Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          3DGdeU9snYc+MAS2JUfFOufNgiayZ7+qg+pN8aEOA5U=
Subject key identifier:   24:38:DA:0B:06:4E:33:78:8B:CA:31:2E:78:2B:76:57:82:57:CF:4A
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       01958B1673983349EE4A36C4E966DCF9AE8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          0314
Signing time:             Wed 12 Mar 2025 16:00:59 +0000
Manifest this update:     Wed 12 Mar 2025 16:00:59 +0000
Manifest next update:     Thu 13 Mar 2025 16:00:59 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: lhcj6nzOOyT3VBu49gJlo+KcPyG7fI/B0tzmFGgIrpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:73:98:33:49:ee:4a:36:c4:e9:66:dc:f9:ae:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Mar 12 16:00:59 2025 GMT
            Not After : Mar 13 16:00:59 2025 GMT
        Subject: CN=2438da0b064e33788bca312e782b76578257cf4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:40:fb:87:45:cf:1b:c7:42:0d:29:53:bf:ed:
                    7a:d9:ce:d1:15:79:0a:c5:e2:d5:22:45:85:c6:9e:
                    3c:3c:91:15:8d:28:83:1c:3a:88:82:58:04:0d:45:
                    bf:70:e9:2e:21:cf:c5:86:64:8e:79:ac:71:99:ee:
                    e4:e4:55:fa:b2:1a:b5:63:7e:a5:87:0b:e8:9c:a3:
                    bb:8b:1e:0a:2b:04:32:de:22:98:83:09:ea:bf:83:
                    e3:2e:f1:0a:0d:f7:5f:62:60:a0:1e:22:92:82:db:
                    aa:f1:d9:76:fb:28:4e:aa:10:67:8e:de:cf:aa:64:
                    ef:e1:17:98:5a:f7:d9:b5:bf:ef:8d:fb:88:6c:46:
                    06:46:b7:1f:de:cd:01:ac:c1:6f:27:6c:57:c3:be:
                    86:07:7a:68:f4:05:7d:39:c2:1b:e2:49:2c:ac:3e:
                    1c:52:f3:03:c9:f7:a1:0d:b3:e6:3e:03:ed:3e:14:
                    d7:a4:c5:5c:66:5d:ca:1e:de:a9:32:5b:66:43:a0:
                    98:f3:d9:be:27:5e:ee:b1:6d:f3:18:2f:34:e9:b8:
                    71:31:40:8a:70:66:a2:0e:d6:43:71:65:24:14:2a:
                    76:5a:21:0a:40:49:df:a0:e3:72:57:7e:c1:92:cc:
                    d4:d2:bc:5a:e9:3b:5f:be:0a:8f:18:04:30:fe:27:
                    3e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:38:DA:0B:06:4E:33:78:8B:CA:31:2E:78:2B:76:57:82:57:CF:4A
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:58:d1:b7:7a:f1:d3:b4:02:42:f3:c2:1e:47:3c:f6:d0:ee:
         f8:8e:db:68:75:6e:ee:f8:c7:04:b5:d3:77:28:5d:67:e4:0b:
         0a:3c:74:38:7e:a6:c1:f9:4e:0e:a0:19:d3:d4:58:5b:fe:c6:
         ee:d7:ac:3a:b1:da:ef:7d:f3:77:cc:20:73:58:d1:f3:d6:c1:
         8b:70:bc:6b:ac:82:73:df:43:c8:fb:89:1f:f0:37:8f:6b:25:
         57:19:04:f0:92:9c:91:ec:1b:23:84:9f:4e:00:73:4d:1b:70:
         f4:1d:b5:da:13:08:26:32:d5:64:84:ac:fd:34:35:9a:95:12:
         5d:12:b8:fb:32:32:a6:48:7e:ff:36:f0:c7:3c:47:d4:04:70:
         7c:49:85:ab:ed:aa:26:d9:64:78:d7:ed:dc:6f:63:75:cd:ad:
         75:55:7d:3c:1a:1b:a1:db:96:ba:61:3d:60:f5:b8:f1:3d:db:
         c2:b2:78:e6:32:fd:3e:70:29:87:25:2c:20:87:f1:aa:87:37:
         ec:82:e6:d3:e7:af:5b:bd:d2:be:8e:ae:81:de:d4:36:25:6e:
         83:e4:be:73:3d:13:28:79:ab:86:68:52:8f:63:c8:78:32:be:
         db:f1:2e:0c:93:7c:98:9f:d7:00:f7:44:94:a3:56:3b:17:20:
         79:cf:e5:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFnOYM0nuSjbE6Wbc+a6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwMzEyMTYwMDU5WhcNMjUwMzEzMTYwMDU5WjAzMTEwLwYDVQQD
EygyNDM4ZGEwYjA2NGUzMzc4OGJjYTMxMmU3ODJiNzY1NzgyNTdjZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUD7h0XPG8dCDSlTv+162c7RFXkK
xeLVIkWFxp48PJEVjSiDHDqIglgEDUW/cOkuIc/FhmSOeaxxme7k5FX6shq1Y36l
hwvonKO7ix4KKwQy3iKYgwnqv4PjLvEKDfdfYmCgHiKSgtuq8dl2+yhOqhBnjt7P
qmTv4ReYWvfZtb/vjfuIbEYGRrcf3s0BrMFvJ2xXw76GB3po9AV9OcIb4kksrD4c
UvMDyfehDbPmPgPtPhTXpMVcZl3KHt6pMltmQ6CY89m+J17usW3zGC806bhxMUCK
cGaiDtZDcWUkFCp2WiEKQEnfoONyV37BkszU0rxa6TtfvgqPGAQw/ic+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQ42gsGTjN4i8oxLngrdleCV89KMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB1jRt3rx
07QCQvPCHkc89tDu+I7baHVu7vjHBLXTdyhdZ+QLCjx0OH6mwflODqAZ09RYW/7G
7tesOrHa733zd8wgc1jR89bBi3C8a6yCc99DyPuJH/A3j2slVxkE8JKckewbI4Sf
TgBzTRtw9B212hMIJjLVZISs/TQ1mpUSXRK4+zIypkh+/zbwxzxH1ARwfEmFq+2q
JtlkeNft3G9jdc2tdVV9PBoboduWumE9YPW48T3bwrJ45jL9PnAphyUsIIfxqoc3
7ILm0+evW73Svo6ugd7UNiVug+S+cz0TKHmrhmhSj2PIeDK+2/EuDJN8mJ/XAPdE
lKNWOxcgec/lnA==
-----END CERTIFICATE-----