Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
File:                     PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json)
Hash identifier:          XV2XoF9/ZeKNYoFhUzDnicfC1wsz6Xo3tKm64fByd1g=
Subject key identifier:   82:23:3A:8C:15:0C:21:32:AD:7B:AF:0A:DA:A1:73:A3:32:D4:4C:9E
Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6
Certificate issuer:       /CN=3c59555ec232826c7dd6d9a926b53602837949f6
Certificate serial:       019746302E0A493B84663BCA51E95406D13D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
Manifest number:          012F
Signing time:             Fri 06 Jun 2025 17:00:52 +0000
Manifest this update:     Fri 06 Jun 2025 17:00:52 +0000
Manifest next update:     Sat 07 Jun 2025 17:00:52 +0000
Files and hashes:         1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: jIqI2gzu3QrmrMUW3L4pCJjka0+4URgUImUn4k1BbHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:30:2e:0a:49:3b:84:66:3b:ca:51:e9:54:06:d1:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6
        Validity
            Not Before: Jun  6 17:00:52 2025 GMT
            Not After : Jun  7 17:00:52 2025 GMT
        Subject: CN=82233a8c150c2132ad7baf0adaa173a332d44c9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:63:2b:39:70:df:f0:0f:41:dd:c2:7a:f9:92:
                    db:e9:7d:14:ce:24:b0:9d:0c:bd:38:86:41:cf:ee:
                    f8:98:c0:63:c6:73:9c:35:b9:fa:7a:cb:6c:91:90:
                    e3:e4:38:48:f3:63:c9:a7:d2:50:67:95:df:1f:9b:
                    10:d6:ec:ba:7e:7a:2f:98:5d:6f:b4:ff:dc:55:5d:
                    52:17:5d:ba:82:23:7b:06:e6:37:3b:f7:c2:d8:e9:
                    c8:68:ad:5c:66:8a:ad:86:7f:c4:56:23:d3:f5:f9:
                    79:20:fc:d2:65:7c:a6:fa:f2:de:1e:5a:24:86:2d:
                    13:fb:3e:56:8d:c3:e8:63:d8:46:b2:c1:b7:e9:53:
                    f0:2d:6e:ae:33:f5:7a:e3:75:95:66:04:06:a3:b1:
                    1d:ea:0c:3d:ba:3d:7a:f3:8d:22:97:a6:20:2e:16:
                    c0:f0:66:d4:49:a5:72:ea:1b:a4:81:21:11:5d:7b:
                    95:14:56:23:6d:bb:61:49:1e:5c:68:c4:4a:0f:b8:
                    a4:b3:52:c5:a4:4f:bb:a3:83:81:f1:33:f9:5a:23:
                    40:f3:e0:b3:d7:1e:2e:57:36:ff:6d:fe:a9:77:da:
                    0e:bb:8e:59:27:e2:bf:5e:97:27:cb:7e:5d:68:9d:
                    05:57:3a:50:f1:a7:83:d9:4c:5a:13:60:d1:32:1d:
                    20:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:23:3A:8C:15:0C:21:32:AD:7B:AF:0A:DA:A1:73:A3:32:D4:4C:9E
            X509v3 Authority Key Identifier:
                keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:59:93:1f:15:95:01:4b:ab:f8:2c:0f:6e:b1:65:a5:b8:cf:
         67:54:61:d1:9a:bd:1e:9a:b6:1e:27:06:96:48:e4:1c:1b:25:
         4f:de:a1:6f:ed:61:6e:2b:1f:6b:96:55:ed:1b:ac:1b:53:a3:
         c7:6b:2a:d1:49:3a:76:a0:0f:43:91:54:56:5e:90:7e:4e:dd:
         35:69:be:aa:99:6e:de:56:42:32:9f:bd:03:19:8e:da:26:30:
         5b:ab:24:f5:e7:49:0d:83:48:51:87:77:a4:7a:b4:58:76:a7:
         66:1a:ac:8e:36:82:c1:e6:ff:fa:fd:80:65:8c:3c:be:e8:7b:
         04:68:56:58:b1:b4:12:88:73:aa:e1:66:c4:5a:27:0d:7b:0b:
         0f:ad:06:fa:21:6e:86:f1:7b:2e:fc:0c:16:22:a9:bd:c6:39:
         a9:1b:6e:55:d4:25:f7:4b:33:17:22:9b:92:36:7d:b1:ac:e2:
         e2:e9:7c:c0:0c:a7:00:af:b9:f6:56:80:8f:76:cc:e4:0e:ac:
         58:58:a2:fc:08:cb:67:b2:44:a5:4a:fa:96:a6:7d:28:cd:b5:
         bd:d3:91:43:e3:12:92:ba:70:89:8f:ec:9d:8b:77:f5:bb:89:
         d0:ef:22:ae:b8:89:24:36:0c:d8:b3:54:96:bb:1d:5d:34:b5:
         b2:af:bb:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGMC4KSTuEZjvKUelUBtE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3
OTQ5ZjYwHhcNMjUwNjA2MTcwMDUyWhcNMjUwNjA3MTcwMDUyWjAzMTEwLwYDVQQD
Eyg4MjIzM2E4YzE1MGMyMTMyYWQ3YmFmMGFkYWExNzNhMzMyZDQ0YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02MrOXDf8A9B3cJ6+ZLb6X0UziSw
nQy9OIZBz+74mMBjxnOcNbn6estskZDj5DhI82PJp9JQZ5XfH5sQ1uy6fnovmF1v
tP/cVV1SF126giN7BuY3O/fC2OnIaK1cZoqthn/EViPT9fl5IPzSZXym+vLeHlok
hi0T+z5WjcPoY9hGssG36VPwLW6uM/V643WVZgQGo7Ed6gw9uj16840il6YgLhbA
8GbUSaVy6hukgSERXXuVFFYjbbthSR5caMRKD7iks1LFpE+7o4OB8TP5WiNA8+Cz
1x4uVzb/bf6pd9oOu45ZJ+K/Xpcny35daJ0FVzpQ8aeD2UxaE2DRMh0gRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIjOowVDCEyrXuvCtqhc6My1EyeMB8GA1UdIwQY
MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt
OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5
LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgVmTHxWV
AUur+CwPbrFlpbjPZ1Rh0Zq9Hpq2HicGlkjkHBslT96hb+1hbisfa5ZV7RusG1Oj
x2sq0Uk6dqAPQ5FUVl6Qfk7dNWm+qplu3lZCMp+9AxmO2iYwW6sk9edJDYNIUYd3
pHq0WHanZhqsjjaCweb/+v2AZYw8vuh7BGhWWLG0EohzquFmxFonDXsLD60G+iFu
hvF7LvwMFiKpvcY5qRtuVdQl90szFyKbkjZ9sazi4ul8wAynAK+59laAj3bM5A6s
WFii/AjLZ7JEpUr6lqZ9KM21vdORQ+MSkrpwiY/snYt39buJ0O8irriJJDYM2LNU
lrsdXTS1sq+7Cg==
-----END CERTIFICATE-----