Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          dIhogyo+TNwxn2deJvbHCL6+gPwn3saZJYugnXzzyqg=
Subject key identifier:   4B:0F:CA:7D:83:67:FC:BA:2C:3A:22:68:AA:DB:D1:D1:8D:B4:EC:3F
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       019752D9122616E328A2F3EB88BE3BE6629B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          0400
Signing time:             Mon 09 Jun 2025 04:00:47 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:47 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:47 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: 1kjn1hS6qXTiHr0NciAMCDbfmtN1z0Amosut4px9TIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d9:12:26:16:e3:28:a2:f3:eb:88:be:3b:e6:62:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Jun  9 04:00:47 2025 GMT
            Not After : Jun 10 04:00:47 2025 GMT
        Subject: CN=4b0fca7d8367fcba2c3a2268aadbd1d18db4ec3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:83:35:1f:e8:68:63:72:47:e3:d1:5a:4a:db:
                    8f:4c:7a:e8:e1:f7:6e:91:38:29:5a:b0:18:35:75:
                    e8:e7:9c:6e:15:92:42:95:09:88:05:64:9e:f4:f2:
                    6d:fa:d7:ec:5a:ab:68:3c:03:a2:5e:2d:6a:79:6c:
                    41:5e:e7:08:19:3e:f6:21:f2:19:89:79:f3:d6:d1:
                    0c:61:c7:52:81:5c:df:0c:99:fe:6c:53:94:5a:8b:
                    e3:d3:c6:a7:51:dd:fa:e0:3f:e6:e7:5d:e0:e9:93:
                    43:14:e7:6f:dc:ec:8d:a3:b2:99:74:02:a1:b4:91:
                    c7:31:84:f3:a2:d3:34:c7:5e:d3:d9:a0:fc:ca:5f:
                    d7:85:25:26:dd:4c:6b:0f:80:9a:a4:ae:d7:a0:40:
                    09:c8:5b:4f:f8:3f:57:e1:09:4a:8b:04:97:11:ab:
                    02:08:58:21:6a:61:33:db:65:6f:4a:84:fd:7a:54:
                    6b:e9:cc:be:d7:79:a3:a8:69:da:b4:83:8b:1c:03:
                    82:29:10:4e:28:e9:9a:b5:74:74:21:c8:76:81:7e:
                    71:b5:80:91:ef:24:39:21:26:d0:d1:3f:90:37:7c:
                    eb:d7:a4:4e:d9:89:56:f3:c2:fb:c4:56:e9:fa:47:
                    bf:51:13:f2:d0:d9:0b:85:83:11:8a:b4:b2:54:07:
                    db:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0F:CA:7D:83:67:FC:BA:2C:3A:22:68:AA:DB:D1:D1:8D:B4:EC:3F
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:fe:93:36:32:b6:4f:f8:03:1f:3a:79:92:f2:1a:0f:9b:a7:
         41:57:d6:ed:b8:ce:03:ce:64:e1:53:18:f4:9b:99:2e:0c:aa:
         00:c0:00:58:cf:c0:07:a9:be:0b:4c:c9:02:8c:a6:f5:9f:65:
         f3:69:70:bf:01:b8:e4:8c:5f:45:a6:0b:33:8c:d4:d8:40:ad:
         10:f2:bc:8e:fe:5a:5d:a3:bc:e2:96:e0:ea:33:22:d7:52:89:
         c1:70:0d:aa:32:40:3c:40:ac:a4:16:1f:fd:8f:15:d4:13:3d:
         c3:5c:2f:fa:69:04:5f:45:1c:0c:4c:92:2c:21:4f:1d:93:60:
         2c:db:63:b6:d5:5d:2d:84:8e:e0:32:bd:59:26:eb:4a:90:9f:
         57:ca:28:b1:26:96:ae:b7:66:c3:56:c2:5f:e2:65:4e:a3:bf:
         f2:e5:e8:76:35:93:08:9d:a4:25:15:a1:e6:c4:f8:92:4e:a0:
         16:1b:ba:54:7e:77:ba:9c:58:73:e4:58:e6:3c:88:f1:72:9e:
         22:32:a5:48:6c:2c:26:50:7e:8a:54:ff:b6:16:7c:ec:1a:04:
         e6:2d:f8:87:30:dd:01:6c:43:62:d2:b0:34:96:1e:1d:a7:9b:
         91:7d:12:60:96:3b:31:07:b5:38:9f:d8:d4:6e:06:05:cd:ac:
         58:3b:a9:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2RImFuMoovPriL475mKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwNjA5MDQwMDQ3WhcNMjUwNjEwMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg0YjBmY2E3ZDgzNjdmY2JhMmMzYTIyNjhhYWRiZDFkMThkYjRlYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4M1H+hoY3JH49FaStuPTHro4fdu
kTgpWrAYNXXo55xuFZJClQmIBWSe9PJt+tfsWqtoPAOiXi1qeWxBXucIGT72IfIZ
iXnz1tEMYcdSgVzfDJn+bFOUWovj08anUd364D/m513g6ZNDFOdv3OyNo7KZdAKh
tJHHMYTzotM0x17T2aD8yl/XhSUm3UxrD4CapK7XoEAJyFtP+D9X4QlKiwSXEasC
CFghamEz22VvSoT9elRr6cy+13mjqGnatIOLHAOCKRBOKOmatXR0Ich2gX5xtYCR
7yQ5ISbQ0T+QN3zr16RO2YlW88L7xFbp+ke/URPy0NkLhYMRirSyVAfbywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsPyn2DZ/y6LDoiaKrb0dGNtOw/MB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYv6TNjK2
T/gDHzp5kvIaD5unQVfW7bjOA85k4VMY9JuZLgyqAMAAWM/AB6m+C0zJAoym9Z9l
82lwvwG45IxfRaYLM4zU2ECtEPK8jv5aXaO84pbg6jMi11KJwXANqjJAPECspBYf
/Y8V1BM9w1wv+mkEX0UcDEySLCFPHZNgLNtjttVdLYSO4DK9WSbrSpCfV8oosSaW
rrdmw1bCX+JlTqO/8uXodjWTCJ2kJRWh5sT4kk6gFhu6VH53upxYc+RY5jyI8XKe
IjKlSGwsJlB+ilT/thZ87BoE5i34hzDdAWxDYtKwNJYeHaebkX0SYJY7MQe1OJ/Y
1G4GBc2sWDup9g==
-----END CERTIFICATE-----