Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          L5L+h19Kq1y/Mo5e/5r1sZlyJVizsbB4mhq4RSBiTQ8=
Subject key identifier:   EB:62:5A:CD:DF:CA:6F:7A:A6:28:E7:BA:81:4A:98:71:99:02:17:AA
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       0197677297C61138244689BE29F7257E2CDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          08A4
Signing time:             Fri 13 Jun 2025 04:00:52 +0000
Manifest this update:     Fri 13 Jun 2025 04:00:52 +0000
Manifest next update:     Sat 14 Jun 2025 04:00:52 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: PZNcU8lZ+ur1Afjj+4kiwBMh+QuCTzlTcBnr45R2CxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:97:c6:11:38:24:46:89:be:29:f7:25:7e:2c:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Jun 13 04:00:52 2025 GMT
            Not After : Jun 14 04:00:52 2025 GMT
        Subject: CN=eb625acddfca6f7aa628e7ba814a9871990217aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e3:12:13:cc:db:50:54:0f:6b:60:ac:b4:b2:
                    2d:db:11:34:ff:c6:a3:56:39:e4:99:c5:b1:17:60:
                    c4:1c:6f:a3:d8:dd:4e:fd:bf:80:ff:45:b1:90:f4:
                    f3:9d:b1:bd:91:3d:0b:91:37:09:fb:80:bb:91:9f:
                    e3:7d:93:dc:a2:99:d2:e2:49:59:5a:3a:70:28:e1:
                    bc:d6:5e:87:33:61:d3:90:44:31:08:fb:cd:93:00:
                    20:52:75:78:eb:ac:59:3e:f7:a9:9a:db:de:9e:b0:
                    9f:1e:04:27:f9:12:97:0b:09:f2:f4:94:83:b1:0e:
                    ba:e6:81:24:ad:f8:a5:6d:7c:1f:1d:d8:c0:1b:05:
                    22:f1:f2:aa:af:10:1a:2e:8c:25:fa:84:7a:73:03:
                    81:4e:7d:4e:03:0a:d8:2f:9b:32:29:17:6f:31:11:
                    80:71:28:7b:7a:66:d1:ba:6f:c8:38:16:26:de:b9:
                    2b:f9:71:dc:b1:68:ad:1c:95:6f:4b:32:59:d1:35:
                    86:75:df:7b:bb:e9:08:65:88:be:c7:45:a2:ad:cf:
                    f2:cc:ab:f5:0c:d2:81:9b:2e:5c:e1:2d:ef:e3:d1:
                    65:1c:24:3b:91:d0:ad:8b:d9:17:4e:83:28:11:15:
                    60:a9:cc:83:7f:26:2c:bf:48:56:30:cb:5f:87:a3:
                    02:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:62:5A:CD:DF:CA:6F:7A:A6:28:E7:BA:81:4A:98:71:99:02:17:AA
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:90:4b:06:fb:c6:67:b8:a1:b1:a2:00:fe:ad:62:ee:ef:c2:
         d2:a5:04:85:8d:29:7c:16:ac:d3:8c:e2:4f:1b:e8:03:c7:63:
         01:79:e3:51:6c:23:1b:6f:b4:6f:27:e8:f2:44:c5:2f:b0:52:
         24:e6:e8:7b:4e:ce:ee:5a:58:45:2c:07:4e:96:53:11:29:c3:
         c3:ac:c6:0a:af:92:16:69:b5:c7:71:a7:c8:55:5a:b2:92:27:
         3f:50:92:4c:ba:63:4a:ac:b7:7a:89:1c:2b:c0:b6:7a:35:43:
         65:4b:2f:62:a8:38:fb:5e:9e:31:e3:79:d6:cc:bf:15:ff:38:
         2a:87:78:a9:13:77:1a:e7:81:94:12:43:d0:aa:9e:2e:e5:f9:
         dd:4d:b9:c7:08:a4:3a:e0:67:f6:40:b7:65:3a:db:de:5b:4c:
         12:72:7a:8f:b9:b4:d4:24:98:02:79:71:da:fa:25:20:22:87:
         04:c1:6f:78:19:9d:a9:98:5d:b8:0a:27:ae:11:d6:60:bd:8f:
         b1:bb:50:61:d7:92:8a:dc:b2:1c:73:46:d0:0d:91:79:1e:b8:
         cd:64:8a:d2:1c:3a:ae:5f:94:f1:7b:42:04:f0:9e:6b:1d:1a:
         e5:8b:69:c7:31:af:06:d7:f9:9b:02:0b:78:ab:0c:e7:63:68:
         29:76:74:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncpfGETgkRom+KfclfizcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwNjEzMDQwMDUyWhcNMjUwNjE0MDQwMDUyWjAzMTEwLwYDVQQD
EyhlYjYyNWFjZGRmY2E2ZjdhYTYyOGU3YmE4MTRhOTg3MTk5MDIxN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuMSE8zbUFQPa2CstLIt2xE0/8aj
VjnkmcWxF2DEHG+j2N1O/b+A/0WxkPTznbG9kT0LkTcJ+4C7kZ/jfZPcopnS4klZ
WjpwKOG81l6HM2HTkEQxCPvNkwAgUnV466xZPvepmtvenrCfHgQn+RKXCwny9JSD
sQ665oEkrfilbXwfHdjAGwUi8fKqrxAaLowl+oR6cwOBTn1OAwrYL5syKRdvMRGA
cSh7embRum/IOBYm3rkr+XHcsWitHJVvSzJZ0TWGdd97u+kIZYi+x0Wirc/yzKv1
DNKBmy5c4S3v49FlHCQ7kdCti9kXToMoERVgqcyDfyYsv0hWMMtfh6MC9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtiWs3fym96pijnuoFKmHGZAheqMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtZBLBvvG
Z7ihsaIA/q1i7u/C0qUEhY0pfBas04ziTxvoA8djAXnjUWwjG2+0byfo8kTFL7BS
JOboe07O7lpYRSwHTpZTESnDw6zGCq+SFmm1x3GnyFVaspInP1CSTLpjSqy3eokc
K8C2ejVDZUsvYqg4+16eMeN51sy/Ff84Kod4qRN3GueBlBJD0KqeLuX53U25xwik
OuBn9kC3ZTrb3ltMEnJ6j7m01CSYAnlx2volICKHBMFveBmdqZhduAonrhHWYL2P
sbtQYdeSityyHHNG0A2ReR64zWSK0hw6rl+U8XtCBPCeax0a5YtpxzGvBtf5mwIL
eKsM52NoKXZ0og==
-----END CERTIFICATE-----