Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          /fZ3Qmtu6p9Q2C+cOhhsJ1B8EFeSe3Qr/+HxVngXqrI=
Subject key identifier:   BB:FB:9B:21:D4:68:43:8E:61:35:00:F3:15:13:6E:A6:A0:F2:21:00
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019759EDF94EA895A52E24AFA71DC39CE393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1555
Signing time:             Tue 10 Jun 2025 13:00:57 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:57 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:57 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: uXVx5pvNaAZMp9Iak5tmHU/qh6M6tMH0LTHpMQD+yXY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:f9:4e:a8:95:a5:2e:24:af:a7:1d:c3:9c:e3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Jun 10 13:00:57 2025 GMT
            Not After : Jun 11 13:00:57 2025 GMT
        Subject: CN=bbfb9b21d468438e613500f315136ea6a0f22100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:ad:cc:ea:bc:3d:34:f3:83:e8:11:86:7d:60:
                    38:1d:9c:e5:f8:da:57:16:15:f0:4e:8b:ea:06:31:
                    27:9d:a0:76:6b:2b:a0:ad:d1:16:f6:26:f0:49:66:
                    12:10:9e:67:d8:d5:29:72:ed:b5:fc:ab:2a:1c:f8:
                    95:d2:90:af:fc:53:0f:3a:a6:94:58:4c:34:f3:01:
                    9c:dc:3d:c7:2e:74:0e:cd:2e:3b:b3:7a:b2:2c:eb:
                    15:ea:65:36:63:f7:8f:5d:92:1e:5a:4c:6a:61:f0:
                    97:54:8f:97:c2:c2:70:99:1f:9b:e8:be:bf:1d:14:
                    23:00:23:6a:0f:15:18:a4:5a:21:3f:77:b4:13:25:
                    4e:4d:b9:1a:c9:0c:7f:f1:c3:ee:98:ea:ef:92:af:
                    e9:8f:9a:0c:d5:92:10:e1:83:2c:01:b7:90:b0:11:
                    aa:5c:1d:2d:11:c0:78:12:fe:ec:b3:69:12:15:99:
                    cb:7b:8b:93:ad:7b:f9:ed:98:80:19:59:e9:ee:67:
                    d0:72:c1:07:c3:0a:ff:bc:cf:1d:d8:3e:4d:85:5a:
                    c0:97:e2:1b:ae:d6:41:3a:46:ac:ed:08:21:da:5b:
                    a2:f5:4e:75:e9:b8:a0:ce:ab:10:2e:38:04:18:e6:
                    f4:38:ea:4b:1b:f6:9a:b6:20:59:c5:49:42:f9:b0:
                    ee:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FB:9B:21:D4:68:43:8E:61:35:00:F3:15:13:6E:A6:A0:F2:21:00
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:33:84:2c:a1:fb:d0:80:fe:14:68:5a:e1:b0:fc:1d:13:ab:
         c2:bf:6b:61:1c:a0:15:60:21:d5:f4:54:a1:61:46:81:95:52:
         e3:fc:0d:7c:e0:27:b6:9a:ff:ac:b2:6d:0b:52:64:48:7f:14:
         6f:03:de:85:cd:74:06:22:92:9c:be:93:22:4b:2a:51:17:fc:
         99:66:30:df:3d:a3:ed:6c:fe:7e:0c:0c:db:0b:8b:78:91:f2:
         0a:81:f3:c0:9f:c2:84:ea:0f:34:a3:63:16:a6:e7:03:4f:99:
         80:73:eb:aa:eb:b5:15:64:2b:20:11:d8:7b:8b:b2:f3:31:d4:
         25:bd:3e:b8:e1:a9:cb:e5:69:32:a4:19:64:25:14:7d:79:2a:
         fc:20:ae:7f:b7:31:a3:d5:33:5d:d0:d4:ee:fd:99:bb:ad:90:
         a9:99:a9:6f:ab:bc:08:db:05:52:34:7d:42:21:04:7b:7c:88:
         ba:f4:22:86:b0:77:e6:3e:66:37:ab:cb:76:ad:77:d9:d2:bc:
         ca:67:14:71:60:e1:47:52:78:7d:b8:62:a5:92:ad:be:e5:de:
         5b:c2:cd:bf:52:70:bd:4e:5c:53:47:21:ea:6f:86:4a:30:36:
         77:08:1a:15:26:7b:88:c2:f0:02:da:ab:7e:bd:94:3e:11:7d:
         a3:a3:a6:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7flOqJWlLiSvpx3DnOOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwNjEwMTMwMDU3WhcNMjUwNjExMTMwMDU3WjAzMTEwLwYDVQQD
EyhiYmZiOWIyMWQ0Njg0MzhlNjEzNTAwZjMxNTEzNmVhNmEwZjIyMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+q3M6rw9NPOD6BGGfWA4HZzl+NpX
FhXwTovqBjEnnaB2ayugrdEW9ibwSWYSEJ5n2NUpcu21/KsqHPiV0pCv/FMPOqaU
WEw08wGc3D3HLnQOzS47s3qyLOsV6mU2Y/ePXZIeWkxqYfCXVI+XwsJwmR+b6L6/
HRQjACNqDxUYpFohP3e0EyVOTbkayQx/8cPumOrvkq/pj5oM1ZIQ4YMsAbeQsBGq
XB0tEcB4Ev7ss2kSFZnLe4uTrXv57ZiAGVnp7mfQcsEHwwr/vM8d2D5NhVrAl+Ib
rtZBOkas7Qgh2lui9U516bigzqsQLjgEGOb0OOpLG/aatiBZxUlC+bDuEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv7myHUaEOOYTUA8xUTbqag8iEAMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjOELKH7
0ID+FGha4bD8HROrwr9rYRygFWAh1fRUoWFGgZVS4/wNfOAntpr/rLJtC1JkSH8U
bwPehc10BiKSnL6TIksqURf8mWYw3z2j7Wz+fgwM2wuLeJHyCoHzwJ/ChOoPNKNj
FqbnA0+ZgHPrquu1FWQrIBHYe4uy8zHUJb0+uOGpy+VpMqQZZCUUfXkq/CCuf7cx
o9UzXdDU7v2Zu62QqZmpb6u8CNsFUjR9QiEEe3yIuvQihrB35j5mN6vLdq132dK8
ymcUcWDhR1J4fbhipZKtvuXeW8LNv1JwvU5cU0ch6m+GSjA2dwgaFSZ7iMLwAtqr
fr2UPhF9o6OmDw==
-----END CERTIFICATE-----