Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          rLkfdjjEn365+0annGpbG8UYgiAHLsZoyADdRL1md1M=
Subject key identifier:   4B:72:A8:70:1C:B3:84:9D:A1:D5:FE:B6:94:66:68:16:D0:17:0D:B7
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       0197481E5D8256CF8999DC17EDD01D577865
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          0427
Signing time:             Sat 07 Jun 2025 02:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 02:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 02:00:38 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: ivfz4IBI8wbjU4JUksO5fk0KfYHveanSN2Rvq4Fw31Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 02:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:1e:5d:82:56:cf:89:99:dc:17:ed:d0:1d:57:78:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Jun  7 02:00:38 2025 GMT
            Not After : Jun  8 02:00:38 2025 GMT
        Subject: CN=4b72a8701cb3849da1d5feb694666816d0170db7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:07:d2:b8:27:7f:15:40:e6:86:64:47:6e:47:
                    02:85:22:7f:a3:9a:58:76:d4:e9:17:47:aa:ee:3f:
                    24:8f:9b:c7:1d:1f:b8:60:43:c0:0b:6f:71:e5:09:
                    82:16:64:56:f6:84:78:c4:51:3e:c2:78:1a:75:f9:
                    45:22:e4:4e:04:09:96:44:13:76:7e:38:e9:9b:20:
                    82:08:ee:ae:3b:0b:55:62:f9:6e:b0:ba:41:4c:bf:
                    e9:82:dc:c1:d0:05:09:9b:41:98:43:1d:e9:12:95:
                    28:55:d2:cf:73:6c:1d:22:6a:1b:6d:d3:85:7c:3b:
                    58:06:5a:fc:b0:00:2b:1d:92:05:54:61:0f:6d:1b:
                    c8:80:e4:fb:c2:ef:d1:58:2b:93:99:54:09:ce:88:
                    fc:96:50:fb:0f:19:33:79:b8:15:e7:04:18:39:58:
                    63:a2:3e:c2:ea:89:5f:41:1a:68:26:4f:f9:5d:2d:
                    7f:55:8a:ca:d2:a3:4f:a4:bc:e3:53:bf:ee:74:85:
                    fc:9d:91:b2:8f:65:c7:84:5c:cc:26:b4:af:13:75:
                    2a:30:f5:22:dc:b1:2c:72:48:ed:19:20:43:63:a9:
                    9e:fa:d2:a3:6e:9c:b5:0f:dc:9e:3b:39:c8:0f:ef:
                    69:f2:cc:75:7d:d6:b5:48:cf:be:25:c2:02:45:67:
                    50:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:72:A8:70:1C:B3:84:9D:A1:D5:FE:B6:94:66:68:16:D0:17:0D:B7
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:9f:ac:56:d8:32:f5:ed:a5:77:9f:db:91:86:9e:ed:75:37:
         81:44:b2:78:94:83:36:e1:73:dd:7b:60:d4:de:e3:08:5e:18:
         8f:9a:ca:22:dd:00:03:9f:15:2a:90:fe:68:07:57:0a:d1:bf:
         b4:4f:59:2d:f3:b3:39:99:d4:a2:53:7a:4c:03:6f:b9:b4:bd:
         e1:b0:bb:e1:3e:22:40:af:f5:ce:54:bf:65:56:55:2d:cb:15:
         64:8f:45:2f:19:8b:72:ad:a8:21:13:75:1f:84:08:a7:dc:5c:
         61:38:25:f3:5b:ce:d0:70:2a:05:52:cc:29:ef:0d:ca:93:b3:
         21:58:3d:6b:de:b7:ce:57:f3:28:09:18:4f:45:c7:62:08:d7:
         b7:3d:ef:3d:38:df:1f:3b:db:e3:89:c9:8e:59:6d:ba:41:b2:
         18:e4:31:22:b5:c9:7d:d1:0a:c8:50:35:96:5e:7e:4d:29:bc:
         26:24:43:17:ef:bc:68:f8:fd:29:e5:0a:fc:0b:07:57:c0:00:
         c5:a4:79:a9:72:26:7d:b8:4b:63:76:2a:e5:bc:c4:83:0d:83:
         d1:e9:11:90:93:01:67:a3:c7:8b:19:af:9d:6c:a8:72:0e:26:
         64:4a:03:45:80:11:d8:d3:02:40:2d:ac:f5:cf:cc:33:b0:88:
         03:50:47:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIHl2CVs+JmdwX7dAdV3hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwNjA3MDIwMDM4WhcNMjUwNjA4MDIwMDM4WjAzMTEwLwYDVQQD
Eyg0YjcyYTg3MDFjYjM4NDlkYTFkNWZlYjY5NDY2NjgxNmQwMTcwZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AfSuCd/FUDmhmRHbkcChSJ/o5pY
dtTpF0eq7j8kj5vHHR+4YEPAC29x5QmCFmRW9oR4xFE+wngadflFIuROBAmWRBN2
fjjpmyCCCO6uOwtVYvlusLpBTL/pgtzB0AUJm0GYQx3pEpUoVdLPc2wdImobbdOF
fDtYBlr8sAArHZIFVGEPbRvIgOT7wu/RWCuTmVQJzoj8llD7DxkzebgV5wQYOVhj
oj7C6olfQRpoJk/5XS1/VYrK0qNPpLzjU7/udIX8nZGyj2XHhFzMJrSvE3UqMPUi
3LEsckjtGSBDY6me+tKjbpy1D9yeOznID+9p8sx1fda1SM++JcICRWdQlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtyqHAcs4SdodX+tpRmaBbQFw23MB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm5+sVtgy
9e2ld5/bkYae7XU3gUSyeJSDNuFz3Xtg1N7jCF4Yj5rKIt0AA58VKpD+aAdXCtG/
tE9ZLfOzOZnUolN6TANvubS94bC74T4iQK/1zlS/ZVZVLcsVZI9FLxmLcq2oIRN1
H4QIp9xcYTgl81vO0HAqBVLMKe8NypOzIVg9a963zlfzKAkYT0XHYgjXtz3vPTjf
Hzvb44nJjlltukGyGOQxIrXJfdEKyFA1ll5+TSm8JiRDF++8aPj9KeUK/AsHV8AA
xaR5qXImfbhLY3Yq5bzEgw2D0ekRkJMBZ6PHixmvnWyocg4mZEoDRYAR2NMCQC2s
9c/MM7CIA1BHkg==
-----END CERTIFICATE-----