Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          +xLXiMI99bICnuyb9UcykVLzokRsLoi+NRpRyyM3aAs=
Subject key identifier:   07:3B:7B:1C:4C:B5:D3:A3:A2:38:ED:93:7A:31:FD:4B:19:AF:01:BE
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       01963C1D243F27DC0BE0BE24FD3A38F82F79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0809
Signing time:             Wed 16 Apr 2025 01:01:04 +0000
Manifest this update:     Wed 16 Apr 2025 01:01:04 +0000
Manifest next update:     Thu 17 Apr 2025 01:01:04 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: VrtXhVEJeK+3iH/HfFlpcKx94NOaw5xVe8Bm3auySjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3c:1d:24:3f:27:dc:0b:e0:be:24:fd:3a:38:f8:2f:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Apr 16 01:01:04 2025 GMT
            Not After : Apr 17 01:01:04 2025 GMT
        Subject: CN=073b7b1c4cb5d3a3a238ed937a31fd4b19af01be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d1:8d:1d:c4:02:23:1d:e7:35:92:30:ba:a7:
                    b2:44:30:c9:34:2c:8f:87:60:2b:69:07:36:6e:c1:
                    36:bb:40:dc:00:d6:95:19:44:39:5a:d5:fd:7a:56:
                    d1:42:4c:93:a5:db:5d:82:46:37:36:c6:25:74:13:
                    1a:46:ac:2b:8e:7c:b1:38:25:4b:6a:63:cc:6a:77:
                    d9:5e:0f:8e:3e:61:32:c8:f7:5a:d4:d7:6e:e0:53:
                    99:e7:fa:8a:7a:8e:a0:41:bb:22:1a:71:92:c2:f8:
                    36:bd:8e:fd:46:c3:06:79:5c:04:02:27:6e:c5:40:
                    1f:2f:a8:41:7a:9b:fb:34:b3:99:a0:43:5c:9c:2f:
                    da:38:09:6e:5b:b7:4d:35:01:e6:69:62:b9:d1:cc:
                    24:af:7d:4b:94:89:35:24:fc:d0:ac:78:cf:4e:3f:
                    01:7a:8f:35:c8:37:83:b5:7a:ea:94:bb:68:f0:bb:
                    78:96:ec:6c:fa:c4:69:23:ee:d6:89:f5:24:a5:9d:
                    03:a7:9d:a9:b6:03:49:2c:b0:29:87:cc:95:2f:9b:
                    3b:d5:da:26:89:f8:43:b2:a4:e6:97:9e:31:3c:c3:
                    93:b2:2a:1d:fb:f5:70:71:b9:42:db:2a:2b:15:22:
                    20:55:2c:0b:9b:39:9a:92:a0:4f:4a:40:f0:80:26:
                    7e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3B:7B:1C:4C:B5:D3:A3:A2:38:ED:93:7A:31:FD:4B:19:AF:01:BE
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:be:b5:07:fb:96:a2:32:a1:3e:30:b2:7c:4b:7e:8e:8f:16:
         17:f6:94:cd:c8:33:e3:68:6c:98:a6:e6:8f:10:dc:46:4e:36:
         58:59:b1:8c:97:09:76:ce:5f:db:39:1c:de:86:fb:f0:f8:63:
         36:35:c1:3e:20:b1:50:f4:9f:84:00:1f:31:ab:00:a2:1f:0a:
         c6:64:85:8f:1f:18:93:76:2c:d9:d0:c0:16:af:3a:80:a7:89:
         30:2b:90:6e:15:a2:fe:af:41:b3:72:c9:b0:7b:0a:a1:d9:66:
         e6:4d:41:2c:32:02:e4:27:a9:e8:ba:65:0b:71:7c:ed:7d:2f:
         23:fb:6c:69:a0:54:22:08:09:90:a4:94:c1:3b:13:10:22:c7:
         3b:d9:de:fe:e4:c5:e9:08:89:9a:e0:95:73:8a:1b:68:54:47:
         12:61:7f:5a:9e:eb:21:1c:89:3f:47:5f:45:02:90:5b:2f:74:
         ea:bd:6d:28:2a:24:7e:f0:7d:1a:ca:bb:9b:ba:9b:bf:4c:dc:
         7c:22:50:2a:30:79:70:9a:5e:9d:b5:1c:cf:d4:7b:a9:09:3e:
         fb:04:26:27:d7:af:d0:58:a0:f7:f8:f7:9b:5c:36:bb:01:7e:
         b7:2c:eb:98:bc:11:03:c6:52:fd:02:57:dc:17:16:25:15:75:
         b3:14:30:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY8HSQ/J9wL4L4k/To4+C95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwNDE2MDEwMTA0WhcNMjUwNDE3MDEwMTA0WjAzMTEwLwYDVQQD
EygwNzNiN2IxYzRjYjVkM2EzYTIzOGVkOTM3YTMxZmQ0YjE5YWYwMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tGNHcQCIx3nNZIwuqeyRDDJNCyP
h2AraQc2bsE2u0DcANaVGUQ5WtX9elbRQkyTpdtdgkY3NsYldBMaRqwrjnyxOCVL
amPManfZXg+OPmEyyPda1Ndu4FOZ5/qKeo6gQbsiGnGSwvg2vY79RsMGeVwEAidu
xUAfL6hBepv7NLOZoENcnC/aOAluW7dNNQHmaWK50cwkr31LlIk1JPzQrHjPTj8B
eo81yDeDtXrqlLto8Lt4luxs+sRpI+7WifUkpZ0Dp52ptgNJLLAph8yVL5s71dom
ifhDsqTml54xPMOTsiod+/VwcblC2yorFSIgVSwLmzmakqBPSkDwgCZ+owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAc7exxMtdOjojjtk3ox/UsZrwG+MB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsL61B/uW
ojKhPjCyfEt+jo8WF/aUzcgz42hsmKbmjxDcRk42WFmxjJcJds5f2zkc3ob78Phj
NjXBPiCxUPSfhAAfMasAoh8KxmSFjx8Yk3Ys2dDAFq86gKeJMCuQbhWi/q9Bs3LJ
sHsKodlm5k1BLDIC5Cep6LplC3F87X0vI/tsaaBUIggJkKSUwTsTECLHO9ne/uTF
6QiJmuCVc4obaFRHEmF/Wp7rIRyJP0dfRQKQWy906r1tKCokfvB9Gsq7m7qbv0zc
fCJQKjB5cJpenbUcz9R7qQk++wQmJ9ev0Fig9/j3m1w2uwF+tyzrmLwRA8ZS/QJX
3BcWJRV1sxQwLg==
-----END CERTIFICATE-----