Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          ZKUVgN1g1KaAa0cp4ak004yjDGXxx9pY+qUPS3bFR8g=
Subject key identifier:   82:32:C9:6E:D7:4E:06:3B:91:23:ED:0D:7D:85:EB:5C:C0:63:A6:48
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       01974CA0224E9F63D75E7145B7C22890D250
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          042D
Signing time:             Sat 07 Jun 2025 23:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 23:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 23:00:52 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: Q+D0s1jtaj9Sxo+7fn/jtQzQHSE6Vu2+ZOlgGSKvdHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:a0:22:4e:9f:63:d7:5e:71:45:b7:c2:28:90:d2:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Jun  7 23:00:52 2025 GMT
            Not After : Jun  8 23:00:52 2025 GMT
        Subject: CN=8232c96ed74e063b9123ed0d7d85eb5cc063a648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:af:d0:8d:9e:2c:16:7a:35:25:94:3b:54:ad:
                    d8:fe:39:a2:c3:8a:69:fa:b3:ce:0b:a6:6b:a5:ec:
                    4d:ed:ef:c2:53:c7:d5:55:c4:7e:d1:9e:a6:fb:d9:
                    df:90:58:27:88:34:62:d4:b9:c6:60:66:e5:95:48:
                    c0:8e:73:00:63:43:97:16:fb:ad:47:91:c8:1e:3f:
                    99:f5:9e:1f:fa:bf:90:e9:65:2b:3a:11:72:d2:c8:
                    fd:b8:b3:37:a8:3d:ea:62:fb:a5:2a:b1:d4:01:bc:
                    83:a0:55:bc:63:f4:fd:01:71:51:df:ed:c0:31:64:
                    0e:68:da:6e:ba:54:d1:1b:6c:c6:de:17:0a:77:3a:
                    01:53:3d:28:70:69:6c:52:d0:7d:05:1f:d6:cc:cb:
                    a2:f0:65:d5:5b:b8:6d:e9:5f:bd:76:86:11:00:d0:
                    63:da:2d:fe:7f:3d:ca:d2:ad:ca:2f:4d:d7:6d:27:
                    7b:66:17:46:ca:9d:e6:25:e8:a3:de:0f:39:e5:42:
                    61:8d:10:24:6f:d7:bb:a9:ee:56:0e:b5:af:69:bd:
                    6f:6d:3e:66:d0:94:60:af:e5:5e:47:d5:4a:7a:76:
                    ea:c0:c6:f8:e1:18:45:83:4b:a2:72:c7:ff:39:9d:
                    9e:03:64:ce:5b:73:bd:d9:2f:00:9f:b4:7d:da:a2:
                    36:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:32:C9:6E:D7:4E:06:3B:91:23:ED:0D:7D:85:EB:5C:C0:63:A6:48
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:61:77:f5:ee:21:ee:4b:f0:c3:74:a5:c2:2e:d1:01:01:c6:
         b4:82:39:95:3f:f0:75:7c:17:45:ff:6d:95:f2:d1:8a:6a:e0:
         70:bf:9d:e9:3c:56:78:da:c8:18:87:8c:3e:63:35:74:73:61:
         1a:b3:b7:21:a6:4e:45:0e:8a:e7:c8:b4:d7:7e:2c:1f:43:29:
         c4:26:74:16:2b:08:60:e4:e1:92:f3:70:0b:ab:76:c3:73:ef:
         e8:3b:00:4b:2a:b9:a2:20:83:b6:e4:d6:4d:3b:34:1d:3c:57:
         5e:27:fd:7f:88:b3:77:47:cc:1f:00:7f:36:d6:3d:4c:48:36:
         fd:db:7d:2c:25:6c:fe:eb:10:1a:bc:0e:7f:3d:a2:6f:cb:59:
         cc:ad:2f:90:73:95:69:b0:c9:ff:df:57:6b:43:22:76:3b:d0:
         03:e7:0c:e9:d4:66:4b:65:4d:84:a2:ec:fa:46:70:d7:0d:2b:
         9c:8f:65:6d:d7:cd:2e:66:95:0c:84:b4:c8:05:b3:cd:88:12:
         a2:23:b3:9d:6a:5f:8d:ea:da:3e:df:25:c2:53:e5:f0:f9:3f:
         0a:46:96:75:4e:b1:33:16:ba:d1:18:23:ad:c4:bd:f8:2a:dd:
         01:48:78:2c:54:f6:46:50:1e:b5:0b:4f:8a:23:e5:85:7a:a4:
         c0:30:24:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMoCJOn2PXXnFFt8IokNJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjUwNjA3MjMwMDUyWhcNMjUwNjA4MjMwMDUyWjAzMTEwLwYDVQQD
Eyg4MjMyYzk2ZWQ3NGUwNjNiOTEyM2VkMGQ3ZDg1ZWI1Y2MwNjNhNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q/QjZ4sFno1JZQ7VK3Y/jmiw4pp
+rPOC6ZrpexN7e/CU8fVVcR+0Z6m+9nfkFgniDRi1LnGYGbllUjAjnMAY0OXFvut
R5HIHj+Z9Z4f+r+Q6WUrOhFy0sj9uLM3qD3qYvulKrHUAbyDoFW8Y/T9AXFR3+3A
MWQOaNpuulTRG2zG3hcKdzoBUz0ocGlsUtB9BR/WzMui8GXVW7ht6V+9doYRANBj
2i3+fz3K0q3KL03XbSd7ZhdGyp3mJeij3g855UJhjRAkb9e7qe5WDrWvab1vbT5m
0JRgr+VeR9VKenbqwMb44RhFg0uicsf/OZ2eA2TOW3O92S8An7R92qI2AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIyyW7XTgY7kSPtDX2F61zAY6ZIMB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfWF39e4h
7kvww3Slwi7RAQHGtII5lT/wdXwXRf9tlfLRimrgcL+d6TxWeNrIGIeMPmM1dHNh
GrO3IaZORQ6K58i0134sH0MpxCZ0FisIYOThkvNwC6t2w3Pv6DsASyq5oiCDtuTW
TTs0HTxXXif9f4izd0fMHwB/NtY9TEg2/dt9LCVs/usQGrwOfz2ib8tZzK0vkHOV
abDJ/99Xa0MidjvQA+cM6dRmS2VNhKLs+kZw1w0rnI9lbdfNLmaVDIS0yAWzzYgS
oiOznWpfjeraPt8lwlPl8Pk/CkaWdU6xMxa60RgjrcS9+CrdAUh4LFT2RlAetQtP
iiPlhXqkwDAkMQ==
-----END CERTIFICATE-----