Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          LfClTqi0kX68xJmNp8L3qS911zKTurvCjoZ2kxTKZUI=
Subject key identifier:   FF:84:33:11:3A:85:75:A4:91:FA:20:24:EB:3B:5B:AF:B2:3D:94:3C
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       01992331494C5B5D4C070D5DAF7CC6A968EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          051D
Signing time:             Sun 07 Sep 2025 08:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:56 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: D65rmSa279PV2K8WyugroQ0zwDZKEC7UoDkw4C9XjhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:49:4c:5b:5d:4c:07:0d:5d:af:7c:c6:a9:68:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Sep  7 08:00:56 2025 GMT
            Not After : Sep  8 08:00:56 2025 GMT
        Subject: CN=ff8433113a8575a491fa2024eb3b5bafb23d943c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c1:20:ea:2e:1e:20:0f:f7:c1:c8:43:60:8b:
                    33:35:8b:68:b2:13:2b:e0:bb:f6:ac:6b:c1:df:9f:
                    7c:0b:ee:72:64:7e:2b:62:ac:95:8b:8d:a0:18:40:
                    96:0f:11:6b:13:02:45:3b:84:00:cc:25:7b:ee:6f:
                    44:1b:68:7d:db:5f:f8:18:96:f7:a9:df:19:6f:a1:
                    03:59:ea:e8:60:cc:ab:bd:32:34:16:48:16:c7:b0:
                    ae:16:ce:ff:7b:a7:dc:d3:d9:26:bd:8b:e6:71:aa:
                    13:c5:8a:ec:ee:ef:c1:ff:78:56:9e:5a:c2:8b:ab:
                    c3:9f:cb:60:6e:0c:3c:b7:6f:2b:fa:0c:b7:6d:0e:
                    f9:e5:d6:f2:f5:8b:c2:84:e2:6e:0d:a7:d4:3e:54:
                    77:16:6f:ab:36:11:9f:d5:6a:dd:2c:68:53:cc:c3:
                    6c:62:a0:9e:a2:79:f9:78:39:e1:67:b5:0e:14:ea:
                    28:e9:6f:fa:3b:3d:16:01:18:82:32:61:bb:8c:8b:
                    9e:80:11:1b:6b:06:66:f3:07:e4:0a:3b:11:5f:de:
                    a3:6e:57:c6:b5:23:2c:45:68:d9:31:da:19:9c:34:
                    b0:89:89:ca:53:99:50:60:b8:de:80:ef:bb:4d:68:
                    a0:88:35:f1:26:55:f3:67:42:ae:50:b4:5d:1d:2a:
                    2e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:84:33:11:3A:85:75:A4:91:FA:20:24:EB:3B:5B:AF:B2:3D:94:3C
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:48:3a:0a:c4:80:24:70:83:e0:64:6b:f5:5d:35:e4:a4:83:
         bb:6f:bc:98:d2:c8:93:ee:6d:ce:77:fc:b0:f8:ff:ff:57:03:
         9c:5b:b4:29:1c:9a:6b:87:a6:a0:04:74:3d:24:e4:82:60:9a:
         14:ca:d7:7c:c0:9d:23:7c:21:cf:3d:a4:88:60:a1:be:e1:aa:
         16:64:88:0b:ea:2d:c9:a9:94:6b:a0:65:45:c2:0e:aa:5b:5b:
         0e:0a:5b:34:54:b5:a5:20:6f:c1:4e:ec:23:d5:bf:63:9f:73:
         90:e8:86:66:2c:70:2c:fa:f9:bc:86:9c:af:d3:7a:25:48:51:
         2d:93:9f:3e:ff:8e:e5:36:2d:a3:fe:5c:1b:59:b5:a2:a4:df:
         6a:df:c7:35:25:03:25:8c:81:c9:c1:fd:7c:34:2d:33:63:03:
         33:cc:b8:06:5b:ae:08:c7:51:aa:43:c4:db:2b:0f:ac:f7:5b:
         ec:15:96:64:5d:59:00:6f:a0:f7:dd:7f:ba:8b:17:71:7e:c8:
         5d:54:44:28:85:0a:5c:ca:25:df:51:82:02:68:80:8b:fe:1b:
         5d:0b:d8:ff:2e:4b:8a:42:78:59:d7:27:75:36:28:ef:82:ab:
         85:e2:e3:c8:77:f5:db:0e:f8:f4:38:70:d7:e2:00:79:1d:f0:
         0e:fd:51:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMUlMW11MBw1dr3zGqWjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwOTA3MDgwMDU2WhcNMjUwOTA4MDgwMDU2WjAzMTEwLwYDVQQD
EyhmZjg0MzMxMTNhODU3NWE0OTFmYTIwMjRlYjNiNWJhZmIyM2Q5NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Eg6i4eIA/3wchDYIszNYtoshMr
4Lv2rGvB3598C+5yZH4rYqyVi42gGECWDxFrEwJFO4QAzCV77m9EG2h921/4GJb3
qd8Zb6EDWeroYMyrvTI0FkgWx7CuFs7/e6fc09kmvYvmcaoTxYrs7u/B/3hWnlrC
i6vDn8tgbgw8t28r+gy3bQ755dby9YvChOJuDafUPlR3Fm+rNhGf1WrdLGhTzMNs
YqCeonn5eDnhZ7UOFOoo6W/6Oz0WARiCMmG7jIuegBEbawZm8wfkCjsRX96jblfG
tSMsRWjZMdoZnDSwiYnKU5lQYLjegO+7TWigiDXxJlXzZ0KuULRdHSoulwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+EMxE6hXWkkfogJOs7W6+yPZQ8MB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEg6CsSA
JHCD4GRr9V015KSDu2+8mNLIk+5tznf8sPj//1cDnFu0KRyaa4emoAR0PSTkgmCa
FMrXfMCdI3whzz2kiGChvuGqFmSIC+otyamUa6BlRcIOqltbDgpbNFS1pSBvwU7s
I9W/Y59zkOiGZixwLPr5vIacr9N6JUhRLZOfPv+O5TYto/5cG1m1oqTfat/HNSUD
JYyBycH9fDQtM2MDM8y4BluuCMdRqkPE2ysPrPdb7BWWZF1ZAG+g991/uosXcX7I
XVREKIUKXMol31GCAmiAi/4bXQvY/y5LikJ4WdcndTYo74KrheLjyHf12w749Dhw
1+IAeR3wDv1Rsg==
-----END CERTIFICATE-----