Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          DuVwO3MQRqpDvsoRc23gzTAipw2hi3x/U9dlA/7h2Z4=
Subject key identifier:   FF:E6:68:7A:2F:44:B4:03:8C:BF:BF:84:8F:61:23:43:E4:B5:20:69
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       019659144D8E8F4509A51A3C677BAE0D29CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          14FE
Signing time:             Mon 21 Apr 2025 16:00:24 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:24 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:24 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: 2aXlPEJ1uON36tmQbRVJVj1sc3KzU0b9487DVy/V2gI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:4d:8e:8f:45:09:a5:1a:3c:67:7b:ae:0d:29:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Apr 21 16:00:24 2025 GMT
            Not After : Apr 22 16:00:24 2025 GMT
        Subject: CN=ffe6687a2f44b4038cbfbf848f612343e4b52069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5b:d4:3c:5d:7e:59:39:92:07:89:84:06:dd:
                    f3:a5:11:f0:f1:9c:58:b8:47:cb:15:84:36:12:22:
                    80:d1:e4:5a:05:f7:10:43:93:06:83:00:ee:0e:4e:
                    e4:79:f7:1a:ee:3a:8f:ea:3c:79:61:90:2e:ad:61:
                    a7:c4:f6:28:44:50:10:5c:5c:15:62:3f:68:bb:7b:
                    79:45:10:19:86:ed:de:2e:17:5f:32:f4:59:60:5c:
                    a5:27:5e:80:4d:18:63:17:44:3d:ef:16:a7:57:0b:
                    66:b6:7b:09:79:3b:01:0e:e1:03:02:ff:42:d9:43:
                    70:28:dc:e6:f0:e6:2c:50:2d:2d:a8:c8:21:ae:82:
                    26:75:be:b4:38:2e:b9:5f:0f:df:47:e8:7e:73:d5:
                    e2:2b:7b:96:db:0e:2f:4f:38:8b:f8:d6:1b:11:32:
                    df:2f:79:9b:c1:02:0b:bf:cc:aa:d0:41:f1:2c:a4:
                    89:72:cf:3d:03:04:b9:8f:84:ad:e0:f0:4e:de:14:
                    d3:0f:ef:e1:a6:3a:30:e0:c3:92:e2:13:b3:09:7a:
                    96:b0:d5:c5:50:ec:44:5c:3f:9c:de:e6:2c:bb:22:
                    49:f1:92:e6:01:59:4b:8a:df:0b:59:27:98:08:39:
                    be:77:f6:15:93:88:f8:f9:75:e3:f4:a4:8e:62:3e:
                    f3:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E6:68:7A:2F:44:B4:03:8C:BF:BF:84:8F:61:23:43:E4:B5:20:69
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:ce:46:d1:25:09:41:71:93:88:80:0c:f6:f4:2b:74:44:0f:
         38:9a:cc:42:82:15:f1:6d:24:64:6f:eb:24:e9:ac:fd:6a:55:
         d7:bb:20:9b:b2:58:e0:3d:76:17:58:ce:84:b6:21:74:81:6f:
         d3:85:40:02:26:a9:c9:ce:db:00:2f:3c:4f:e7:dc:e1:5b:aa:
         1a:69:75:0c:35:a7:07:69:7c:b4:67:82:f1:ee:88:0b:a5:fe:
         55:ed:fd:62:2d:7f:ac:2e:39:a0:56:ef:5e:80:07:0e:42:99:
         eb:9d:a3:00:82:16:4f:13:75:23:1f:67:78:36:b1:62:ab:97:
         cb:a8:4c:44:ea:00:ed:d6:ad:a3:e2:78:ad:75:68:92:27:74:
         57:b5:a3:31:47:60:2f:bc:3c:03:82:f2:3a:cc:73:25:bf:31:
         7f:8f:6b:59:c7:44:21:8b:52:7e:0e:8c:04:3a:c4:16:18:f2:
         a4:b7:2e:e3:96:f5:1b:87:f9:06:0f:5d:5d:75:db:c3:4f:e6:
         b1:bd:8f:1f:9d:31:a9:d4:12:8f:01:da:1c:ca:14:f4:f3:79:
         fb:b5:ef:0a:e1:81:62:58:90:45:ed:ce:11:3b:6f:eb:22:81:
         8e:17:4b:a1:2d:8e:d5:fc:7c:a3:b4:5c:a0:c8:6d:dc:6a:d5:
         3c:a9:c2:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFE2Oj0UJpRo8Z3uuDSnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwNDIxMTYwMDI0WhcNMjUwNDIyMTYwMDI0WjAzMTEwLwYDVQQD
EyhmZmU2Njg3YTJmNDRiNDAzOGNiZmJmODQ4ZjYxMjM0M2U0YjUyMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vUPF1+WTmSB4mEBt3zpRHw8ZxY
uEfLFYQ2EiKA0eRaBfcQQ5MGgwDuDk7kefca7jqP6jx5YZAurWGnxPYoRFAQXFwV
Yj9ou3t5RRAZhu3eLhdfMvRZYFylJ16ATRhjF0Q97xanVwtmtnsJeTsBDuEDAv9C
2UNwKNzm8OYsUC0tqMghroImdb60OC65Xw/fR+h+c9XiK3uW2w4vTziL+NYbETLf
L3mbwQILv8yq0EHxLKSJcs89AwS5j4St4PBO3hTTD+/hpjow4MOS4hOzCXqWsNXF
UOxEXD+c3uYsuyJJ8ZLmAVlLit8LWSeYCDm+d/YVk4j4+XXj9KSOYj7zQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/maHovRLQDjL+/hI9hI0PktSBpMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABc5G0SUJ
QXGTiIAM9vQrdEQPOJrMQoIV8W0kZG/rJOms/WpV17sgm7JY4D12F1jOhLYhdIFv
04VAAiapyc7bAC88T+fc4VuqGml1DDWnB2l8tGeC8e6IC6X+Ve39Yi1/rC45oFbv
XoAHDkKZ652jAIIWTxN1Ix9neDaxYquXy6hMROoA7dato+J4rXVokid0V7WjMUdg
L7w8A4LyOsxzJb8xf49rWcdEIYtSfg6MBDrEFhjypLcu45b1G4f5Bg9dXXXbw0/m
sb2PH50xqdQSjwHaHMoU9PN5+7XvCuGBYliQRe3OETtv6yKBjhdLoS2O1fx8o7Rc
oMht3GrVPKnCFg==
-----END CERTIFICATE-----