Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
File:                     PonHvJeq8NwDF2adR1GxMaqTK40.mft (raw, json)
Hash identifier:          si/HF7idyJVq80T5L2BktWnwl3KxHHCOBmI/nD+Cwxc=
Subject key identifier:   74:8C:1B:A2:88:2D:57:D0:36:3A:D6:8F:65:29:D6:5C:68:21:77:90
Authority key identifier: 3E:89:C7:BC:97:AA:F0:DC:03:17:66:9D:47:51:B1:31:AA:93:2B:8D
Certificate issuer:       /CN=3e89c7bc97aaf0dc0317669d4751b131aa932b8d
Certificate serial:       019A7113718D8DBC58D2D8B85E6FCDDFBEA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
Manifest number:          23
Signing time:             Tue 11 Nov 2025 04:01:30 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:30 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:30 +0000
Files and hashes:         1: PonHvJeq8NwDF2adR1GxMaqTK40.crl (hash: Nhuamc1Ns41P6/7ily0jQqhL9TXksv0AxbxvZZzOcEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:71:8d:8d:bc:58:d2:d8:b8:5e:6f:cd:df:be:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e89c7bc97aaf0dc0317669d4751b131aa932b8d
        Validity
            Not Before: Nov 11 04:01:30 2025 GMT
            Not After : Nov 12 04:01:30 2025 GMT
        Subject: CN=748c1ba2882d57d0363ad68f6529d65c68217790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ea:40:0f:d8:cb:a6:e2:06:c2:f3:73:da:63:
                    68:cd:20:b5:ff:be:35:14:ce:16:aa:04:74:5c:20:
                    45:42:b6:d1:de:f0:fa:df:de:ae:30:7a:6f:af:ef:
                    cf:c2:06:33:ab:a4:0c:85:a3:a4:1b:71:98:9d:fa:
                    bb:f0:84:e6:ae:78:d8:76:f5:3b:a9:d4:a0:db:1c:
                    aa:c1:11:0b:2d:22:d3:96:5a:2d:e2:ea:42:fa:f1:
                    0c:50:da:ea:ed:6d:4a:e4:45:2c:94:b8:52:18:ec:
                    41:0c:fb:9e:d6:4e:d0:0c:35:11:d7:d9:af:ad:91:
                    60:02:07:0d:23:8b:c5:be:65:59:0f:0f:f7:e2:d3:
                    ab:01:41:d9:0a:9b:6c:46:7b:02:b0:29:8a:09:42:
                    d2:dd:eb:04:c7:89:79:ec:f2:cd:6c:df:8d:bf:4e:
                    20:95:99:29:d0:ea:8e:34:3c:e3:cc:eb:86:07:c1:
                    39:1a:72:a1:a0:bc:74:d9:9a:c3:ec:a8:81:1e:77:
                    cb:f0:cb:4f:a9:24:4d:60:c0:b3:23:51:5c:1e:30:
                    f7:e1:1d:ca:93:12:e5:6a:86:55:18:ff:da:a7:c2:
                    b1:88:ec:44:0f:00:f5:c1:00:62:07:9d:86:3e:9b:
                    c7:ab:d9:70:f9:6a:27:29:3b:a4:8c:ff:59:cb:54:
                    d7:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:8C:1B:A2:88:2D:57:D0:36:3A:D6:8F:65:29:D6:5C:68:21:77:90
            X509v3 Authority Key Identifier:
                keyid:3E:89:C7:BC:97:AA:F0:DC:03:17:66:9D:47:51:B1:31:AA:93:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:f2:a6:69:7d:50:12:01:a1:36:c1:d1:81:72:ed:74:80:7a:
         e9:fd:cc:77:92:1b:33:da:8f:c0:c5:0d:cf:f7:71:e2:07:52:
         b2:33:de:35:90:8b:6a:cf:6d:84:ad:0f:4b:3f:8a:d7:08:5f:
         bb:21:53:8c:6d:38:3e:14:d9:31:b8:c4:b0:d7:22:d6:44:09:
         d2:9d:85:ec:2e:20:25:b5:94:d2:fa:02:c1:c4:a1:73:d9:26:
         2f:84:fb:40:50:83:f4:c3:d3:01:68:48:2d:02:9c:ea:8a:09:
         62:56:d9:04:03:c3:0a:24:0b:47:c9:34:f9:59:cf:68:57:f0:
         9b:4b:68:88:ea:fd:8b:8e:9a:47:12:de:12:d4:e2:d1:5e:69:
         8e:b4:e7:88:2e:13:9c:ad:69:0b:5b:ad:e9:bc:88:f4:a0:07:
         99:0f:b7:9b:a4:29:36:92:a7:36:f9:9c:9a:11:07:35:af:ea:
         f7:8f:5c:9a:bf:c8:70:71:d0:8a:ed:fe:87:9f:63:2a:e0:3c:
         0d:eb:8a:ad:8c:db:90:4c:98:0d:4d:5b:60:8c:54:51:0c:6a:
         2a:18:87:28:7c:ea:19:73:58:40:20:aa:de:b8:3a:c2:a8:19:
         43:38:0a:a1:4f:ec:76:b4:08:37:3d:f7:4b:c2:ea:3b:72:92:
         3d:7d:db:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE3GNjbxY0ti4Xm/N376iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlODljN2JjOTdhYWYwZGMwMzE3NjY5ZDQ3NTFiMTMxYWE5
MzJiOGQwHhcNMjUxMTExMDQwMTMwWhcNMjUxMTEyMDQwMTMwWjAzMTEwLwYDVQQD
Eyg3NDhjMWJhMjg4MmQ1N2QwMzYzYWQ2OGY2NTI5ZDY1YzY4MjE3NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOpAD9jLpuIGwvNz2mNozSC1/741
FM4WqgR0XCBFQrbR3vD6396uMHpvr+/PwgYzq6QMhaOkG3GYnfq78ITmrnjYdvU7
qdSg2xyqwRELLSLTllot4upC+vEMUNrq7W1K5EUslLhSGOxBDPue1k7QDDUR19mv
rZFgAgcNI4vFvmVZDw/34tOrAUHZCptsRnsCsCmKCULS3esEx4l57PLNbN+Nv04g
lZkp0OqONDzjzOuGB8E5GnKhoLx02ZrD7KiBHnfL8MtPqSRNYMCzI1FcHjD34R3K
kxLlaoZVGP/ap8KxiOxEDwD1wQBiB52GPpvHq9lw+WonKTukjP9Zy1TXWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSMG6KILVfQNjrWj2Up1lxoIXeQMB8GA1UdIwQY
MBaAFD6Jx7yXqvDcAxdmnUdRsTGqkyuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80NjhlMTMtYTNkYy00YzdlLTllYjMt
ODMyNjUxZTYwYzNiLzEvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80NjhlMTMtYTNkYy00YzdlLTllYjMtODMyNjUxZTYwYzNi
LzEvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIfKmaX1Q
EgGhNsHRgXLtdIB66f3Md5IbM9qPwMUNz/dx4gdSsjPeNZCLas9thK0PSz+K1whf
uyFTjG04PhTZMbjEsNci1kQJ0p2F7C4gJbWU0voCwcShc9kmL4T7QFCD9MPTAWhI
LQKc6ooJYlbZBAPDCiQLR8k0+VnPaFfwm0toiOr9i46aRxLeEtTi0V5pjrTniC4T
nK1pC1ut6byI9KAHmQ+3m6QpNpKnNvmcmhEHNa/q949cmr/IcHHQiu3+h59jKuA8
DeuKrYzbkEyYDU1bYIxUUQxqKhiHKHzqGXNYQCCq3rg6wqgZQzgKoU/sdrQINz33
S8LqO3KSPX3blQ==
-----END CERTIFICATE-----