Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          qdM9YeHMEET6g/JVLU9LCzqB/9wuKwjjcQoeNMzU8Ww=
Subject key identifier:   42:E3:29:21:29:AF:6F:6A:09:74:A3:34:FA:5C:64:88:67:49:AE:43
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       0194C387E38E32875AB8F7E1DEA59D628DDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          053D
Signing time:             Sat 01 Feb 2025 22:00:50 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:50 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:50 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: mJZpSwx7oS7/4f02Jzlu2yIdhLGiOOM9/Tvp9iyKklE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:e3:8e:32:87:5a:b8:f7:e1:de:a5:9d:62:8d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Feb  1 22:00:50 2025 GMT
            Not After : Feb  2 22:00:50 2025 GMT
        Subject: CN=42e3292129af6f6a0974a334fa5c64886749ae43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:82:23:1b:97:4d:d6:87:bb:7a:59:56:34:74:
                    1a:ab:00:21:89:f0:e6:b5:5a:c3:40:13:7b:65:41:
                    8f:8c:16:6a:ee:73:2f:f2:60:94:49:f0:46:3a:be:
                    8f:55:89:6d:ae:e6:35:e0:d6:e6:9b:fa:78:cf:63:
                    fc:1d:b8:d4:93:7b:a7:60:09:29:01:d0:d7:56:e5:
                    d1:e6:8b:d2:59:84:eb:4a:09:f8:55:10:55:4b:e3:
                    08:5d:96:9f:90:60:c0:22:54:2f:db:a1:e8:73:a6:
                    d7:83:59:5b:33:88:92:e5:92:64:2a:fc:9d:e3:e0:
                    5a:09:7f:3e:5a:6d:6e:86:ab:8e:ba:65:4b:54:ed:
                    f1:0a:77:63:f7:72:b6:f8:9b:82:00:0f:b8:6f:e5:
                    a5:34:a7:1d:2d:b6:9d:9d:b3:fd:84:d3:b4:c4:bd:
                    05:6f:26:f8:36:25:5e:bc:77:8e:cb:72:ec:93:2a:
                    d4:31:ec:af:f4:4d:70:df:58:22:50:3d:c0:0c:5d:
                    f8:00:03:22:b9:43:af:2d:09:48:11:41:a4:d0:8c:
                    fd:97:af:78:a1:0e:9c:dc:79:61:84:3a:17:ca:2d:
                    45:4f:81:93:b2:68:4b:69:94:ed:d4:f2:5f:6c:d7:
                    81:9f:fb:e9:ee:ae:db:db:cb:db:28:b7:37:5d:a1:
                    e8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:E3:29:21:29:AF:6F:6A:09:74:A3:34:FA:5C:64:88:67:49:AE:43
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:d4:d3:86:68:9f:6a:6c:c4:b3:e8:b3:e3:81:37:f4:aa:44:
         2f:32:ee:22:74:01:fe:5d:0a:fc:dc:79:b3:ba:8b:85:9b:35:
         25:e9:c1:14:ad:97:5b:d0:60:73:f4:c2:21:06:ae:bf:d4:00:
         f5:bf:e4:50:ce:2e:00:6f:29:e9:9b:e1:76:fc:0a:01:fc:46:
         ee:f1:70:61:08:5a:cf:55:55:83:f6:02:cf:0e:26:4a:b5:7d:
         86:25:88:26:7c:ad:26:ca:01:7f:ac:a1:fc:d6:74:62:7d:e3:
         c3:0e:b7:eb:4c:ef:db:63:64:55:1e:3f:fb:1b:57:d9:61:df:
         59:d0:b9:ec:c6:9a:59:7f:ee:0c:13:3d:01:a4:5b:0b:cb:c5:
         bc:6e:63:cf:6b:a8:6b:20:80:35:f0:65:b6:21:b2:d3:32:e0:
         52:3e:5c:8a:ec:22:0c:dd:ef:a1:a7:f4:47:1b:ce:58:f5:76:
         d2:77:2f:85:ca:8f:1f:1b:0c:5f:4b:47:1c:03:59:c8:82:59:
         34:1b:68:37:80:30:ed:f7:dd:be:42:e1:45:ec:26:fe:61:9b:
         47:9b:54:07:71:7e:37:84:76:e2:34:51:cd:6f:34:17:8f:8e:
         c7:85:c2:f1:93:c1:33:03:d7:58:3c:4c:e9:57:f5:88:87:44:
         07:27:8b:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh+OOModauPfh3qWdYo3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUwMjAxMjIwMDUwWhcNMjUwMjAyMjIwMDUwWjAzMTEwLwYDVQQD
Eyg0MmUzMjkyMTI5YWY2ZjZhMDk3NGEzMzRmYTVjNjQ4ODY3NDlhZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIIjG5dN1oe7ellWNHQaqwAhifDm
tVrDQBN7ZUGPjBZq7nMv8mCUSfBGOr6PVYltruY14Nbmm/p4z2P8HbjUk3unYAkp
AdDXVuXR5ovSWYTrSgn4VRBVS+MIXZafkGDAIlQv26Hoc6bXg1lbM4iS5ZJkKvyd
4+BaCX8+Wm1uhquOumVLVO3xCndj93K2+JuCAA+4b+WlNKcdLbadnbP9hNO0xL0F
byb4NiVevHeOy3LskyrUMeyv9E1w31giUD3ADF34AAMiuUOvLQlIEUGk0Iz9l694
oQ6c3HlhhDoXyi1FT4GTsmhLaZTt1PJfbNeBn/vp7q7b28vbKLc3XaHoqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELjKSEpr29qCXSjNPpcZIhnSa5DMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATtTThmif
amzEs+iz44E39KpELzLuInQB/l0K/Nx5s7qLhZs1JenBFK2XW9Bgc/TCIQauv9QA
9b/kUM4uAG8p6ZvhdvwKAfxG7vFwYQhaz1VVg/YCzw4mSrV9hiWIJnytJsoBf6yh
/NZ0Yn3jww6360zv22NkVR4/+xtX2WHfWdC57MaaWX/uDBM9AaRbC8vFvG5jz2uo
ayCANfBltiGy0zLgUj5ciuwiDN3voaf0RxvOWPV20ncvhcqPHxsMX0tHHANZyIJZ
NBtoN4Aw7ffdvkLhRewm/mGbR5tUB3F+N4R24jRRzW80F4+Ox4XC8ZPBMwPXWDxM
6Vf1iIdEByeLjg==
-----END CERTIFICATE-----