Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          DWhgtluF2YEvUTe/W5xErlSreHlsjZ3vpZlO/E/YaAU=
Subject key identifier:   BA:A6:CD:27:C3:1B:C7:B7:00:FD:64:15:DF:59:35:84:AD:D5:8C:07
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       019A71B959AE7A91CF416DE0BD56E57E3BB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          1092
Signing time:             Tue 11 Nov 2025 07:02:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:43 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: BYk0inX1uj3PDDr68jsVn5EBXtNeLqp+z0tvhMRuRVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:59:ae:7a:91:cf:41:6d:e0:bd:56:e5:7e:3b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Nov 11 07:02:43 2025 GMT
            Not After : Nov 12 07:02:43 2025 GMT
        Subject: CN=baa6cd27c31bc7b700fd6415df593584add58c07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:11:cb:02:be:4a:c8:17:5e:75:04:10:2d:97:
                    f1:ba:cf:aa:7a:ea:a3:d2:4b:68:67:95:e5:95:52:
                    90:4e:e5:64:a8:c5:b8:80:7e:79:36:42:f4:77:21:
                    2c:70:fc:76:62:72:bd:9c:09:36:4f:27:c3:4d:ca:
                    01:92:f9:67:38:f7:60:e5:a5:36:c0:05:de:cf:2b:
                    6b:27:d1:6e:74:dc:7d:aa:8d:51:41:d5:dc:aa:6d:
                    07:bb:81:17:b3:07:35:20:f5:a3:ec:04:6d:b9:c3:
                    31:a3:29:70:13:d7:11:83:56:6b:a6:8c:50:3b:3c:
                    04:8b:04:06:ff:8d:27:70:f6:2a:b5:b3:0b:e0:c3:
                    5f:de:b6:55:97:96:75:03:2c:48:4d:67:71:9c:23:
                    c0:c4:21:03:d3:25:79:2a:c7:3b:00:ab:c1:d2:77:
                    7f:87:e6:7d:b7:15:46:6e:72:c3:5c:4a:5e:99:3f:
                    9d:83:51:25:c2:f0:df:95:4d:b5:03:15:4d:84:3c:
                    02:b0:18:0c:3e:50:c9:c2:cc:11:8b:d7:1f:05:c8:
                    e6:b9:72:82:d6:a3:78:02:a0:87:cf:2c:29:db:a5:
                    19:57:12:22:b3:3a:e9:19:4e:a1:b8:4d:c3:b9:a9:
                    03:4b:af:8b:db:0a:67:5e:77:23:64:14:35:8e:96:
                    a7:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A6:CD:27:C3:1B:C7:B7:00:FD:64:15:DF:59:35:84:AD:D5:8C:07
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:6e:9e:66:d2:1d:1b:ab:c3:be:e3:38:0e:82:5c:a9:ff:16:
         55:aa:ac:40:df:56:99:5f:b4:c9:26:5b:8e:94:80:73:ed:6c:
         99:80:95:e6:9c:74:c8:e3:67:4c:bd:50:85:0d:a2:69:c1:62:
         40:41:1d:64:6d:d1:27:af:9c:88:d8:44:6e:95:3e:bf:b1:df:
         2d:b3:b3:f1:5b:e7:35:cf:d5:68:94:ce:63:d6:87:5f:12:f5:
         d8:a9:0f:36:15:67:9c:16:b5:9f:a5:03:2e:01:aa:63:6d:9d:
         5a:d0:a2:e6:02:61:bf:4a:be:8f:37:d8:5c:d8:6e:b2:45:33:
         f9:b4:7a:a5:f2:e2:ad:7a:59:de:b7:4a:4c:7e:6d:4e:0d:21:
         79:a0:20:3a:d7:94:cf:55:9d:30:5b:3c:f0:7e:a2:59:5b:59:
         af:22:06:7e:82:1a:07:3f:98:4c:f9:aa:7e:9c:4c:1f:41:a6:
         b6:b4:17:01:5b:9f:00:49:3d:f8:a7:1e:3d:42:b1:a4:6c:f7:
         19:24:c4:3d:c8:44:a6:8e:a7:54:e6:1e:41:bd:88:bd:58:2a:
         96:c9:e6:8a:0f:58:a7:95:7d:11:54:5d:03:96:aa:37:c7:13:
         f3:42:0a:a9:e5:f8:6d:8d:2c:27:e7:59:7b:79:bc:67:cf:bc:
         81:dd:99:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuVmuepHPQW3gvVblfjuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjUxMTExMDcwMjQzWhcNMjUxMTEyMDcwMjQzWjAzMTEwLwYDVQQD
EyhiYWE2Y2QyN2MzMWJjN2I3MDBmZDY0MTVkZjU5MzU4NGFkZDU4YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBHLAr5KyBdedQQQLZfxus+qeuqj
0ktoZ5XllVKQTuVkqMW4gH55NkL0dyEscPx2YnK9nAk2TyfDTcoBkvlnOPdg5aU2
wAXezytrJ9FudNx9qo1RQdXcqm0Hu4EXswc1IPWj7ARtucMxoylwE9cRg1ZrpoxQ
OzwEiwQG/40ncPYqtbML4MNf3rZVl5Z1AyxITWdxnCPAxCED0yV5Ksc7AKvB0nd/
h+Z9txVGbnLDXEpemT+dg1ElwvDflU21AxVNhDwCsBgMPlDJwswRi9cfBcjmuXKC
1qN4AqCHzywp26UZVxIiszrpGU6huE3DuakDS6+L2wpnXncjZBQ1jpanNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqmzSfDG8e3AP1kFd9ZNYSt1YwHMB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApG6eZtId
G6vDvuM4DoJcqf8WVaqsQN9WmV+0ySZbjpSAc+1smYCV5px0yONnTL1QhQ2iacFi
QEEdZG3RJ6+ciNhEbpU+v7HfLbOz8VvnNc/VaJTOY9aHXxL12KkPNhVnnBa1n6UD
LgGqY22dWtCi5gJhv0q+jzfYXNhuskUz+bR6pfLirXpZ3rdKTH5tTg0heaAgOteU
z1WdMFs88H6iWVtZryIGfoIaBz+YTPmqfpxMH0GmtrQXAVufAEk9+KcePUKxpGz3
GSTEPchEpo6nVOYeQb2IvVgqlsnmig9Yp5V9EVRdA5aqN8cT80IKqeX4bY0sJ+dZ
e3m8Z8+8gd2Z/A==
-----END CERTIFICATE-----