Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
File:                     PwbJ3z-o-T2e8O0EscoENduLxlA.mft (raw, json)
Hash identifier:          La0nxoWO4soigKOzQgQJFsV2UCKCIemA0Aefs7vvVqY=
Subject key identifier:   90:4A:66:0F:C0:AE:F7:33:7D:84:9C:73:8E:47:A6:B7:3F:1A:C3:11
Authority key identifier: 3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
Certificate issuer:       /CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Certificate serial:       01974B5691E471AB37F34DC85A6F07E48857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 17:00:54 +0000
Manifest this update:     Sat 07 Jun 2025 17:00:54 +0000
Manifest next update:     Sun 08 Jun 2025 17:00:54 +0000
Files and hashes:         1: PwbJ3z-o-T2e8O0EscoENduLxlA.crl (hash: aUZN0c5F91R96stlYPDu6g6jf4qzfSI/PseOLdub9zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:91:e4:71:ab:37:f3:4d:c8:5a:6f:07:e4:88:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
        Validity
            Not Before: Jun  7 17:00:54 2025 GMT
            Not After : Jun  8 17:00:54 2025 GMT
        Subject: CN=904a660fc0aef7337d849c738e47a6b73f1ac311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:aa:4d:0f:3c:bd:b3:dc:17:a7:5a:7c:cc:8d:
                    c3:18:61:be:75:9c:b7:f7:5a:f3:48:82:65:ee:8a:
                    2e:54:7a:2e:6d:5c:2b:92:6e:6d:39:9e:15:c4:11:
                    b9:76:56:f7:8e:e7:af:b0:ca:20:53:df:92:91:99:
                    bb:7f:d0:05:13:32:10:60:20:ee:54:2d:85:a2:e1:
                    59:50:e0:d6:4f:b2:61:2c:8f:94:cd:2a:1d:42:10:
                    92:f9:e9:4d:83:a7:2e:31:8a:0a:a5:60:99:f4:28:
                    b7:55:fa:66:8f:85:ef:34:f0:0f:b6:0e:f9:3c:f0:
                    c6:62:a6:b1:b5:23:d0:13:f6:69:18:0a:3f:f0:d6:
                    23:4d:26:15:cd:8e:40:85:cd:b3:a3:00:98:60:fd:
                    07:60:02:0e:db:83:74:a8:5a:97:f6:10:d3:3b:0d:
                    af:be:24:2b:27:d6:b7:a3:f2:69:40:a4:d0:ec:b2:
                    34:e1:60:70:6b:85:d7:a2:79:0f:c0:d3:44:1a:2d:
                    00:42:68:dd:d0:16:1f:48:e8:cc:7d:af:fe:ca:be:
                    5a:ff:e3:2c:93:4e:5d:98:ee:e0:91:7a:73:2c:32:
                    b9:36:30:55:9b:32:34:70:7f:fd:d5:9c:8d:93:ae:
                    67:b0:dc:d9:2a:a3:29:49:95:2a:6c:bd:96:42:64:
                    e6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:4A:66:0F:C0:AE:F7:33:7D:84:9C:73:8E:47:A6:B7:3F:1A:C3:11
            X509v3 Authority Key Identifier:
                keyid:3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:26:85:76:70:a0:8c:64:a0:4d:55:98:97:98:62:83:31:57:
         b8:e7:6a:b0:50:91:13:66:47:ed:85:3d:9f:15:69:a5:e9:0e:
         20:35:5a:70:69:17:4c:a1:69:61:f3:59:23:eb:d3:62:29:be:
         8f:b2:a1:49:69:9e:ad:27:3c:c7:16:f4:08:83:ef:1e:6d:6a:
         9f:e9:fe:9b:19:9e:12:30:f8:e8:f6:40:95:3c:50:77:7f:12:
         d0:e9:0a:6b:4f:d8:83:61:4a:aa:c9:43:02:da:3a:f4:53:2c:
         7e:b1:16:33:22:8f:68:3b:c0:46:11:f3:5b:d1:78:d3:62:90:
         0c:78:8c:6f:22:4a:ba:d3:34:96:eb:06:0b:ca:a7:f0:00:51:
         88:93:6d:5a:0c:e1:4e:09:ee:cf:9b:ba:9a:fb:2f:be:45:05:
         eb:af:ad:06:b1:ec:71:72:61:7d:d9:9e:af:9d:d4:1d:cd:a1:
         c1:e0:98:b8:56:7c:e5:c9:2e:f8:be:e4:7c:69:ac:51:01:2d:
         40:76:71:83:ca:a4:74:b4:8b:b2:eb:56:59:3a:da:ff:20:a6:
         69:18:b1:e4:bf:a1:91:3c:58:2f:2b:27:39:db:87:b5:95:56:
         8d:40:90:2f:80:27:eb:25:76:0a:2e:a6:a2:d4:29:37:0b:bf:
         7e:74:c3:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVpHkcas3803IWm8H5IhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDZjOWRmM2ZhOGY5M2Q5ZWYwZWQwNGIxY2EwNDM1ZGI4
YmM2NTAwHhcNMjUwNjA3MTcwMDU0WhcNMjUwNjA4MTcwMDU0WjAzMTEwLwYDVQQD
Eyg5MDRhNjYwZmMwYWVmNzMzN2Q4NDljNzM4ZTQ3YTZiNzNmMWFjMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKpNDzy9s9wXp1p8zI3DGGG+dZy3
91rzSIJl7oouVHoubVwrkm5tOZ4VxBG5dlb3juevsMogU9+SkZm7f9AFEzIQYCDu
VC2FouFZUODWT7JhLI+UzSodQhCS+elNg6cuMYoKpWCZ9Ci3Vfpmj4XvNPAPtg75
PPDGYqaxtSPQE/ZpGAo/8NYjTSYVzY5Ahc2zowCYYP0HYAIO24N0qFqX9hDTOw2v
viQrJ9a3o/JpQKTQ7LI04WBwa4XXonkPwNNEGi0AQmjd0BYfSOjMfa/+yr5a/+Ms
k05dmO7gkXpzLDK5NjBVmzI0cH/91ZyNk65nsNzZKqMpSZUqbL2WQmTmNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBKZg/ArvczfYScc45Hprc/GsMRMB8GA1UdIwQY
MBaAFD8Gyd8/qPk9nvDtBLHKBDXbi8ZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2Ut
MzM4YWEwY2Y5OGUyLzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2UtMzM4YWEwY2Y5OGUy
LzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCaFdnCg
jGSgTVWYl5higzFXuOdqsFCRE2ZH7YU9nxVppekOIDVacGkXTKFpYfNZI+vTYim+
j7KhSWmerSc8xxb0CIPvHm1qn+n+mxmeEjD46PZAlTxQd38S0OkKa0/Yg2FKqslD
Ato69FMsfrEWMyKPaDvARhHzW9F402KQDHiMbyJKutM0lusGC8qn8ABRiJNtWgzh
Tgnuz5u6mvsvvkUF66+tBrHscXJhfdmer53UHc2hweCYuFZ85cku+L7kfGmsUQEt
QHZxg8qkdLSLsutWWTra/yCmaRix5L+hkTxYLysnOduHtZVWjUCQL4An6yV2Ci6m
otQpNwu/fnTDIA==
-----END CERTIFICATE-----