Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          ljJrwOKvJeHrpQetvhZkLndmpC4AciiBSLuk0PpXAq8=
Subject key identifier:   A5:FA:F8:79:4B:8D:39:CF:1E:3D:3C:F0:30:45:3E:24:BE:F9:A9:8E
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       019A71B8ED830BE65DCBD61E8208CB709494
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0A37
Signing time:             Tue 11 Nov 2025 07:02:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:16 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: nPdK8JFuYVfHzclYSRCu9MLjWajh1P8SApxINU4rqhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ed:83:0b:e6:5d:cb:d6:1e:82:08:cb:70:94:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Nov 11 07:02:16 2025 GMT
            Not After : Nov 12 07:02:16 2025 GMT
        Subject: CN=a5faf8794b8d39cf1e3d3cf030453e24bef9a98e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d3:b5:b5:f3:ca:94:8f:a1:d4:65:56:56:8d:
                    48:a9:0f:be:d2:e9:40:22:05:58:b8:c1:30:40:fd:
                    c8:91:b3:ab:5c:c7:25:d7:7a:bb:51:cf:86:40:b5:
                    b5:90:bb:1a:8a:d9:b5:68:f6:f3:c1:12:2f:f2:13:
                    17:e0:cf:03:8c:5a:21:af:d9:e8:5d:aa:6b:53:bd:
                    dc:72:d7:4d:59:58:cc:0f:89:8c:c4:ea:c3:0b:68:
                    24:ad:9a:60:4a:44:5c:4f:bb:69:63:7a:80:79:b4:
                    52:9a:c9:fc:9d:72:00:65:b3:c0:7b:72:18:b5:80:
                    d2:b3:57:aa:72:ed:bb:88:b7:64:bc:4e:02:f9:af:
                    3d:46:bd:fe:45:6f:3b:69:21:87:63:c7:0e:b9:15:
                    5e:28:6e:b0:fb:d5:47:cd:4d:9e:a9:33:25:b2:55:
                    9c:d0:e8:96:13:59:2f:f1:87:e3:ae:d3:9f:fc:f9:
                    e7:e7:ff:6e:26:9d:f8:b5:6d:1b:da:99:f3:50:7b:
                    7c:e6:8c:cc:8a:4b:09:0e:c8:06:9e:0d:9a:c4:18:
                    57:34:df:20:87:40:34:1c:a5:69:7d:52:7c:ba:d6:
                    3b:e5:c1:1e:f1:e9:e7:65:52:73:c3:c0:aa:92:2a:
                    0c:ec:cb:a4:ea:ed:59:42:64:ef:cb:ec:5f:57:50:
                    3e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:FA:F8:79:4B:8D:39:CF:1E:3D:3C:F0:30:45:3E:24:BE:F9:A9:8E
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:82:b6:f7:58:36:b7:70:98:f2:b2:d7:82:bd:04:f8:4b:53:
         14:4b:bf:ac:d3:bb:f1:c1:35:8e:ec:46:bf:21:e7:45:db:62:
         0a:98:17:dc:94:bf:45:80:5c:75:c2:0d:0e:3b:d5:0f:62:62:
         2e:5e:28:52:9d:d0:33:c5:8b:7c:f2:23:f2:3c:2d:d9:ff:14:
         6f:32:e8:c7:22:36:73:8f:5f:45:c9:25:bc:cb:a2:20:9f:4c:
         78:86:e3:77:14:52:22:ae:6d:c8:b5:26:cd:de:96:01:08:ab:
         45:9a:c1:9e:d2:db:61:ea:ab:3c:41:72:47:4d:95:1e:f3:0c:
         7b:12:ba:ea:19:fc:f0:50:df:c0:e5:d5:7e:75:67:b8:ba:d5:
         00:25:9b:d1:91:ae:b4:cf:ee:dd:08:ca:46:da:26:61:7e:49:
         6f:87:cb:3f:a5:f9:36:29:be:fc:c1:b7:d4:7a:5d:09:18:25:
         45:78:d1:19:bb:f1:78:3d:6d:8b:f8:0f:d4:ca:04:6a:0a:3b:
         db:07:84:d7:7e:1d:c2:1a:59:bf:ec:b7:42:a8:2a:b4:08:e9:
         3d:7a:b7:6a:21:57:e9:ee:c1:7b:e2:56:0f:80:f7:51:bb:85:
         01:34:15:5d:b1:fe:0c:21:8e:92:f9:08:c1:a9:b0:31:2c:0c:
         72:a1:bb:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuO2DC+Zdy9YeggjLcJSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUxMTExMDcwMjE2WhcNMjUxMTEyMDcwMjE2WjAzMTEwLwYDVQQD
EyhhNWZhZjg3OTRiOGQzOWNmMWUzZDNjZjAzMDQ1M2UyNGJlZjlhOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudO1tfPKlI+h1GVWVo1IqQ++0ulA
IgVYuMEwQP3IkbOrXMcl13q7Uc+GQLW1kLsaitm1aPbzwRIv8hMX4M8DjFohr9no
XaprU73cctdNWVjMD4mMxOrDC2gkrZpgSkRcT7tpY3qAebRSmsn8nXIAZbPAe3IY
tYDSs1eqcu27iLdkvE4C+a89Rr3+RW87aSGHY8cOuRVeKG6w+9VHzU2eqTMlslWc
0OiWE1kv8YfjrtOf/Pnn5/9uJp34tW0b2pnzUHt85ozMiksJDsgGng2axBhXNN8g
h0A0HKVpfVJ8utY75cEe8ennZVJzw8CqkioM7Muk6u1ZQmTvy+xfV1A+EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX6+HlLjTnPHj088DBFPiS++amOMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGoK291g2
t3CY8rLXgr0E+EtTFEu/rNO78cE1juxGvyHnRdtiCpgX3JS/RYBcdcINDjvVD2Ji
Ll4oUp3QM8WLfPIj8jwt2f8UbzLoxyI2c49fRcklvMuiIJ9MeIbjdxRSIq5tyLUm
zd6WAQirRZrBntLbYeqrPEFyR02VHvMMexK66hn88FDfwOXVfnVnuLrVACWb0ZGu
tM/u3QjKRtomYX5Jb4fLP6X5Nim+/MG31HpdCRglRXjRGbvxeD1ti/gP1MoEago7
2weE134dwhpZv+y3QqgqtAjpPXq3aiFX6e7Be+JWD4D3UbuFATQVXbH+DCGOkvkI
wamwMSwMcqG7YA==
-----END CERTIFICATE-----