Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          sO2teukcCOfYeqoVBhyEkcM3Nj7phxSg6oXph/0o1Ng=
Subject key identifier:   0E:01:E8:0C:16:59:BE:83:7B:25:A8:D8:39:A6:5D:AF:92:4B:36:56
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019847775E0F5595E912A7F8C5933A398F0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0932
Signing time:             Sat 26 Jul 2025 16:01:01 +0000
Manifest this update:     Sat 26 Jul 2025 16:01:01 +0000
Manifest next update:     Sun 27 Jul 2025 16:01:01 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: NkgNbkNB244v6MtNIG80S2kTt1VEWLjGbC6Tv4E67BU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:77:5e:0f:55:95:e9:12:a7:f8:c5:93:3a:39:8f:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Jul 26 16:01:01 2025 GMT
            Not After : Jul 27 16:01:01 2025 GMT
        Subject: CN=0e01e80c1659be837b25a8d839a65daf924b3656
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:aa:9a:66:f9:85:55:5d:d6:6e:dd:80:0c:6b:
                    b3:6d:3b:a4:41:76:38:39:0e:c3:aa:f2:97:e2:b2:
                    6c:76:71:7d:93:e0:be:e9:de:c4:3e:0f:66:e0:3d:
                    9d:61:5e:8f:44:3c:92:7b:b5:d0:52:3c:8b:29:7a:
                    73:6a:2e:76:e8:13:37:0b:09:70:23:a6:90:ce:97:
                    38:dc:68:13:ae:16:9f:87:f8:0b:ea:06:36:1c:bb:
                    b7:40:97:28:a0:e0:0d:bb:fd:c6:c6:c8:28:93:b7:
                    c8:f6:aa:d7:c9:af:e7:8d:6c:40:2f:5b:24:b4:cf:
                    24:98:a8:c0:34:04:46:d9:3d:46:a4:b8:e4:e3:96:
                    14:2e:13:30:f0:a5:3d:9e:e1:f9:ab:6f:ab:81:96:
                    fb:8c:7b:a6:b1:24:7e:4e:3f:da:3f:1c:0c:b5:73:
                    63:d0:96:39:23:13:d1:3e:3f:8a:ed:9e:f3:0e:05:
                    b0:73:1c:19:c9:c9:7e:df:4d:fc:c2:c2:18:57:2d:
                    63:5a:8b:d9:b7:c4:08:d2:3f:ef:c1:f0:68:c0:0c:
                    65:9e:f9:0c:98:db:f2:1d:72:c0:28:54:24:08:77:
                    ae:31:a4:ae:ab:f7:d2:22:a7:1b:a4:b6:66:46:62:
                    04:c2:e9:ed:4a:c0:11:56:c4:ad:b4:f5:e5:df:b6:
                    1c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:01:E8:0C:16:59:BE:83:7B:25:A8:D8:39:A6:5D:AF:92:4B:36:56
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:f0:f1:46:97:cc:7b:33:2d:c5:f5:a4:84:ff:30:c4:dc:12:
         ed:d7:f5:1b:7b:fc:5d:4e:ba:81:34:7c:ad:8e:39:43:6c:58:
         95:98:01:50:fe:78:21:47:b5:f8:04:5c:64:4e:c2:66:82:18:
         36:0f:6f:97:36:a5:17:c4:d6:1c:13:23:5d:49:f7:0e:88:f7:
         5c:bd:62:f6:f3:49:7f:c6:a2:80:81:16:18:2a:66:23:12:9c:
         20:2d:fc:7b:a3:02:56:2f:54:c5:3d:ac:5e:99:0e:0c:05:ff:
         0e:4f:51:cb:02:76:a6:cc:14:94:c3:dc:96:7f:63:aa:fd:48:
         52:69:6c:50:31:48:7d:01:e1:a0:30:e5:3e:1e:7e:3c:c0:d8:
         51:37:42:42:66:1d:11:9a:d6:de:c7:0e:de:8d:ce:6c:51:ff:
         f9:84:c4:15:9f:a8:fb:07:03:06:02:88:cb:02:2e:35:b0:83:
         9d:96:00:39:bc:f1:e1:8c:fd:42:6d:41:b1:ff:43:9f:09:80:
         d3:25:b9:39:e5:a7:8c:5d:86:d5:b0:2a:56:89:5c:1e:ee:0d:
         64:3b:c0:86:1d:e3:4f:4d:bf:3e:85:49:53:7f:f8:9e:5b:ce:
         70:7d:61:3f:93:1d:18:67:00:b1:c5:b4:58:5d:47:6b:0b:f8:
         d0:25:9d:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHd14PVZXpEqf4xZM6OY8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwNzI2MTYwMTAxWhcNMjUwNzI3MTYwMTAxWjAzMTEwLwYDVQQD
EygwZTAxZTgwYzE2NTliZTgzN2IyNWE4ZDgzOWE2NWRhZjkyNGIzNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKqaZvmFVV3Wbt2ADGuzbTukQXY4
OQ7DqvKX4rJsdnF9k+C+6d7EPg9m4D2dYV6PRDySe7XQUjyLKXpzai526BM3Cwlw
I6aQzpc43GgTrhafh/gL6gY2HLu3QJcooOANu/3Gxsgok7fI9qrXya/njWxAL1sk
tM8kmKjANARG2T1GpLjk45YULhMw8KU9nuH5q2+rgZb7jHumsSR+Tj/aPxwMtXNj
0JY5IxPRPj+K7Z7zDgWwcxwZycl+3038wsIYVy1jWovZt8QI0j/vwfBowAxlnvkM
mNvyHXLAKFQkCHeuMaSuq/fSIqcbpLZmRmIEwuntSsARVsSttPXl37YcbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4B6AwWWb6DeyWo2DmmXa+SSzZWMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApfDxRpfM
ezMtxfWkhP8wxNwS7df1G3v8XU66gTR8rY45Q2xYlZgBUP54IUe1+ARcZE7CZoIY
Ng9vlzalF8TWHBMjXUn3Doj3XL1i9vNJf8aigIEWGCpmIxKcIC38e6MCVi9UxT2s
XpkODAX/Dk9RywJ2pswUlMPcln9jqv1IUmlsUDFIfQHhoDDlPh5+PMDYUTdCQmYd
EZrW3scO3o3ObFH/+YTEFZ+o+wcDBgKIywIuNbCDnZYAObzx4Yz9Qm1Bsf9DnwmA
0yW5OeWnjF2G1bAqVolcHu4NZDvAhh3jT02/PoVJU3/4nlvOcH1hP5MdGGcAscW0
WF1Hawv40CWdqA==
-----END CERTIFICATE-----