Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
File:                     QBMclDl36gqT787s000dXRyxgq8.mft (raw, json)
Hash identifier:          WQI3jyYdnpohvfMOWs+BvRQZ1s1K+Ugre9Hqv72xpFY=
Subject key identifier:   2F:6B:E4:2E:7D:EE:A1:32:EC:48:E5:0E:32:DD:07:C2:41:0D:77:F6
Authority key identifier: 40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF
Certificate issuer:       /CN=40131c943977ea0a93efceecd34d1d5d1cb182af
Certificate serial:       01974EFC5258C2939F4C684696B3E3CBB800
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
Manifest number:          0E2C
Signing time:             Sun 08 Jun 2025 10:00:48 +0000
Manifest this update:     Sun 08 Jun 2025 10:00:48 +0000
Manifest next update:     Mon 09 Jun 2025 10:00:48 +0000
Files and hashes:         1: QBMclDl36gqT787s000dXRyxgq8.crl (hash: zHkptf+6so0p4h0Bkga6Mj5hVGpb+622szqWDSgvIM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:fc:52:58:c2:93:9f:4c:68:46:96:b3:e3:cb:b8:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40131c943977ea0a93efceecd34d1d5d1cb182af
        Validity
            Not Before: Jun  8 10:00:48 2025 GMT
            Not After : Jun  9 10:00:48 2025 GMT
        Subject: CN=2f6be42e7deea132ec48e50e32dd07c2410d77f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c7:20:da:ed:02:4b:27:b1:e8:09:d2:6d:ee:
                    11:0d:98:da:12:5c:67:33:11:4c:d9:35:d8:47:58:
                    3e:70:70:3a:0a:af:eb:52:35:7d:29:9f:9d:96:b4:
                    6c:81:99:75:4b:dd:b0:81:76:24:05:ad:ef:84:d1:
                    bb:a9:dd:2f:b6:66:ff:7c:06:e6:a3:78:71:da:aa:
                    b3:41:0c:ff:51:83:4b:b3:e8:c1:07:57:ea:cd:83:
                    c0:c3:c3:ec:c2:ac:83:f0:68:c5:d1:77:4a:4d:8a:
                    9d:88:f6:6c:35:8f:80:f4:fd:c3:33:df:b9:15:21:
                    71:79:0c:0e:74:fe:31:95:05:3b:cf:80:4b:91:c1:
                    bd:3a:fe:68:17:77:f3:97:ab:00:1c:7f:eb:ba:51:
                    c2:14:2b:34:2c:00:aa:a1:68:96:a7:f9:f2:7c:6b:
                    22:67:80:d0:f0:4f:27:ce:ff:10:3b:fc:1f:c3:77:
                    28:cb:d8:08:0d:45:40:1a:6c:5e:96:53:6f:f8:49:
                    d0:f2:bb:a9:1c:5f:d0:25:a0:8e:f6:b4:18:18:35:
                    9d:70:58:24:01:ac:d9:db:59:ef:50:93:db:8b:e1:
                    64:e3:a3:ec:ed:d1:b6:38:7b:c5:26:c2:01:f2:c8:
                    d0:b7:86:26:b3:15:1b:9d:9a:7d:23:8d:20:c0:9c:
                    64:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:6B:E4:2E:7D:EE:A1:32:EC:48:E5:0E:32:DD:07:C2:41:0D:77:F6
            X509v3 Authority Key Identifier:
                keyid:40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:d7:63:93:1e:e9:72:c3:58:31:0a:ef:61:c6:fc:b8:65:40:
         44:54:6f:e2:d3:1d:26:83:17:5c:88:a8:ee:b1:6e:1a:ad:21:
         27:ef:b4:00:49:ee:dd:59:49:86:cc:ab:05:5a:fa:16:4c:fb:
         07:6a:0e:24:1d:03:93:e6:a3:49:dc:99:bf:a7:10:95:2d:c5:
         39:ec:3f:19:87:00:6c:a0:4a:58:ce:17:ab:04:21:94:e3:33:
         a5:30:af:09:b5:af:8b:59:9b:39:45:1f:24:a6:49:d5:59:e6:
         88:c3:10:4a:94:e5:57:80:b9:35:ec:26:8a:03:e2:22:15:99:
         aa:6b:63:92:89:63:19:ea:b5:e0:00:bb:84:74:fb:d7:22:03:
         1a:7f:57:47:4c:62:b3:df:d3:de:25:a9:d9:2d:96:34:60:bf:
         fd:9f:17:57:50:d5:9d:a1:d9:75:78:79:29:c5:a8:80:5b:82:
         18:aa:a1:f0:24:c1:ad:67:3d:64:2c:37:df:1a:5f:c7:53:54:
         1b:19:f0:9e:d6:75:15:00:8b:d2:cb:0e:2b:0f:8a:8f:83:3e:
         7f:44:0f:bc:d5:8d:5b:3e:b1:8f:9a:c0:ba:2f:60:f9:b7:86:
         0d:84:d3:f5:c9:d6:64:5a:45:1a:b5:c3:fe:6d:58:11:32:b3:
         24:c1:80:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdO/FJYwpOfTGhGlrPjy7gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTMxYzk0Mzk3N2VhMGE5M2VmY2VlY2QzNGQxZDVkMWNi
MTgyYWYwHhcNMjUwNjA4MTAwMDQ4WhcNMjUwNjA5MTAwMDQ4WjAzMTEwLwYDVQQD
EygyZjZiZTQyZTdkZWVhMTMyZWM0OGU1MGUzMmRkMDdjMjQxMGQ3N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMcg2u0CSyex6AnSbe4RDZjaElxn
MxFM2TXYR1g+cHA6Cq/rUjV9KZ+dlrRsgZl1S92wgXYkBa3vhNG7qd0vtmb/fAbm
o3hx2qqzQQz/UYNLs+jBB1fqzYPAw8PswqyD8GjF0XdKTYqdiPZsNY+A9P3DM9+5
FSFxeQwOdP4xlQU7z4BLkcG9Ov5oF3fzl6sAHH/rulHCFCs0LACqoWiWp/nyfGsi
Z4DQ8E8nzv8QO/wfw3coy9gIDUVAGmxellNv+EnQ8rupHF/QJaCO9rQYGDWdcFgk
AazZ21nvUJPbi+Fk46Ps7dG2OHvFJsIB8sjQt4YmsxUbnZp9I40gwJxknwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9r5C597qEy7EjlDjLdB8JBDXf2MB8GA1UdIwQY
MBaAFEATHJQ5d+oKk+/O7NNNHV0csYKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEt
MmI2NDlkNWViYWYzLzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEtMmI2NDlkNWViYWYz
LzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm9djkx7p
csNYMQrvYcb8uGVARFRv4tMdJoMXXIio7rFuGq0hJ++0AEnu3VlJhsyrBVr6Fkz7
B2oOJB0Dk+ajSdyZv6cQlS3FOew/GYcAbKBKWM4XqwQhlOMzpTCvCbWvi1mbOUUf
JKZJ1VnmiMMQSpTlV4C5NewmigPiIhWZqmtjkoljGeq14AC7hHT71yIDGn9XR0xi
s9/T3iWp2S2WNGC//Z8XV1DVnaHZdXh5KcWogFuCGKqh8CTBrWc9ZCw33xpfx1NU
GxnwntZ1FQCL0ssOKw+Kj4M+f0QPvNWNWz6xj5rAui9g+beGDYTT9cnWZFpFGrXD
/m1YETKzJMGAiw==
-----END CERTIFICATE-----