Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          1wDBlFJxHYweOramDGRYnodIDOZEDrDqOyX2AORJo+Q=
Subject key identifier:   64:28:D2:19:36:03:28:A2:A1:47:66:DD:64:72:55:9E:74:64:DB:01
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       01974E2078D475AF4D3E828D555966218D01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          068E
Signing time:             Sun 08 Jun 2025 06:00:40 +0000
Manifest this update:     Sun 08 Jun 2025 06:00:40 +0000
Manifest next update:     Mon 09 Jun 2025 06:00:40 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: 2lNOVA3kX9iiNWyIdgZrveOCcPObuuGBXKp0SNdd+eE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 06:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:20:78:d4:75:af:4d:3e:82:8d:55:59:66:21:8d:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Jun  8 06:00:40 2025 GMT
            Not After : Jun  9 06:00:40 2025 GMT
        Subject: CN=6428d219360328a2a14766dd6472559e7464db01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e3:19:e2:2e:5b:63:33:42:60:e6:b5:77:5a:
                    71:97:08:5f:ed:f3:36:29:b5:d0:64:1d:64:84:31:
                    29:9e:93:30:cf:b3:96:29:9d:f4:69:de:d0:b4:bc:
                    3a:7d:87:1d:25:76:f2:b8:68:fd:a0:00:57:fb:93:
                    92:5a:a8:0e:49:22:5c:4e:0e:ab:b6:b1:05:99:25:
                    c9:28:e2:e1:40:95:97:12:40:87:f8:96:26:f8:ee:
                    ff:30:f2:bf:9f:86:86:64:8a:01:18:a4:4a:7f:f7:
                    3c:ac:bf:1e:a9:43:3d:58:fb:11:15:af:71:67:44:
                    45:dc:38:6e:22:c7:cb:52:6c:d0:91:0d:16:27:d8:
                    94:1d:ea:b1:01:04:de:7f:b2:97:aa:e8:7a:55:f2:
                    8e:e1:67:ef:fa:03:e6:87:e5:18:76:a2:58:db:0d:
                    a1:fc:2b:06:18:25:9b:00:65:ad:68:bc:c2:0a:49:
                    5c:02:15:c3:0e:a5:16:f2:05:ec:11:60:86:49:49:
                    35:c1:64:6c:8f:3e:cb:39:28:af:b9:3d:72:c2:6d:
                    bf:8e:cf:9b:82:00:8b:43:87:12:a1:c6:96:25:8b:
                    ec:d3:c0:cc:cb:e7:0d:b2:b4:f5:15:4a:ad:0a:ad:
                    2c:cf:e1:02:5b:78:ec:eb:72:4b:83:82:1a:ad:f8:
                    3c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:28:D2:19:36:03:28:A2:A1:47:66:DD:64:72:55:9E:74:64:DB:01
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:09:4a:08:05:63:1c:36:6e:df:18:77:56:b7:88:26:01:11:
         be:93:fa:c7:0d:03:c3:cb:b3:32:1b:ba:eb:ab:ad:c8:53:95:
         16:fc:3a:8b:39:b4:63:ff:49:c2:6b:be:42:51:3b:df:60:47:
         0d:24:28:3e:f5:c5:08:4e:1d:cf:7f:96:98:02:6f:b0:03:65:
         03:6e:ab:d6:32:90:30:b5:b9:f9:4d:51:21:fb:ea:a8:d5:b8:
         61:c5:be:b9:84:3c:5c:45:78:d1:b4:51:48:26:9c:6c:da:19:
         9d:3e:39:39:52:2b:6e:33:86:d6:98:38:0d:87:ae:a8:76:eb:
         8c:d0:69:28:1e:49:89:c2:4c:ef:7d:79:c6:77:bb:82:9e:f5:
         f3:40:2e:01:88:ad:0b:5f:67:c8:7d:d5:0f:d8:4d:0f:6e:2e:
         57:9c:ee:ce:1a:eb:7c:45:0d:d0:9d:d7:aa:0d:67:8e:7e:26:
         37:03:6d:47:99:2e:c4:ab:70:55:87:91:d1:f0:9c:32:2c:6b:
         3f:b3:2c:84:08:de:ac:e9:31:50:c1:cb:53:20:f0:63:a0:1b:
         07:cc:99:fa:16:94:e7:98:c3:08:9e:ec:0d:80:39:6a:57:f3:
         d5:03:2f:1e:95:a7:3b:83:bf:1d:30:66:f6:16:3a:df:39:e8:
         c3:e0:76:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIHjUda9NPoKNVVlmIY0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUwNjA4MDYwMDQwWhcNMjUwNjA5MDYwMDQwWjAzMTEwLwYDVQQD
Eyg2NDI4ZDIxOTM2MDMyOGEyYTE0NzY2ZGQ2NDcyNTU5ZTc0NjRkYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeMZ4i5bYzNCYOa1d1pxlwhf7fM2
KbXQZB1khDEpnpMwz7OWKZ30ad7QtLw6fYcdJXbyuGj9oABX+5OSWqgOSSJcTg6r
trEFmSXJKOLhQJWXEkCH+JYm+O7/MPK/n4aGZIoBGKRKf/c8rL8eqUM9WPsRFa9x
Z0RF3DhuIsfLUmzQkQ0WJ9iUHeqxAQTef7KXquh6VfKO4Wfv+gPmh+UYdqJY2w2h
/CsGGCWbAGWtaLzCCklcAhXDDqUW8gXsEWCGSUk1wWRsjz7LOSivuT1ywm2/js+b
ggCLQ4cSocaWJYvs08DMy+cNsrT1FUqtCq0sz+ECW3js63JLg4Iarfg8fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQo0hk2AyiioUdm3WRyVZ50ZNsBMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArAlKCAVj
HDZu3xh3VreIJgERvpP6xw0Dw8uzMhu666utyFOVFvw6izm0Y/9Jwmu+QlE732BH
DSQoPvXFCE4dz3+WmAJvsANlA26r1jKQMLW5+U1RIfvqqNW4YcW+uYQ8XEV40bRR
SCacbNoZnT45OVIrbjOG1pg4DYeuqHbrjNBpKB5JicJM7315xne7gp7180AuAYit
C19nyH3VD9hND24uV5zuzhrrfEUN0J3Xqg1njn4mNwNtR5kuxKtwVYeR0fCcMixr
P7MshAjerOkxUMHLUyDwY6AbB8yZ+haU55jDCJ7sDYA5alfz1QMvHpWnO4O/HTBm
9hY63znow+B2hQ==
-----END CERTIFICATE-----