Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
File:                     PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json)
Hash identifier:          oVQCLmgTP/s7tSYYmPFB23EwNEiGgNDx8+boIPJwLo0=
Subject key identifier:   A8:E7:A1:1D:06:00:FD:E0:E2:75:2E:C5:08:6D:E9:6D:8F:14:D3:9A
Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6
Certificate issuer:       /CN=3c59555ec232826c7dd6d9a926b53602837949f6
Certificate serial:       019A714A1CCB1C050DDA2930DDA19324D671
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
Manifest number:          02D3
Signing time:             Tue 11 Nov 2025 05:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:13 +0000
Files and hashes:         1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: hFomRJmn3LSwLoEauHOXO/fJA5c5aPhhrqmqXTeGlOc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:1c:cb:1c:05:0d:da:29:30:dd:a1:93:24:d6:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6
        Validity
            Not Before: Nov 11 05:01:13 2025 GMT
            Not After : Nov 12 05:01:13 2025 GMT
        Subject: CN=a8e7a11d0600fde0e2752ec5086de96d8f14d39a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4c:2c:10:6d:07:4f:bd:1f:dc:63:b7:fe:12:
                    e8:90:44:00:70:d9:5a:7e:a6:ee:97:4c:ce:18:5b:
                    80:5b:ac:c7:af:32:0d:9a:84:8b:8f:db:5c:e1:5f:
                    7f:f0:ec:97:05:c1:2d:7f:9a:e9:f2:d4:c5:7a:32:
                    67:42:bb:54:fe:36:df:e3:c3:0b:92:dc:f2:fd:16:
                    01:e4:0f:14:7e:dd:94:c4:f0:49:23:6b:af:ca:d1:
                    76:b3:6d:69:90:c2:34:61:32:49:99:bb:ff:55:62:
                    29:8b:f5:22:57:9c:27:61:10:9a:17:7f:f7:a5:87:
                    49:2e:13:01:e6:4b:18:85:b1:a1:91:d4:81:be:66:
                    a4:98:9d:9a:54:2a:5d:b9:52:ae:9d:6e:3c:06:df:
                    8c:e0:0e:27:cf:2c:0f:ef:6a:f8:c9:16:98:9a:6c:
                    70:18:84:c9:73:ff:cc:59:ec:eb:10:aa:42:72:9b:
                    cf:10:56:0f:71:86:a1:e1:b3:85:bb:ee:ac:74:6d:
                    3f:8d:93:da:d2:e9:f2:4e:f7:c6:d1:dd:e4:18:4c:
                    86:e4:24:40:b4:38:1d:d7:01:59:e6:9a:9a:2b:95:
                    82:02:27:f3:8f:e5:10:9e:2a:a7:d9:01:00:40:94:
                    b0:15:5e:0e:a9:7b:fe:57:d2:ad:df:df:12:0f:db:
                    be:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:E7:A1:1D:06:00:FD:E0:E2:75:2E:C5:08:6D:E9:6D:8F:14:D3:9A
            X509v3 Authority Key Identifier:
                keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:11:80:16:fe:fb:d8:6c:73:38:f1:31:cd:d2:c5:ff:e3:43:
         7a:79:11:e5:72:5f:cd:7a:ab:c1:17:e2:44:1e:62:e0:60:9c:
         cc:f2:1f:36:86:74:d5:8c:ab:71:06:a3:74:99:b0:b1:a4:3c:
         e7:59:4e:d9:4e:40:98:9a:98:bf:95:41:b0:26:5d:06:05:19:
         6a:89:8a:02:da:aa:e8:07:e5:9f:88:45:78:36:67:47:a5:f4:
         13:25:d8:39:9f:b7:d1:30:87:4b:ee:8f:6a:29:1c:ec:ba:de:
         e5:f5:6b:bc:5e:9d:9c:6b:75:de:de:8f:bd:70:cd:04:24:ab:
         65:44:4c:0b:64:9f:55:50:74:92:56:46:ac:8c:01:fe:8b:a7:
         3d:ef:96:99:f7:9a:33:a0:f0:26:d0:44:30:b6:49:8e:32:99:
         c4:a0:28:d9:38:8c:16:84:09:86:e2:70:e4:8c:51:f8:4d:5a:
         05:06:18:8f:2a:dc:28:69:1d:7c:74:e5:43:f8:44:80:b4:28:
         43:78:49:f7:09:dc:2b:f6:73:42:fe:4b:72:86:35:ce:95:16:
         5c:5a:75:b6:04:54:f6:32:ab:c1:f5:22:96:82:98:96:65:92:
         57:8b:cd:15:4c:b5:23:31:ea:95:e7:dc:50:a5:e2:27:4f:59:
         0d:b8:a8:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShzLHAUN2ikw3aGTJNZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3
OTQ5ZjYwHhcNMjUxMTExMDUwMTEzWhcNMjUxMTEyMDUwMTEzWjAzMTEwLwYDVQQD
EyhhOGU3YTExZDA2MDBmZGUwZTI3NTJlYzUwODZkZTk2ZDhmMTRkMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UwsEG0HT70f3GO3/hLokEQAcNla
fqbul0zOGFuAW6zHrzINmoSLj9tc4V9/8OyXBcEtf5rp8tTFejJnQrtU/jbf48ML
ktzy/RYB5A8Uft2UxPBJI2uvytF2s21pkMI0YTJJmbv/VWIpi/UiV5wnYRCaF3/3
pYdJLhMB5ksYhbGhkdSBvmakmJ2aVCpduVKunW48Bt+M4A4nzywP72r4yRaYmmxw
GITJc//MWezrEKpCcpvPEFYPcYah4bOFu+6sdG0/jZPa0unyTvfG0d3kGEyG5CRA
tDgd1wFZ5pqaK5WCAifzj+UQniqn2QEAQJSwFV4OqXv+V9Kt398SD9u+xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjnoR0GAP3g4nUuxQht6W2PFNOaMB8GA1UdIwQY
MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt
OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5
LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxGAFv77
2GxzOPExzdLF/+NDenkR5XJfzXqrwRfiRB5i4GCczPIfNoZ01YyrcQajdJmwsaQ8
51lO2U5AmJqYv5VBsCZdBgUZaomKAtqq6Afln4hFeDZnR6X0EyXYOZ+30TCHS+6P
aikc7Lre5fVrvF6dnGt13t6PvXDNBCSrZURMC2SfVVB0klZGrIwB/ounPe+Wmfea
M6DwJtBEMLZJjjKZxKAo2TiMFoQJhuJw5IxR+E1aBQYYjyrcKGkdfHTlQ/hEgLQo
Q3hJ9wncK/ZzQv5LcoY1zpUWXFp1tgRU9jKrwfUiloKYlmWSV4vNFUy1IzHqlefc
UKXiJ09ZDbiohw==
-----END CERTIFICATE-----