:5e:
         c7:bc:25:5e:64:d1:20:2d:4f:e8:90:e4:7f:37:13:85:77:f5:
         40:54:71:f1:6d:2c:33:0c:77:15:a7:a4:2a:f3:78:52:28:35:
         67:38:17:87:11:a3:18:2e:3f:6b:9e:e2:6b:a1:d4:f0:5f:93:
         d3:eb:1a:38:4e:60:48:e0:1f:80:e0:e2:e8:d2:0b:c8:32:63:
         75:df:d1:b9:fa:78:33:79:b1:bc:f4:2b:3b:b8:81:d8:4d:fe:
         eb:e5:43:1d:80:6b:ab:b9:18:9c:de:fd:cf:28:01:a2:e8:51:
         90:b6:c7:60:a2:05:9d:b3:6a:10:fa:ae:e0:0a:16:a4:f5:dd:
         0e:dd:cd:77:20:02:f8:77:eb:f4:f0:1e:55:ea:74:7b:e1:77:
         7f:a1:d2:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLux9BMHAJia21nWANULDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjUwMzEyMTkwMDUxWhcNMjUwMzEzMTkwMDUxWjAzMTEwLwYDVQQD
EyhkYmFkODA1MDkyZTdhZTU5OTE4M2MyYWUxOWJjZWMxODJkMTJjMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU67b6dIQz23E9kYSRUurLydr7xr
5mbGqkD4vkcSprImtoq73Lw0d7wB7qak02pixaz2rRknZaJEm+Vsbuke+cqmzA56
sDv8YnXq23jPbZhcmwsgRAoqN9iIjwgLWohtf/Pp9RtT96CPiGRZKzCGQSc/JoFy
0KYVur676T7+11av7fqQQ5HCn3CbQAAptll5Q/sKJclsITBE646Nfn1UVcUWwS44
bfxJk9Q0h+Ls6Q3YxgUZOTA6cLWIkrh7hkFcG8Fm+SzQkBiaPXJJTR5uEX+WuZV9
b+1TsYn1vUPBgXXSWhtmXE3wEqO3SDXhd/Ksv3fOlwhUjgbWotHkCJcH3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNutgFCS565ZkYPCrhm87BgtEsMnMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUCOm8YJ6
14BLzihvob9CtegpNPQbuHppKQkFsnk/JxZqcNnHnJFRWabUTfS/8vktI5tzq4Yd
DJqoN9XMs9vs9MuC8fl9xcYEVRjdEoDFjSg7pYJ4NLUkx39uoqaGuAMRK/2o+seH
WQEulPBex7wlXmTRIC1P6JDkfzcThXf1QFRx8W0sMwx3FaekKvN4Uig1ZzgXhxGj
GC4/a57ia6HU8F+T0+saOE5gSOAfgODi6NILyDJjdd/Rufp4M3mxvPQrO7iB2E3+
6+VDHYBrq7kYnN79zygBouhRkLbHYKIFnbNqEPqu4AoWpPXdDt3NdyAC+Hfr9PAe
Vep0e+F3f6HSWQ==
-----END CERTIFICATE-----