Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          5F+rMVlLTu3x8oS3L+lT6gxVgib0AyMftjbDf5KQQ1g=
Subject key identifier:   F6:3F:C6:ED:70:B0:CC:A4:EC:3D:1A:E2:E9:FD:1E:02:13:A5:DE:FB
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       019847772C114BBB1F20F7E9D49CFE3ED4A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          15FE
Signing time:             Sat 26 Jul 2025 16:00:49 +0000
Manifest this update:     Sat 26 Jul 2025 16:00:49 +0000
Manifest next update:     Sun 27 Jul 2025 16:00:49 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: 1ilmK4Jm+p1MeqQHWK/lBquBOP8sTjpxpndr1aqpyzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:77:2c:11:4b:bb:1f:20:f7:e9:d4:9c:fe:3e:d4:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Jul 26 16:00:49 2025 GMT
            Not After : Jul 27 16:00:49 2025 GMT
        Subject: CN=f63fc6ed70b0cca4ec3d1ae2e9fd1e0213a5defb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4a:1a:85:c6:56:8f:45:66:fd:47:ad:f2:8c:
                    15:0b:86:ba:b1:00:79:af:99:fb:f1:51:3f:21:4e:
                    86:de:a5:b0:d4:35:13:45:30:20:3c:72:53:30:1d:
                    3e:b2:cb:58:f1:f7:fe:4c:f2:a1:a3:3a:e4:4d:dd:
                    04:cb:6f:78:c5:54:e0:bf:7d:99:53:df:39:10:b5:
                    3c:3e:83:f9:89:bc:d9:9f:48:44:37:01:a9:f0:8a:
                    15:a4:b7:9e:07:48:a0:c7:cc:bc:fb:6e:41:6f:c3:
                    57:95:a3:5c:3a:bc:e8:9f:48:75:ff:bb:ff:bc:69:
                    0e:a4:7d:e8:af:05:3f:0e:25:99:87:26:f5:7e:8e:
                    60:9a:73:69:f7:dc:4a:7a:b4:a3:00:f6:68:8a:93:
                    50:31:1e:0c:0a:16:ee:e4:70:3c:7f:58:da:26:a5:
                    1e:c3:7c:64:eb:6b:9a:e3:e1:a1:ef:56:7c:8c:d3:
                    63:47:ca:5e:c0:b3:8c:6d:7f:be:22:6f:a8:4d:e5:
                    70:61:89:33:a5:dd:d3:21:26:94:c0:8d:4f:f3:0a:
                    c8:01:41:b8:0d:d9:ec:66:bb:d0:1c:99:64:bf:22:
                    a3:9d:f9:2b:70:8c:4a:f3:05:31:4e:26:aa:c0:f2:
                    6f:52:2c:d3:0e:ed:66:5b:9b:94:55:58:bb:7d:86:
                    c5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:3F:C6:ED:70:B0:CC:A4:EC:3D:1A:E2:E9:FD:1E:02:13:A5:DE:FB
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:40:04:e9:7f:64:59:ec:52:8a:03:3a:86:62:6e:ae:3d:b5:
         ff:db:93:14:8b:ef:2a:ec:32:1b:16:83:e5:ca:d2:d7:9b:55:
         96:c5:e5:39:d6:73:ad:61:34:bc:66:a8:cc:16:d4:3a:7e:e2:
         c5:13:a0:f6:69:38:05:e9:5f:20:d8:ff:07:d2:eb:1f:25:55:
         34:02:d2:d0:27:27:86:ee:89:4e:a8:5a:72:13:5a:af:be:19:
         48:49:ad:7e:47:64:f0:79:13:0e:f5:7f:35:ef:fc:0e:f6:48:
         0c:4a:c7:88:1a:b8:1e:60:b7:eb:6e:0e:3c:84:b3:83:bb:97:
         00:f2:3e:a6:a8:d3:ff:04:c9:50:4f:9f:c5:87:fd:cc:a3:b5:
         84:0c:ce:c4:a4:a2:76:82:99:37:dc:bf:dd:8a:7c:3c:cc:a9:
         fe:92:09:d3:ab:ea:57:55:15:ba:2c:8f:e7:07:bb:a8:cb:c8:
         bf:72:2f:37:b0:27:c9:9c:b0:71:e9:ba:9c:10:0b:7d:1b:48:
         70:5a:9c:38:ad:9d:0a:ce:f5:06:f2:c0:9a:09:e6:25:78:54:
         52:00:05:0b:88:b1:58:a0:b8:ad:32:09:fa:1d:c7:50:39:14:
         1e:d1:36:f8:75:2a:37:eb:95:81:84:7a:1a:3e:cd:5c:61:c4:
         84:42:94:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHdywRS7sfIPfp1Jz+PtSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwNzI2MTYwMDQ5WhcNMjUwNzI3MTYwMDQ5WjAzMTEwLwYDVQQD
EyhmNjNmYzZlZDcwYjBjY2E0ZWMzZDFhZTJlOWZkMWUwMjEzYTVkZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkoahcZWj0Vm/Uet8owVC4a6sQB5
r5n78VE/IU6G3qWw1DUTRTAgPHJTMB0+sstY8ff+TPKhozrkTd0Ey294xVTgv32Z
U985ELU8PoP5ibzZn0hENwGp8IoVpLeeB0igx8y8+25Bb8NXlaNcOrzon0h1/7v/
vGkOpH3orwU/DiWZhyb1fo5gmnNp99xKerSjAPZoipNQMR4MChbu5HA8f1jaJqUe
w3xk62ua4+Gh71Z8jNNjR8pewLOMbX++Im+oTeVwYYkzpd3TISaUwI1P8wrIAUG4
DdnsZrvQHJlkvyKjnfkrcIxK8wUxTiaqwPJvUizTDu1mW5uUVVi7fYbF5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPY/xu1wsMyk7D0a4un9HgITpd77MB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEAE6X9k
WexSigM6hmJurj21/9uTFIvvKuwyGxaD5crS15tVlsXlOdZzrWE0vGaozBbUOn7i
xROg9mk4BelfINj/B9LrHyVVNALS0Ccnhu6JTqhachNar74ZSEmtfkdk8HkTDvV/
Ne/8DvZIDErHiBq4HmC3624OPISzg7uXAPI+pqjT/wTJUE+fxYf9zKO1hAzOxKSi
doKZN9y/3Yp8PMyp/pIJ06vqV1UVuiyP5we7qMvIv3IvN7AnyZywcem6nBALfRtI
cFqcOK2dCs71BvLAmgnmJXhUUgAFC4ixWKC4rTIJ+h3HUDkUHtE2+HUqN+uVgYR6
Gj7NXGHEhEKU+A==
-----END CERTIFICATE-----