Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          Mz06Wh5RRLUaVA8awtm0/Ra+y4ddoGmzfQZpMN+0N7k=
Subject key identifier:   94:B0:3F:7D:C0:48:86:72:06:1D:CE:96:1C:8D:80:66:65:94:31:85
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       019A71B8D76AD7399F40EA86BB5BA727A361
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: xOHolKdPze5te0zanio5/6VW2KruRnjA1aZy/SFyhSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d7:6a:d7:39:9f:40:ea:86:bb:5b:a7:27:a3:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=94b03f7dc0488672061dce961c8d806665943185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ed:64:99:f4:ef:3f:1a:b3:33:cc:48:12:66:
                    4c:70:e0:1b:2e:af:b5:9a:81:e7:5b:0b:51:ac:7c:
                    6e:1c:75:82:41:d6:a9:3e:73:fa:1c:9b:aa:c7:a5:
                    94:4f:38:64:6d:58:0f:01:bc:13:b4:93:00:ed:ae:
                    0f:d1:31:cd:fd:1b:17:3c:aa:37:8f:1f:86:61:7b:
                    24:34:2f:76:69:df:ca:95:a9:0d:bc:91:e5:df:4d:
                    da:cb:c5:3c:86:0b:c9:28:0b:c6:dd:71:05:b0:ff:
                    6c:e6:f5:d1:54:f9:78:ba:91:9f:a3:10:cb:d3:ea:
                    52:9e:a8:ae:ad:af:c0:ba:25:1b:52:6f:e5:30:b9:
                    cd:63:09:db:4f:61:33:ed:cc:f2:90:da:55:7b:72:
                    e9:69:b8:86:18:7a:8d:0f:61:57:c3:41:2d:f7:c1:
                    89:bb:09:fa:ca:8f:5f:f7:ee:f7:3e:91:8d:fe:c3:
                    08:7b:35:d4:85:32:a0:9e:51:ec:bd:3d:ae:bf:6d:
                    70:0b:5e:b2:74:08:75:2b:ed:55:ac:ab:51:20:d3:
                    89:d6:b7:b4:c3:56:c2:03:ed:99:88:39:64:44:3a:
                    13:f7:12:6e:66:6a:dd:f5:48:76:08:44:9f:bf:49:
                    1d:97:31:42:d5:18:c3:c1:2c:39:88:20:8a:e5:24:
                    e2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B0:3F:7D:C0:48:86:72:06:1D:CE:96:1C:8D:80:66:65:94:31:85
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:c7:15:56:4e:05:74:a7:02:06:67:b0:41:c4:e3:3d:c9:a2:
         63:be:90:53:80:fd:29:86:63:a9:cb:ba:e3:24:9d:93:f7:c8:
         68:91:eb:9d:de:b9:30:46:39:de:6b:3a:66:60:df:76:64:29:
         8a:50:ce:1c:cb:cf:12:b5:02:b1:30:22:87:4e:92:ad:70:15:
         aa:4c:96:62:95:28:79:0b:90:9e:6d:73:51:d9:58:ba:32:68:
         31:42:94:e4:c1:64:dd:a9:28:ba:c1:ac:48:fb:7a:6f:65:87:
         f9:44:1b:5a:e6:56:a8:d6:7c:47:e4:34:d5:d1:9b:b1:4d:a5:
         7b:3c:5b:9f:77:25:15:b4:55:1f:0d:e2:ca:02:a1:e7:ed:1a:
         84:66:b7:8c:68:14:9b:21:61:28:05:2f:43:50:a8:61:a8:fb:
         80:94:74:8c:b4:60:c9:79:b2:e4:55:23:2d:c7:d3:1b:da:74:
         b0:c8:37:09:e4:27:c8:f4:1a:5f:85:25:9f:6f:f8:c2:5b:a0:
         6a:fa:23:18:88:5b:4e:da:f6:c8:18:d0:2d:6d:38:f7:b3:2b:
         af:e5:ad:a3:77:bc:76:42:2e:4d:92:d2:fb:9e:d4:b3:66:c2:
         2d:f9:9a:12:4d:52:00:35:a3:46:57:25:9a:2c:04:f8:a8:78:
         72:d0:7e:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNdq1zmfQOqGu1unJ6NhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
Eyg5NGIwM2Y3ZGMwNDg4NjcyMDYxZGNlOTYxYzhkODA2NjY1OTQzMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+1kmfTvPxqzM8xIEmZMcOAbLq+1
moHnWwtRrHxuHHWCQdapPnP6HJuqx6WUTzhkbVgPAbwTtJMA7a4P0THN/RsXPKo3
jx+GYXskNC92ad/KlakNvJHl303ay8U8hgvJKAvG3XEFsP9s5vXRVPl4upGfoxDL
0+pSnqiura/AuiUbUm/lMLnNYwnbT2Ez7czykNpVe3LpabiGGHqND2FXw0Et98GJ
uwn6yo9f9+73PpGN/sMIezXUhTKgnlHsvT2uv21wC16ydAh1K+1VrKtRINOJ1re0
w1bCA+2ZiDlkRDoT9xJuZmrd9Uh2CESfv0kdlzFC1RjDwSw5iCCK5STimwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSwP33ASIZyBh3OlhyNgGZllDGFMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfscVVk4F
dKcCBmewQcTjPcmiY76QU4D9KYZjqcu64ySdk/fIaJHrnd65MEY53ms6ZmDfdmQp
ilDOHMvPErUCsTAih06SrXAVqkyWYpUoeQuQnm1zUdlYujJoMUKU5MFk3akousGs
SPt6b2WH+UQbWuZWqNZ8R+Q01dGbsU2lezxbn3clFbRVHw3iygKh5+0ahGa3jGgU
myFhKAUvQ1CoYaj7gJR0jLRgyXmy5FUjLcfTG9p0sMg3CeQnyPQaX4Uln2/4wlug
avojGIhbTtr2yBjQLW0497Mrr+Wto3e8dkIuTZLS+57Us2bCLfmaEk1SADWjRlcl
miwE+Kh4ctB+UQ==
-----END CERTIFICATE-----