Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          1V3J9eafiOjgewwI7MFCJHNkARzZQ3XFpd1p2308JGE=
Subject key identifier:   7E:CC:B2:B6:56:BF:85:0A:DA:D9:96:69:F9:D1:DF:3F:D9:06:29:EB
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       019749D59E14E22503EEF359A8FF2686932B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          1050
Signing time:             Sat 07 Jun 2025 10:00:25 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:25 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:25 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: 9rxRQfIMGIp2TZJGDJzfjhcUtDUzrLZhw+oPHV0qkZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:9e:14:e2:25:03:ee:f3:59:a8:ff:26:86:93:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Jun  7 10:00:25 2025 GMT
            Not After : Jun  8 10:00:25 2025 GMT
        Subject: CN=7eccb2b656bf850adad99669f9d1df3fd90629eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7d:3b:8d:45:ea:fc:67:ef:62:43:a6:48:c6:
                    b0:0b:bc:a9:d5:94:b1:81:a0:de:38:f1:82:ef:db:
                    f5:a9:c7:d5:32:77:33:14:b6:1d:5e:3a:6d:77:0d:
                    d0:8a:df:e6:9d:a5:21:f7:06:fb:01:53:0e:ac:a5:
                    81:1b:cb:3d:c3:6b:66:e5:ce:59:27:34:50:a0:d2:
                    33:d5:43:f5:45:a7:1f:e2:56:d1:b0:36:97:d5:12:
                    73:3f:0d:1e:79:a9:c5:b2:f5:1e:87:ba:74:fe:32:
                    f7:ab:c1:5e:34:0e:0e:bd:94:ce:d0:79:90:af:2b:
                    ae:88:97:3a:22:9a:3b:96:65:80:96:f3:de:dc:0c:
                    f4:fd:1d:c6:82:e8:e8:83:a0:c1:76:de:7d:4f:c3:
                    80:8a:c5:94:b3:53:61:bf:22:fa:84:c1:43:a2:44:
                    07:b7:de:63:f7:b5:60:e9:85:dc:07:31:1a:f5:2d:
                    6b:16:bd:1c:d2:4a:c0:ce:2f:c9:15:c7:d1:2e:ff:
                    f4:04:1e:d2:6f:df:52:2e:cd:0d:c6:c7:8c:36:91:
                    e6:46:48:ee:68:6e:90:c9:72:52:22:f0:9e:8b:c6:
                    99:46:aa:6a:78:c3:b3:97:12:64:f1:63:5e:97:cf:
                    ac:cd:a3:1b:e5:99:6c:1b:f0:5a:e6:77:24:e5:7a:
                    d9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:CC:B2:B6:56:BF:85:0A:DA:D9:96:69:F9:D1:DF:3F:D9:06:29:EB
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e7:33:bd:b9:15:6c:64:1a:ef:d4:3a:1e:a0:3e:15:65:3e:
         bb:19:77:09:1e:9c:c9:51:a0:86:1c:55:34:46:00:8b:05:12:
         26:94:4c:93:36:5d:71:4b:a3:0d:d0:fe:42:2e:02:18:3a:3d:
         7a:1f:09:a0:28:b9:46:55:18:99:fd:2d:79:e4:0b:b1:fd:4c:
         11:76:3d:7e:e3:ff:af:0c:1a:4f:ec:38:19:bc:ed:3f:bb:23:
         85:67:f7:99:9c:60:d4:fc:cd:67:ec:53:28:0f:85:d0:7f:35:
         b9:4f:93:a2:a9:3a:7a:4a:8a:c7:76:75:2a:49:4e:56:c7:ec:
         a1:80:bb:a6:a8:a4:75:77:06:9e:d6:d9:7d:57:95:66:a8:59:
         16:24:68:b9:ce:39:df:0b:c5:7a:72:b9:c5:99:78:6c:79:dc:
         90:db:45:00:72:fc:0c:11:b1:2f:aa:56:b0:79:dc:a6:a5:26:
         ca:73:1c:da:06:65:50:5c:fd:73:aa:de:72:10:5b:76:4c:38:
         2f:5a:7c:d3:86:06:43:6e:76:39:b3:f6:0f:61:66:ff:c3:86:
         38:d8:bf:f8:2a:4f:35:36:2c:a0:75:a4:2c:38:fc:4f:89:b6:
         bf:08:d8:19:52:b1:c2:c2:c4:df:f8:a0:4d:a9:c8:88:58:2d:
         29:36:f3:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1Z4U4iUD7vNZqP8mhpMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjUwNjA3MTAwMDI1WhcNMjUwNjA4MTAwMDI1WjAzMTEwLwYDVQQD
Eyg3ZWNjYjJiNjU2YmY4NTBhZGFkOTk2NjlmOWQxZGYzZmQ5MDYyOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX07jUXq/GfvYkOmSMawC7yp1ZSx
gaDeOPGC79v1qcfVMnczFLYdXjptdw3Qit/mnaUh9wb7AVMOrKWBG8s9w2tm5c5Z
JzRQoNIz1UP1Racf4lbRsDaX1RJzPw0eeanFsvUeh7p0/jL3q8FeNA4OvZTO0HmQ
ryuuiJc6Ipo7lmWAlvPe3Az0/R3Ggujog6DBdt59T8OAisWUs1NhvyL6hMFDokQH
t95j97Vg6YXcBzEa9S1rFr0c0krAzi/JFcfRLv/0BB7Sb99SLs0NxseMNpHmRkju
aG6QyXJSIvCei8aZRqpqeMOzlxJk8WNel8+szaMb5ZlsG/Ba5nck5XrZHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7MsrZWv4UK2tmWafnR3z/ZBinrMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+czvbkV
bGQa79Q6HqA+FWU+uxl3CR6cyVGghhxVNEYAiwUSJpRMkzZdcUujDdD+Qi4CGDo9
eh8JoCi5RlUYmf0teeQLsf1MEXY9fuP/rwwaT+w4GbztP7sjhWf3mZxg1PzNZ+xT
KA+F0H81uU+Toqk6ekqKx3Z1KklOVsfsoYC7pqikdXcGntbZfVeVZqhZFiRouc45
3wvFenK5xZl4bHnckNtFAHL8DBGxL6pWsHncpqUmynMc2gZlUFz9c6rechBbdkw4
L1p804YGQ252ObP2D2Fm/8OGONi/+CpPNTYsoHWkLDj8T4m2vwjYGVKxwsLE3/ig
TanIiFgtKTbzlQ==
-----END CERTIFICATE-----