Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          c8vQAZtrBQCTN5t2g+mfKKnxS6dDjR8N1AVux5+VKbw=
Subject key identifier:   11:C6:68:DD:09:65:ED:C7:CF:6D:F5:C3:EB:D6:2B:E6:6E:35:52:52
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       0199239EADF6968C4889E34CDB02FA79AFE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          098A
Signing time:             Sun 07 Sep 2025 10:00:25 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:25 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:25 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: gDOxJRRDG1LAvfxSXGI1Vgrgw3MiMa6hz9URk1NRXfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:ad:f6:96:8c:48:89:e3:4c:db:02:fa:79:af:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Sep  7 10:00:25 2025 GMT
            Not After : Sep  8 10:00:25 2025 GMT
        Subject: CN=11c668dd0965edc7cf6df5c3ebd62be66e355252
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d0:0b:93:33:6d:62:fd:cd:bb:d2:87:73:65:
                    52:47:cc:29:e4:c7:b0:17:84:65:98:bf:92:b0:51:
                    37:ee:f6:e2:03:93:b1:9a:9b:20:f9:78:2d:6e:8b:
                    29:5e:a4:fc:05:c4:d8:49:64:f9:d7:0f:a0:1f:ec:
                    11:9f:2c:2f:bb:6e:dd:cb:cb:08:55:d6:6c:bc:c5:
                    3c:e9:91:39:5f:01:a4:3b:b3:12:d8:82:b4:a6:74:
                    58:90:3c:01:e3:9b:8c:3b:20:18:01:d6:7f:3a:ba:
                    34:b1:a2:bc:fc:ef:d8:6d:68:dc:81:b0:36:2b:40:
                    11:63:96:ae:29:73:ff:87:91:78:49:31:73:65:fb:
                    03:53:f1:f1:48:de:30:88:8e:6c:a2:db:9f:56:0e:
                    64:0c:eb:c1:19:b8:2f:3b:7a:56:03:e2:c9:5d:05:
                    f3:35:3e:79:20:1d:fc:d2:2a:3c:54:85:10:e4:b4:
                    fe:2a:2a:11:49:89:d5:56:f0:f6:84:a0:dc:e3:b2:
                    f3:f2:5c:85:24:b5:66:a4:21:3f:a5:4a:23:a6:fa:
                    7c:4f:17:18:4a:e2:84:d2:18:22:5d:eb:de:46:5e:
                    2a:94:92:71:b8:d4:c2:bf:b6:3f:bd:32:b8:f8:46:
                    1a:27:ae:5e:ae:28:08:c9:5c:96:50:ba:c7:55:1d:
                    b0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C6:68:DD:09:65:ED:C7:CF:6D:F5:C3:EB:D6:2B:E6:6E:35:52:52
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ca:66:1e:d0:b8:00:9f:d3:d1:7c:ac:32:a2:06:21:a4:7a:
         da:c6:41:bb:f3:6d:74:b5:fb:99:79:70:8c:f2:e0:5b:3b:4d:
         0c:86:f8:37:57:cc:60:d4:64:73:a6:ed:2e:0d:f2:6a:e7:9b:
         6d:1c:c5:d2:2a:a2:12:71:20:ec:88:d6:06:a9:9d:2e:bd:dd:
         c3:65:20:4d:bd:b8:12:22:70:e5:fa:82:27:eb:5b:62:87:1a:
         ce:8f:6a:96:5f:2c:03:c6:0b:54:ff:c2:61:50:b6:41:d6:6b:
         72:ae:f3:e1:b9:1f:bf:c3:e2:36:87:a5:2e:a6:f7:c1:19:ff:
         69:ac:78:ba:bb:29:c5:93:19:7a:9d:8f:51:d0:ec:b1:a9:3b:
         4f:74:7e:83:85:20:03:c4:08:cd:cd:b1:8e:f9:d3:76:44:66:
         5f:ba:68:14:65:75:f9:c4:02:9e:25:44:95:77:ac:95:b5:dd:
         53:a4:60:28:e2:94:de:00:b3:b7:dd:ea:92:5b:e2:dd:54:c0:
         01:c8:f8:f0:4a:01:92:7b:29:ac:f9:82:bd:2b:f9:42:a3:27:
         1a:f6:3f:a9:37:ac:41:fd:bc:11:bb:4b:0c:67:ad:20:93:9f:
         1a:9d:f4:b7:6c:dd:2f:9a:5a:c6:c6:30:b7:2b:c1:8d:c4:a3:
         71:66:bb:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnq32loxIieNM2wL6ea/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwOTA3MTAwMDI1WhcNMjUwOTA4MTAwMDI1WjAzMTEwLwYDVQQD
EygxMWM2NjhkZDA5NjVlZGM3Y2Y2ZGY1YzNlYmQ2MmJlNjZlMzU1MjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NALkzNtYv3Nu9KHc2VSR8wp5Mew
F4RlmL+SsFE37vbiA5Oxmpsg+XgtbospXqT8BcTYSWT51w+gH+wRnywvu27dy8sI
VdZsvMU86ZE5XwGkO7MS2IK0pnRYkDwB45uMOyAYAdZ/Oro0saK8/O/YbWjcgbA2
K0ARY5auKXP/h5F4STFzZfsDU/HxSN4wiI5sotufVg5kDOvBGbgvO3pWA+LJXQXz
NT55IB380io8VIUQ5LT+KioRSYnVVvD2hKDc47Lz8lyFJLVmpCE/pUojpvp8TxcY
SuKE0hgiXeveRl4qlJJxuNTCv7Y/vTK4+EYaJ65erigIyVyWULrHVR2wNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHGaN0JZe3Hz231w+vWK+ZuNVJSMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkcpmHtC4
AJ/T0XysMqIGIaR62sZBu/NtdLX7mXlwjPLgWztNDIb4N1fMYNRkc6btLg3yaueb
bRzF0iqiEnEg7IjWBqmdLr3dw2UgTb24EiJw5fqCJ+tbYocazo9qll8sA8YLVP/C
YVC2QdZrcq7z4bkfv8PiNoelLqb3wRn/aax4urspxZMZep2PUdDssak7T3R+g4Ug
A8QIzc2xjvnTdkRmX7poFGV1+cQCniVElXeslbXdU6RgKOKU3gCzt93qklvi3VTA
Acj48EoBknsprPmCvSv5QqMnGvY/qTesQf28EbtLDGetIJOfGp30t2zdL5paxsYw
tyvBjcSjcWa7kw==
-----END CERTIFICATE-----