Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          6o9eUhscMtJHD7ztJgToILhH8YSbeh2zgk2z+i7nC9w=
Subject key identifier:   44:E8:FF:F7:6C:B0:A9:D6:48:B3:9C:65:D1:5B:4A:97:25:6B:DD:87
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       01964F35976C554032B7DB7ADDE14A0B00FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          060A
Signing time:             Sat 19 Apr 2025 18:00:34 +0000
Manifest this update:     Sat 19 Apr 2025 18:00:34 +0000
Manifest next update:     Sun 20 Apr 2025 18:00:34 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: 809vkw/nGejiT8MbbThPv5JBhe9SzqRe+xX9/almlYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 18:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:35:97:6c:55:40:32:b7:db:7a:dd:e1:4a:0b:00:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Apr 19 18:00:34 2025 GMT
            Not After : Apr 20 18:00:34 2025 GMT
        Subject: CN=44e8fff76cb0a9d648b39c65d15b4a97256bdd87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5f:8a:84:0d:e1:10:1c:6a:e1:ea:10:a9:c4:
                    20:41:d8:fe:f0:1a:5e:95:18:29:80:20:c2:cb:82:
                    68:ac:ee:8d:65:27:21:81:bc:17:93:c7:92:dc:7c:
                    b1:c4:64:ab:6c:b9:59:db:34:84:86:08:ab:42:b5:
                    2a:60:74:f9:28:f3:1a:65:db:da:62:ff:9f:33:ab:
                    9f:13:fb:e8:24:e8:86:5b:4a:f4:7b:a7:03:5f:db:
                    f0:90:83:44:e4:4f:0f:17:9d:03:ca:26:fd:90:0f:
                    3f:8e:6f:bd:cb:b8:ef:21:2f:6b:33:ed:27:80:41:
                    93:e8:45:8a:b3:1c:42:89:7a:50:56:8e:c6:d3:5f:
                    f2:82:8e:aa:a9:60:3a:4c:7e:83:27:39:c1:12:82:
                    ec:bf:3b:66:4a:15:e6:74:a7:ef:b9:ea:9d:67:93:
                    13:37:f3:51:08:46:31:c0:64:7e:d2:73:36:6c:0c:
                    20:45:27:b2:15:d5:07:d3:16:82:67:2b:4b:2c:ab:
                    3b:60:9d:fc:54:98:16:e2:2f:f2:84:71:d4:f9:06:
                    ca:a4:21:22:91:ad:9a:f3:3e:23:a5:1f:12:03:a1:
                    39:98:70:5b:df:54:0c:02:fe:52:89:e2:fe:11:11:
                    36:4a:d7:14:10:6a:be:73:a6:c9:c3:08:14:1f:d9:
                    b7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E8:FF:F7:6C:B0:A9:D6:48:B3:9C:65:D1:5B:4A:97:25:6B:DD:87
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:14:d4:2e:c1:40:43:9c:6c:f5:21:c9:5a:0c:d3:d7:f1:aa:
         b3:ea:ba:27:fd:33:09:9b:8f:07:31:a5:ff:22:c0:9e:5d:bb:
         3b:de:3c:13:3d:bd:85:16:b1:57:90:96:91:5b:54:76:83:0e:
         7b:1c:14:34:0c:95:93:fd:7f:2e:ce:6c:92:a5:6f:f1:d2:c2:
         55:bf:5f:a4:08:6b:7c:91:c8:79:3e:f9:9e:21:f5:b6:67:59:
         d2:b5:3d:60:61:f5:81:05:6f:5b:24:4e:34:2a:c5:cc:1d:d3:
         42:16:c5:1b:77:b0:e3:3e:2b:d2:35:57:06:33:0d:2c:e8:6b:
         5d:6b:d3:5e:c2:51:3b:06:d7:57:8d:f4:35:44:d3:b6:90:81:
         c6:8c:65:a6:16:81:e2:48:04:55:f3:29:57:b0:81:03:9c:e5:
         a3:94:9d:f5:18:20:80:49:6e:b1:d3:5c:83:6e:d1:13:df:b9:
         d7:4a:d7:9c:0b:47:a1:ea:2b:25:e2:54:47:40:c8:46:f0:98:
         5f:4f:6d:fb:ed:3c:54:e9:16:45:0e:6c:ea:22:27:e9:62:ab:
         71:83:3d:71:a9:a6:84:11:e7:d6:44:d6:94:97:1b:ac:3a:9d:
         ca:40:c2:44:a1:04:82:29:c4:16:5f:d0:9b:0d:ba:15:bb:3b:
         82:73:c7:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPNZdsVUAyt9t63eFKCwD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUwNDE5MTgwMDM0WhcNMjUwNDIwMTgwMDM0WjAzMTEwLwYDVQQD
Eyg0NGU4ZmZmNzZjYjBhOWQ2NDhiMzljNjVkMTViNGE5NzI1NmJkZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1+KhA3hEBxq4eoQqcQgQdj+8Bpe
lRgpgCDCy4JorO6NZSchgbwXk8eS3HyxxGSrbLlZ2zSEhgirQrUqYHT5KPMaZdva
Yv+fM6ufE/voJOiGW0r0e6cDX9vwkINE5E8PF50Dyib9kA8/jm+9y7jvIS9rM+0n
gEGT6EWKsxxCiXpQVo7G01/ygo6qqWA6TH6DJznBEoLsvztmShXmdKfvueqdZ5MT
N/NRCEYxwGR+0nM2bAwgRSeyFdUH0xaCZytLLKs7YJ38VJgW4i/yhHHU+QbKpCEi
ka2a8z4jpR8SA6E5mHBb31QMAv5SieL+ERE2StcUEGq+c6bJwwgUH9m3iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETo//dssKnWSLOcZdFbSpcla92HMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGBTULsFA
Q5xs9SHJWgzT1/Gqs+q6J/0zCZuPBzGl/yLAnl27O948Ez29hRaxV5CWkVtUdoMO
exwUNAyVk/1/Ls5skqVv8dLCVb9fpAhrfJHIeT75niH1tmdZ0rU9YGH1gQVvWyRO
NCrFzB3TQhbFG3ew4z4r0jVXBjMNLOhrXWvTXsJROwbXV430NUTTtpCBxoxlphaB
4kgEVfMpV7CBA5zlo5Sd9RgggElusdNcg27RE9+510rXnAtHoeorJeJUR0DIRvCY
X09t++08VOkWRQ5s6iIn6WKrcYM9cammhBHn1kTWlJcbrDqdykDCRKEEginEFl/Q
mw26Fbs7gnPHhA==
-----END CERTIFICATE-----