Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          tkpjRXnhJrqRbIwdZrglG7v/h9rxDsLhbYcPlRcFK/Q=
Subject key identifier:   D6:88:34:6B:D7:84:94:99:C3:FF:05:3F:BE:62:1F:8A:F6:3C:79:A2
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       01974BC427E15E843D5FFAFF771A65C8D109
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          078D
Signing time:             Sat 07 Jun 2025 19:00:35 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:35 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:35 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: PaGOrRsWkstMglHuPiH+o5OlS+zxGg6HeI6/dCCq9r4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:27:e1:5e:84:3d:5f:fa:ff:77:1a:65:c8:d1:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Jun  7 19:00:35 2025 GMT
            Not After : Jun  8 19:00:35 2025 GMT
        Subject: CN=d688346bd7849499c3ff053fbe621f8af63c79a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:54:16:d6:9d:f2:47:04:c2:52:63:5d:cf:64:
                    39:bb:54:09:ea:6b:7a:b9:ef:d4:e6:93:15:5a:15:
                    d5:f1:02:9a:c2:59:cf:47:3d:3b:5f:d6:03:e6:21:
                    90:72:3c:9e:06:50:10:17:bc:0d:67:ce:29:4d:83:
                    9d:6f:81:b7:02:e0:eb:5f:6b:f1:4b:62:cb:46:6a:
                    6c:fc:43:0c:ac:25:f0:fa:11:a5:7b:f4:0d:05:63:
                    a8:99:5b:ee:96:23:3e:ff:4e:1d:81:97:39:77:b3:
                    35:d3:a6:35:89:33:08:21:5c:82:9c:71:a1:8b:f7:
                    82:f7:7d:20:1e:31:f5:1d:bc:fd:ff:bc:7e:0c:9f:
                    e4:31:11:7d:d1:af:e4:b5:90:aa:f2:58:af:54:99:
                    6c:65:72:49:11:27:a0:e0:6e:5e:0a:10:1a:ac:12:
                    a0:1c:cd:75:eb:9b:14:b7:14:16:1c:4f:f4:d2:dc:
                    cf:7e:72:d0:1e:0b:2b:dc:26:0a:99:b7:09:16:8d:
                    08:fc:8b:88:3e:a6:82:f6:9e:72:76:9d:18:72:63:
                    19:1b:86:19:fb:96:fe:d6:b3:53:6b:54:ee:40:ca:
                    4c:a7:08:45:ca:45:fd:fa:c3:60:29:cc:82:51:51:
                    47:a2:b5:4f:4f:dc:6e:ec:34:22:e2:35:61:0b:77:
                    16:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:88:34:6B:D7:84:94:99:C3:FF:05:3F:BE:62:1F:8A:F6:3C:79:A2
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:bb:47:38:40:5c:62:7a:17:b6:b3:3b:77:dc:af:d6:b2:3f:
         1d:d9:d8:6b:0b:57:4f:6c:df:22:5c:8c:76:51:33:06:d3:0b:
         85:68:f5:dd:b6:03:78:14:29:18:48:6a:3d:49:a0:e1:8a:f0:
         5c:f8:77:2f:6e:d0:13:c1:b2:e2:73:be:23:38:41:aa:d1:a5:
         e6:c7:22:39:37:17:21:3a:3e:8b:58:51:2b:5f:5b:44:84:5c:
         d4:df:de:4f:4f:37:d1:e5:94:57:ad:e9:3b:e0:e6:37:f8:e8:
         4a:cc:d0:d5:20:f6:88:03:0f:99:c8:64:c6:d4:fa:80:78:a7:
         2d:0f:12:b9:81:6d:b0:de:ba:9d:56:14:2c:d0:8c:09:8b:91:
         0e:fa:00:61:be:dd:69:53:99:7a:9f:ac:15:54:43:a1:20:81:
         dc:3f:11:7c:a0:35:5c:3f:cc:30:81:d7:56:d9:9f:d3:8b:0a:
         42:1f:58:0c:5a:53:47:7d:75:48:f0:1b:d2:96:37:a3:41:7c:
         18:19:cb:9b:e2:58:5f:12:a7:d6:b0:35:47:18:fc:03:fe:ab:
         19:c8:2b:28:0f:0a:b4:33:00:00:c2:aa:83:fc:5a:58:b0:53:
         83:12:ae:ce:c0:0d:50:89:19:71:85:c0:0e:42:f0:bc:99:d6:
         34:01:03:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxCfhXoQ9X/r/dxplyNEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjUwNjA3MTkwMDM1WhcNMjUwNjA4MTkwMDM1WjAzMTEwLwYDVQQD
EyhkNjg4MzQ2YmQ3ODQ5NDk5YzNmZjA1M2ZiZTYyMWY4YWY2M2M3OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVQW1p3yRwTCUmNdz2Q5u1QJ6mt6
ue/U5pMVWhXV8QKawlnPRz07X9YD5iGQcjyeBlAQF7wNZ84pTYOdb4G3AuDrX2vx
S2LLRmps/EMMrCXw+hGle/QNBWOomVvuliM+/04dgZc5d7M106Y1iTMIIVyCnHGh
i/eC930gHjH1Hbz9/7x+DJ/kMRF90a/ktZCq8livVJlsZXJJESeg4G5eChAarBKg
HM1165sUtxQWHE/00tzPfnLQHgsr3CYKmbcJFo0I/IuIPqaC9p5ydp0YcmMZG4YZ
+5b+1rNTa1TuQMpMpwhFykX9+sNgKcyCUVFHorVPT9xu7DQi4jVhC3cWwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaINGvXhJSZw/8FP75iH4r2PHmiMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7tHOEBc
YnoXtrM7d9yv1rI/HdnYawtXT2zfIlyMdlEzBtMLhWj13bYDeBQpGEhqPUmg4Yrw
XPh3L27QE8Gy4nO+IzhBqtGl5sciOTcXITo+i1hRK19bRIRc1N/eT0830eWUV63p
O+DmN/joSszQ1SD2iAMPmchkxtT6gHinLQ8SuYFtsN66nVYULNCMCYuRDvoAYb7d
aVOZep+sFVRDoSCB3D8RfKA1XD/MMIHXVtmf04sKQh9YDFpTR311SPAb0pY3o0F8
GBnLm+JYXxKn1rA1Rxj8A/6rGcgrKA8KtDMAAMKqg/xaWLBTgxKuzsANUIkZcYXA
DkLwvJnWNAEDUw==
-----END CERTIFICATE-----