Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          MnIrkmGXu6FCbV9kd0+kHWGpt4/WjakUql8Yrjjxj1w=
Subject key identifier:   EF:1E:6E:82:10:A8:A6:C0:B2:BD:A9:77:67:A2:4D:AB:6C:30:B8:FC
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       01984B549A6AB839AFA34430D7094EF4DA0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          0F75
Signing time:             Sun 27 Jul 2025 10:01:32 +0000
Manifest this update:     Sun 27 Jul 2025 10:01:32 +0000
Manifest next update:     Mon 28 Jul 2025 10:01:32 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: tHgF6TsgPIpPodpSkpB8Ms1ai8TzIZ7vkLSpFUAT2rU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:54:9a:6a:b8:39:af:a3:44:30:d7:09:4e:f4:da:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Jul 27 10:01:32 2025 GMT
            Not After : Jul 28 10:01:32 2025 GMT
        Subject: CN=ef1e6e8210a8a6c0b2bda97767a24dab6c30b8fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:52:20:e7:9f:cd:de:e8:6e:53:a4:d2:dc:d8:
                    18:17:8e:89:03:75:08:69:d7:cb:8f:98:ee:5f:22:
                    0b:98:75:28:ab:e9:5a:17:06:15:06:5e:e4:28:ac:
                    65:e1:f7:d8:9d:8b:05:0a:64:59:89:1d:9c:2f:a1:
                    b3:51:cf:4e:dc:dd:2d:5f:00:3e:d9:cd:ea:33:e8:
                    51:fb:90:86:82:a3:d1:f2:c2:73:d3:9a:fe:71:52:
                    a0:2c:ba:23:a8:24:2a:49:7e:4b:01:8a:6c:f1:c9:
                    55:ef:3b:6e:3c:db:80:8e:fb:58:fe:78:13:8a:ea:
                    24:c5:35:82:bc:5c:6c:4e:e8:bd:46:d0:d6:fd:3f:
                    1f:29:b1:fa:bf:ca:2c:82:ff:c2:50:a8:ed:a9:3b:
                    f6:4f:8b:54:57:f6:48:5a:45:c5:24:f6:93:f1:2e:
                    f8:5a:05:41:83:20:b4:23:42:9a:08:b5:14:c6:a1:
                    0e:46:c9:91:b9:0b:ee:30:b9:d8:a3:fd:b1:54:d3:
                    f1:ee:2c:73:32:85:2d:bc:70:7e:c5:99:e6:63:59:
                    47:64:5a:e1:52:0b:91:f1:e7:ed:ec:3a:17:6f:d0:
                    69:fb:a9:ed:37:9a:ad:f6:df:6b:ee:7b:ce:db:ab:
                    71:fb:eb:31:60:08:56:4d:9f:73:17:04:3c:e7:7e:
                    45:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:1E:6E:82:10:A8:A6:C0:B2:BD:A9:77:67:A2:4D:AB:6C:30:B8:FC
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:28:b9:6c:45:9c:58:a9:a3:09:60:e3:60:20:ce:54:ae:fa:
         cb:5f:59:22:58:87:a7:29:2d:ee:b8:18:d6:f5:8d:7d:6c:07:
         7c:3d:c9:48:77:cb:a7:35:e2:6b:c8:42:bf:c1:de:0e:21:12:
         5e:ea:b2:76:25:96:02:eb:53:9a:dd:93:96:92:d4:31:c2:8e:
         da:d7:ce:7a:48:8b:3e:d9:19:10:57:80:ba:e0:17:0e:80:f4:
         a4:8b:a5:36:cd:96:3a:93:1e:32:3f:0f:16:b8:a8:ad:06:af:
         16:9d:0d:10:c1:a9:b5:89:ec:2a:e3:bd:dc:23:3a:30:06:19:
         13:c5:b4:da:c4:57:67:4e:76:a4:59:17:1e:2c:33:f7:c8:e3:
         8b:4f:65:5e:c1:88:fd:02:2e:94:21:1c:d3:79:4d:ef:5b:83:
         30:b5:74:0e:fb:d1:df:36:4b:63:eb:4b:af:2c:dd:13:29:42:
         38:c8:c6:4b:70:8d:16:12:e8:a8:38:04:8f:5d:cf:2d:bb:eb:
         8e:1b:e2:d7:09:a1:dd:95:37:68:5b:5d:28:43:60:cb:c2:5e:
         d8:24:89:31:2d:3b:0f:09:81:b8:1f:8c:0a:e4:c7:14:3c:fa:
         66:98:21:33:e5:b7:6c:29:18:a4:3e:06:73:57:c9:fd:be:28:
         67:c5:da:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVJpquDmvo0Qw1wlO9NoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjUwNzI3MTAwMTMyWhcNMjUwNzI4MTAwMTMyWjAzMTEwLwYDVQQD
EyhlZjFlNmU4MjEwYThhNmMwYjJiZGE5Nzc2N2EyNGRhYjZjMzBiOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VIg55/N3uhuU6TS3NgYF46JA3UI
adfLj5juXyILmHUoq+laFwYVBl7kKKxl4ffYnYsFCmRZiR2cL6GzUc9O3N0tXwA+
2c3qM+hR+5CGgqPR8sJz05r+cVKgLLojqCQqSX5LAYps8clV7ztuPNuAjvtY/ngT
iuokxTWCvFxsTui9RtDW/T8fKbH6v8osgv/CUKjtqTv2T4tUV/ZIWkXFJPaT8S74
WgVBgyC0I0KaCLUUxqEORsmRuQvuMLnYo/2xVNPx7ixzMoUtvHB+xZnmY1lHZFrh
UguR8eft7DoXb9Bp+6ntN5qt9t9r7nvO26tx++sxYAhWTZ9zFwQ8535FcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8eboIQqKbAsr2pd2eiTatsMLj8MB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyi5bEWc
WKmjCWDjYCDOVK76y19ZIliHpykt7rgY1vWNfWwHfD3JSHfLpzXia8hCv8HeDiES
XuqydiWWAutTmt2TlpLUMcKO2tfOekiLPtkZEFeAuuAXDoD0pIulNs2WOpMeMj8P
FriorQavFp0NEMGptYnsKuO93CM6MAYZE8W02sRXZ052pFkXHiwz98jji09lXsGI
/QIulCEc03lN71uDMLV0DvvR3zZLY+tLryzdEylCOMjGS3CNFhLoqDgEj13PLbvr
jhvi1wmh3ZU3aFtdKENgy8Je2CSJMS07DwmBuB+MCuTHFDz6ZpghM+W3bCkYpD4G
c1fJ/b4oZ8XaQw==
-----END CERTIFICATE-----