Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
File:                     QBMclDl36gqT787s000dXRyxgq8.mft (raw, json)
Hash identifier:          Z7K2CyKMzWOBRur3OIcWfjE5Fxugv58lZ1iI2HxFkvQ=
Subject key identifier:   27:BE:BD:72:AD:CA:42:5A:44:82:B0:EA:D2:74:56:2A:50:5B:EB:51
Authority key identifier: 40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF
Certificate issuer:       /CN=40131c943977ea0a93efceecd34d1d5d1cb182af
Certificate serial:       0194C42C7A16733683F3EA0B9C85BBA5D9DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
Manifest number:          0CDB
Signing time:             Sun 02 Feb 2025 01:00:36 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:36 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:36 +0000
Files and hashes:         1: QBMclDl36gqT787s000dXRyxgq8.crl (hash: ht11XeUTYMSaSH9ZWr7n/v18cwWXEoL91UTfHP7qjiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:7a:16:73:36:83:f3:ea:0b:9c:85:bb:a5:d9:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40131c943977ea0a93efceecd34d1d5d1cb182af
        Validity
            Not Before: Feb  2 01:00:36 2025 GMT
            Not After : Feb  3 01:00:36 2025 GMT
        Subject: CN=27bebd72adca425a4482b0ead274562a505beb51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:30:fd:01:a9:65:36:d5:3f:b2:7c:c6:2c:c1:
                    32:4c:d3:fb:68:fa:32:92:f3:ca:fe:6c:c1:45:35:
                    47:96:4e:3c:ed:1e:6e:8c:51:6d:36:22:0a:d0:32:
                    2b:b8:1c:be:87:6e:20:82:f7:a4:69:0f:f7:93:c2:
                    6d:ec:3b:0a:96:3a:de:f2:7f:1a:7c:63:c1:76:03:
                    f7:db:8c:1c:2c:fb:1b:86:68:98:83:0a:83:ad:e2:
                    23:79:54:fe:6e:60:53:ce:e7:b4:49:57:18:9a:31:
                    5c:18:99:75:38:43:ee:17:b3:cc:9f:45:e1:2e:61:
                    d7:72:7a:88:cc:10:2b:07:5f:10:a6:c8:28:6f:99:
                    c1:cf:66:10:e1:d6:d6:4c:a6:6a:3f:4c:bf:91:fa:
                    df:01:ef:4e:b9:e7:2c:22:b6:ec:ac:ce:95:18:42:
                    d6:d3:4e:2e:5c:58:9b:9d:6b:d0:da:21:cb:93:9b:
                    b8:7d:4c:d8:6a:c6:d4:14:7c:5a:ae:5b:92:a4:30:
                    b6:d7:a9:d7:84:4d:47:1c:27:e9:d4:e5:18:54:8b:
                    34:2a:6c:2f:4e:1a:92:b7:9b:98:29:dc:2d:91:af:
                    ae:1a:50:3c:36:fd:9b:7a:ff:c7:15:8a:4b:e1:b3:
                    0c:9b:d1:f0:54:6c:d9:71:4b:a8:e9:a5:49:98:30:
                    97:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:BE:BD:72:AD:CA:42:5A:44:82:B0:EA:D2:74:56:2A:50:5B:EB:51
            X509v3 Authority Key Identifier:
                keyid:40:13:1C:94:39:77:EA:0A:93:EF:CE:EC:D3:4D:1D:5D:1C:B1:82:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBMclDl36gqT787s000dXRyxgq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5c9b74-753b-42e2-b41a-2b649d5ebaf3/1/QBMclDl36gqT787s000dXRyxgq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ec:06:7f:c7:a4:ee:e3:0d:b3:32:97:50:94:58:ba:b9:54:
         c6:d3:f7:b4:e5:0d:50:41:41:8b:68:14:69:86:6f:1a:48:29:
         93:31:4f:58:d8:25:72:d1:df:0a:b9:b0:dc:c4:67:5e:dd:58:
         cf:1e:82:dc:56:30:78:3f:62:b6:ef:28:aa:b3:6a:69:6a:e9:
         ce:bf:2f:d9:0e:b9:e8:50:b3:dc:8e:f3:a7:30:08:e1:06:86:
         48:1a:38:a4:f1:2c:83:e0:23:73:e5:41:5f:b7:c4:3b:b2:a6:
         8b:b7:b8:47:a4:55:4d:f8:76:c0:e7:e8:86:fb:60:2e:25:75:
         23:f2:8e:2b:7c:3d:e3:37:35:66:a8:89:d3:62:43:8d:40:cc:
         58:57:79:71:d4:ea:5e:0d:7e:a5:a1:50:b8:d5:15:3e:6d:b4:
         ba:da:dc:98:d8:4c:93:22:9b:9b:30:fe:35:0b:b3:ea:97:61:
         0c:52:fe:ea:1a:89:ed:fa:29:85:18:d9:09:85:ed:d2:0a:80:
         99:f1:92:9e:e4:4f:07:b0:b1:1c:4b:67:b2:51:c2:2b:98:10:
         df:bf:fe:52:c7:66:bf:47:ef:19:17:b1:16:a9:7f:47:75:62:
         88:a1:e0:ed:69:e1:4b:e1:70:11:cd:2e:6a:69:48:bb:ea:a0:
         dd:cf:2d:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELHoWczaD8+oLnIW7pdnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTMxYzk0Mzk3N2VhMGE5M2VmY2VlY2QzNGQxZDVkMWNi
MTgyYWYwHhcNMjUwMjAyMDEwMDM2WhcNMjUwMjAzMDEwMDM2WjAzMTEwLwYDVQQD
EygyN2JlYmQ3MmFkY2E0MjVhNDQ4MmIwZWFkMjc0NTYyYTUwNWJlYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTD9AallNtU/snzGLMEyTNP7aPoy
kvPK/mzBRTVHlk487R5ujFFtNiIK0DIruBy+h24ggvekaQ/3k8Jt7DsKljre8n8a
fGPBdgP324wcLPsbhmiYgwqDreIjeVT+bmBTzue0SVcYmjFcGJl1OEPuF7PMn0Xh
LmHXcnqIzBArB18Qpsgob5nBz2YQ4dbWTKZqP0y/kfrfAe9OuecsIrbsrM6VGELW
004uXFibnWvQ2iHLk5u4fUzYasbUFHxarluSpDC216nXhE1HHCfp1OUYVIs0Kmwv
ThqSt5uYKdwtka+uGlA8Nv2bev/HFYpL4bMMm9HwVGzZcUuo6aVJmDCXuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCe+vXKtykJaRIKw6tJ0VipQW+tRMB8GA1UdIwQY
MBaAFEATHJQ5d+oKk+/O7NNNHV0csYKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEt
MmI2NDlkNWViYWYzLzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81YzliNzQtNzUzYi00MmUyLWI0MWEtMmI2NDlkNWViYWYz
LzEvUUJNY2xEbDM2Z3FUNzg3czAwMGRYUnl4Z3E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaewGf8ek
7uMNszKXUJRYurlUxtP3tOUNUEFBi2gUaYZvGkgpkzFPWNglctHfCrmw3MRnXt1Y
zx6C3FYweD9itu8oqrNqaWrpzr8v2Q656FCz3I7zpzAI4QaGSBo4pPEsg+Ajc+VB
X7fEO7Kmi7e4R6RVTfh2wOfohvtgLiV1I/KOK3w94zc1ZqiJ02JDjUDMWFd5cdTq
Xg1+paFQuNUVPm20utrcmNhMkyKbmzD+NQuz6pdhDFL+6hqJ7fophRjZCYXt0gqA
mfGSnuRPB7CxHEtnslHCK5gQ37/+Usdmv0fvGRexFql/R3ViiKHg7WnhS+FwEc0u
amlIu+qg3c8tgQ==
-----END CERTIFICATE-----