Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          w7y3PZ7+J/fBjnXzLxD6KKKjT5u6IJEV2DQ4RSNsC6M=
Subject key identifier:   0C:98:C3:F2:49:87:3F:0A:CB:13:61:A0:50:F2:BA:E7:40:02:8B:3B
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       0197696102F4DB7AD114642731F076F916B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          08A5
Signing time:             Fri 13 Jun 2025 13:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:54 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: gntfDlwn5P131FtMYOSSMYW8TrIcYy1sxkFGcC1jzFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:02:f4:db:7a:d1:14:64:27:31:f0:76:f9:16:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Jun 13 13:00:54 2025 GMT
            Not After : Jun 14 13:00:54 2025 GMT
        Subject: CN=0c98c3f249873f0acb1361a050f2bae740028b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:aa:02:9b:bb:b8:e0:63:55:cc:94:cd:50:41:
                    f9:ee:f6:eb:79:aa:97:34:da:6a:02:f3:0a:94:82:
                    34:be:8d:99:83:80:d0:33:56:d1:50:77:dd:79:a2:
                    76:ff:1b:68:00:d5:02:f0:5d:2e:97:20:2d:0f:fb:
                    1d:72:c7:33:66:9f:d3:ca:c6:82:ac:ab:83:54:ce:
                    99:86:b2:ae:6d:b7:2b:54:02:27:b7:e0:71:17:d6:
                    ac:7f:49:69:12:b7:f1:20:3a:3d:91:6f:b4:c6:50:
                    a3:59:97:00:bf:9a:33:ae:58:f2:b6:5a:b3:0c:09:
                    33:b3:7f:f4:6e:92:1e:c1:27:e1:89:aa:fa:cc:2d:
                    1d:8b:ba:ac:e5:9c:a6:56:cc:95:9c:4c:f2:e8:6a:
                    ac:17:b8:2c:8e:80:d2:43:0b:5c:b1:cf:d2:aa:8a:
                    14:72:c2:ac:a5:31:3a:d0:4c:c0:6f:bb:91:97:90:
                    50:5d:93:53:89:ab:54:fd:70:25:eb:87:ed:25:28:
                    c5:7d:4b:43:75:98:b0:e8:1b:7c:b3:ea:12:8a:47:
                    3d:ee:1e:db:06:e0:10:cf:13:62:b5:25:5c:55:1f:
                    e9:a6:82:9e:71:9b:23:7f:af:94:83:d2:c1:75:d4:
                    07:76:67:46:c9:82:6f:ce:25:3a:80:3a:c6:16:86:
                    3d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:98:C3:F2:49:87:3F:0A:CB:13:61:A0:50:F2:BA:E7:40:02:8B:3B
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:b0:9b:54:2a:4d:6a:a6:3d:d8:99:4b:39:3e:21:96:da:25:
         91:46:84:ca:70:72:28:b1:c8:09:30:a8:ac:ab:98:30:c9:a0:
         90:d8:9b:7d:15:09:ba:f8:5e:1e:5a:f5:42:75:46:13:f0:9a:
         02:28:18:4d:01:0b:55:af:f0:74:92:26:8b:83:fb:0c:45:ca:
         3b:cd:a5:21:2c:17:60:e7:6f:5f:09:b4:f8:20:ff:d6:e5:b9:
         0c:2d:b1:f6:28:56:5c:7e:e1:73:8c:1a:84:a9:f5:00:ed:2e:
         39:a9:74:9a:cb:20:90:66:7f:c4:f0:a0:a2:a5:3e:1d:98:76:
         c9:4f:21:cc:61:2b:ca:da:7d:62:69:d3:96:14:df:07:57:ae:
         70:d1:99:60:b1:72:0a:ca:1a:22:db:53:3f:25:09:da:e8:54:
         c2:9c:14:34:05:95:99:eb:42:25:88:c8:f2:d1:70:fa:ae:21:
         bd:5c:54:38:1d:d2:2c:37:a2:c9:8b:06:e5:88:8f:9e:86:e2:
         16:c1:8b:1a:5a:6b:99:72:3f:0e:40:17:2b:98:e3:6c:42:91:
         fe:29:3f:d4:d6:95:14:3d:46:44:25:f4:28:9d:ea:ab:8f:fe:
         39:d2:a5:6e:a6:0e:46:a6:7f:c5:c3:c6:85:a3:2a:1f:e7:b4:
         49:12:4a:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYQL023rRFGQnMfB2+RawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwNjEzMTMwMDU0WhcNMjUwNjE0MTMwMDU0WjAzMTEwLwYDVQQD
EygwYzk4YzNmMjQ5ODczZjBhY2IxMzYxYTA1MGYyYmFlNzQwMDI4YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KoCm7u44GNVzJTNUEH57vbreaqX
NNpqAvMKlII0vo2Zg4DQM1bRUHfdeaJ2/xtoANUC8F0ulyAtD/sdcsczZp/TysaC
rKuDVM6ZhrKubbcrVAInt+BxF9asf0lpErfxIDo9kW+0xlCjWZcAv5ozrljytlqz
DAkzs3/0bpIewSfhiar6zC0di7qs5ZymVsyVnEzy6GqsF7gsjoDSQwtcsc/SqooU
csKspTE60EzAb7uRl5BQXZNTiatU/XAl64ftJSjFfUtDdZiw6Bt8s+oSikc97h7b
BuAQzxNitSVcVR/ppoKecZsjf6+Ug9LBddQHdmdGyYJvziU6gDrGFoY9awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyYw/JJhz8KyxNhoFDyuudAAos7MB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrCbVCpN
aqY92JlLOT4hltolkUaEynByKLHICTCorKuYMMmgkNibfRUJuvheHlr1QnVGE/Ca
AigYTQELVa/wdJImi4P7DEXKO82lISwXYOdvXwm0+CD/1uW5DC2x9ihWXH7hc4wa
hKn1AO0uOal0mssgkGZ/xPCgoqU+HZh2yU8hzGErytp9YmnTlhTfB1eucNGZYLFy
CsoaIttTPyUJ2uhUwpwUNAWVmetCJYjI8tFw+q4hvVxUOB3SLDeiyYsG5YiPnobi
FsGLGlprmXI/DkAXK5jjbEKR/ik/1NaVFD1GRCX0KJ3qq4/+OdKlbqYORqZ/xcPG
haMqH+e0SRJKCQ==
-----END CERTIFICATE-----