Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          JJmGQvwYgiZyP9JkewkGROzu51/QqH5eFoxWBUy4RP0=
Subject key identifier:   1C:E9:11:8C:F2:76:C2:BA:66:28:79:52:20:DD:1B:26:AC:32:CA:C4
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019921B0A6FB3CAFD87736B80BD398B5A886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1641
Signing time:             Sun 07 Sep 2025 01:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:48 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: wxZGx5y+toKctwI/Z9LyrXXAFIy7EMixEr+mkdQ/OYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:a6:fb:3c:af:d8:77:36:b8:0b:d3:98:b5:a8:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Sep  7 01:00:48 2025 GMT
            Not After : Sep  8 01:00:48 2025 GMT
        Subject: CN=1ce9118cf276c2ba6628795220dd1b26ac32cac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:13:65:60:63:e7:12:b8:01:f1:83:e5:48:e8:
                    e5:cb:eb:8f:90:81:18:3c:67:8d:22:32:d9:f2:2c:
                    09:ce:ae:8b:12:f8:33:5d:0c:99:36:5b:bd:b8:05:
                    85:2c:b8:0a:a2:8e:f1:f3:68:e0:53:4e:4c:61:b0:
                    89:6f:77:da:43:bd:f6:f3:78:d8:24:d4:c3:af:c8:
                    98:b7:7a:fb:db:8d:53:47:f3:3b:8f:9b:57:f3:73:
                    97:f0:b8:a6:39:4c:1a:4b:e5:58:3d:24:aa:8c:53:
                    f6:a8:38:ea:f4:71:e1:c7:97:65:aa:b7:d7:c2:5c:
                    71:bd:94:be:7b:50:20:d5:8f:cf:21:ae:4e:b3:f0:
                    e5:cb:98:32:ee:73:9f:a7:f0:8e:7a:fc:fe:ff:e1:
                    3c:32:9f:6d:5c:34:0f:45:c4:5f:e5:83:e9:ab:5e:
                    fe:68:c4:24:07:73:a9:6a:74:3d:2a:2d:f4:99:3d:
                    c6:3e:92:1f:af:36:47:ee:ef:0d:87:d7:ac:28:25:
                    6c:2e:70:5d:61:3c:87:54:5d:f5:05:9f:d4:ad:ff:
                    a4:cd:aa:a0:da:fb:5d:3f:06:05:3a:99:80:f1:7f:
                    b6:99:1e:06:87:c4:5b:c6:ad:3f:71:43:1b:4e:fe:
                    70:63:53:81:ba:88:84:90:1a:62:d7:02:cc:29:aa:
                    ad:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:E9:11:8C:F2:76:C2:BA:66:28:79:52:20:DD:1B:26:AC:32:CA:C4
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:3b:65:43:bd:1e:48:c3:87:23:3b:c7:4b:9e:0d:5e:67:18:
         a7:20:95:09:1f:8c:61:a5:0e:4b:16:3d:59:c8:3b:e5:e5:90:
         36:fd:89:b1:a3:b4:9d:03:4d:39:31:09:3e:8e:eb:a6:34:45:
         a7:5e:54:ec:a4:13:9e:a1:08:47:89:46:5d:11:c2:4e:cb:00:
         77:2b:af:d3:a3:2a:24:5c:1b:10:1a:5c:3c:09:3e:97:06:e2:
         26:81:cb:33:a1:c2:6a:e4:c7:f0:fb:33:20:fe:67:17:82:d7:
         e7:12:cf:d3:f0:ff:b1:1a:81:98:85:0f:53:bf:a3:53:d9:27:
         64:39:4a:a6:12:d6:79:0f:91:87:59:40:2f:52:ee:31:55:1e:
         21:5a:42:7d:03:44:78:e2:df:f3:59:9a:1f:5f:05:e6:8b:a8:
         a3:98:54:d5:90:c5:db:c5:a9:cc:b0:f3:34:a3:fc:68:f8:60:
         b3:bc:97:4e:65:1e:de:7d:25:b8:62:eb:4e:06:62:00:15:2b:
         fa:7d:2b:18:59:39:2a:6d:b2:10:d4:8f:12:20:86:d9:10:bf:
         3c:be:54:3f:f6:32:35:f6:5d:c4:db:df:6c:ce:40:2b:21:26:
         53:f5:84:b7:d7:71:4c:fd:c9:8d:80:cf:67:28:e2:d0:eb:b8:
         94:b9:a2:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsKb7PK/Ydza4C9OYtaiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwOTA3MDEwMDQ4WhcNMjUwOTA4MDEwMDQ4WjAzMTEwLwYDVQQD
EygxY2U5MTE4Y2YyNzZjMmJhNjYyODc5NTIyMGRkMWIyNmFjMzJjYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BNlYGPnErgB8YPlSOjly+uPkIEY
PGeNIjLZ8iwJzq6LEvgzXQyZNlu9uAWFLLgKoo7x82jgU05MYbCJb3faQ73283jY
JNTDr8iYt3r7241TR/M7j5tX83OX8LimOUwaS+VYPSSqjFP2qDjq9HHhx5dlqrfX
wlxxvZS+e1Ag1Y/PIa5Os/Dly5gy7nOfp/COevz+/+E8Mp9tXDQPRcRf5YPpq17+
aMQkB3OpanQ9Ki30mT3GPpIfrzZH7u8Nh9esKCVsLnBdYTyHVF31BZ/Urf+kzaqg
2vtdPwYFOpmA8X+2mR4Gh8Rbxq0/cUMbTv5wY1OBuoiEkBpi1wLMKaqtdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzpEYzydsK6Zih5UiDdGyasMsrEMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTtlQ70e
SMOHIzvHS54NXmcYpyCVCR+MYaUOSxY9Wcg75eWQNv2JsaO0nQNNOTEJPo7rpjRF
p15U7KQTnqEIR4lGXRHCTssAdyuv06MqJFwbEBpcPAk+lwbiJoHLM6HCauTH8Psz
IP5nF4LX5xLP0/D/sRqBmIUPU7+jU9knZDlKphLWeQ+Rh1lAL1LuMVUeIVpCfQNE
eOLf81maH18F5ouoo5hU1ZDF28WpzLDzNKP8aPhgs7yXTmUe3n0luGLrTgZiABUr
+n0rGFk5Km2yENSPEiCG2RC/PL5UP/YyNfZdxNvfbM5AKyEmU/WEt9dxTP3JjYDP
Zyji0Ou4lLmiKQ==
-----END CERTIFICATE-----