Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          FJx8oM7w7N/qt/4MjI0OYjWl7aEWlSk1aqcOociBVxk=
Subject key identifier:   71:D6:B6:8A:F8:32:E1:74:4E:B8:10:62:D9:04:8C:C9:07:25:BE:A0
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       019752D92A90F071CCAB8F02CB539403F7F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          04FF
Signing time:             Mon 09 Jun 2025 04:00:53 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:53 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:53 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: V3GMpVUmveSXJ1yrsotfA/4EyeYKIUrCuKNO8golwco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d9:2a:90:f0:71:cc:ab:8f:02:cb:53:94:03:f7:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Jun  9 04:00:53 2025 GMT
            Not After : Jun 10 04:00:53 2025 GMT
        Subject: CN=71d6b68af832e1744eb81062d9048cc90725bea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5e:d7:78:75:8f:a9:8c:d4:f9:9a:20:65:bd:
                    9e:ed:c5:f5:56:eb:51:01:00:c9:c0:2e:16:59:4b:
                    68:8e:ad:d8:2c:e1:2a:71:a7:e3:0f:5e:0f:8f:e8:
                    6f:0a:75:2f:3e:b2:83:84:2f:0a:1f:bb:b2:f3:3f:
                    3f:e0:22:53:29:cc:03:df:12:18:94:9f:58:89:4f:
                    99:ff:d2:dd:dd:e2:9d:0e:55:46:76:8e:c8:10:69:
                    35:a1:e3:8a:db:44:0d:ac:a0:c9:d8:92:9e:68:d3:
                    d9:60:ec:5a:91:8c:9f:8d:9e:e1:07:c8:07:18:ad:
                    a7:94:7f:d3:ae:be:5e:4c:81:cf:66:db:a3:b4:73:
                    4c:73:37:f6:8c:bf:f6:fa:63:75:b7:1c:06:a2:4f:
                    00:f2:e2:47:b4:4f:b7:34:fe:ed:b1:dd:b8:e6:99:
                    44:e5:3b:b7:88:f2:7f:6a:34:bb:d1:01:b3:51:19:
                    01:68:fe:b8:ea:92:ef:a4:fd:bc:d5:cc:8a:40:05:
                    c4:98:b4:e9:a8:99:3b:4d:2d:2c:b4:c8:8a:b9:01:
                    2d:a4:f2:76:82:61:eb:14:53:1a:82:9a:c8:bf:b3:
                    93:95:4a:cc:9e:b1:cb:0e:07:36:6d:f7:30:52:41:
                    96:2b:16:78:b5:29:cf:f9:01:76:ba:8e:84:94:9a:
                    10:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D6:B6:8A:F8:32:E1:74:4E:B8:10:62:D9:04:8C:C9:07:25:BE:A0
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:bf:04:2d:81:41:e2:9a:9a:4f:bc:61:0c:15:0e:9f:e0:ea:
         5f:c7:ed:65:18:d1:0b:2b:bc:0f:c7:e1:a2:a0:8e:6d:39:31:
         98:d9:d0:5a:81:cf:04:59:d6:77:c1:41:e0:ec:c4:8e:cd:e1:
         c0:cf:c9:09:52:b0:22:bc:28:57:45:f9:2e:11:6f:09:03:f7:
         00:9e:4e:fa:31:90:e6:2c:20:9b:a2:e3:6d:59:3b:dc:54:f5:
         09:8f:f9:d1:27:55:c0:0f:b9:f8:00:73:e3:1a:c8:ab:46:3a:
         1b:16:13:9f:87:69:54:d5:d2:ee:d5:68:4f:78:0d:74:32:db:
         c2:c6:db:ce:d0:dd:57:6c:59:87:98:53:51:f2:9a:ae:26:ae:
         3d:5e:99:d8:15:c8:91:a8:02:42:9c:7e:1a:09:f1:3a:7a:16:
         cb:6b:55:2e:53:6e:62:b4:e6:24:55:3d:6c:fe:31:6c:96:ad:
         5e:aa:11:0b:e7:3d:27:49:44:3c:52:d6:3a:cd:b6:f0:31:e7:
         17:0a:4f:43:2c:d4:40:eb:b5:76:41:6a:e1:67:5e:8b:2d:34:
         be:7a:9f:50:d7:b9:d4:e4:a7:77:02:7b:2b:92:75:b7:fb:43:
         aa:88:46:2a:ae:8b:04:68:da:83:27:85:f1:d6:52:6b:7a:c6:
         e0:18:e7:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2SqQ8HHMq48Cy1OUA/fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUwNjA5MDQwMDUzWhcNMjUwNjEwMDQwMDUzWjAzMTEwLwYDVQQD
Eyg3MWQ2YjY4YWY4MzJlMTc0NGViODEwNjJkOTA0OGNjOTA3MjViZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV7XeHWPqYzU+ZogZb2e7cX1VutR
AQDJwC4WWUtojq3YLOEqcafjD14Pj+hvCnUvPrKDhC8KH7uy8z8/4CJTKcwD3xIY
lJ9YiU+Z/9Ld3eKdDlVGdo7IEGk1oeOK20QNrKDJ2JKeaNPZYOxakYyfjZ7hB8gH
GK2nlH/Trr5eTIHPZtujtHNMczf2jL/2+mN1txwGok8A8uJHtE+3NP7tsd245plE
5Tu3iPJ/ajS70QGzURkBaP646pLvpP281cyKQAXEmLTpqJk7TS0stMiKuQEtpPJ2
gmHrFFMagprIv7OTlUrMnrHLDgc2bfcwUkGWKxZ4tSnP+QF2uo6ElJoQewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHWtor4MuF0TrgQYtkEjMkHJb6gMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAar8ELYFB
4pqaT7xhDBUOn+DqX8ftZRjRCyu8D8fhoqCObTkxmNnQWoHPBFnWd8FB4OzEjs3h
wM/JCVKwIrwoV0X5LhFvCQP3AJ5O+jGQ5iwgm6LjbVk73FT1CY/50SdVwA+5+ABz
4xrIq0Y6GxYTn4dpVNXS7tVoT3gNdDLbwsbbztDdV2xZh5hTUfKariauPV6Z2BXI
kagCQpx+GgnxOnoWy2tVLlNuYrTmJFU9bP4xbJatXqoRC+c9J0lEPFLWOs228DHn
FwpPQyzUQOu1dkFq4Wdeiy00vnqfUNe51OSndwJ7K5J1t/tDqohGKq6LBGjagyeF
8dZSa3rG4Bjn+w==
-----END CERTIFICATE-----