Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          aZLs0Px3M2a9BCfh7a8zY6aTJe7XlDkRTR+D7pxJJ8I=
Subject key identifier:   1E:14:3E:F5:91:0F:24:BA:98:13:19:DF:86:A0:47:C1:45:68:F9:04
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019A71B8C11E6147D05F38BE837D0D71C549
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          1295
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: pyZSI7HtYWsaFGTIT4i8ISx6XjNaeXl5ikkPBHq0wlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:c1:1e:61:47:d0:5f:38:be:83:7d:0d:71:c5:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=1e143ef5910f24ba981319df86a047c14568f904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4f:a7:20:63:87:44:b9:95:19:13:b3:19:4c:
                    6e:b9:69:d7:e5:33:79:0d:37:b2:e0:89:43:bb:77:
                    56:03:ae:66:3a:9f:82:34:d3:4f:da:ee:6a:3b:05:
                    62:48:71:48:7c:48:bd:86:d9:ed:ff:39:57:dc:f4:
                    ac:b3:b9:c6:be:9f:52:68:31:54:38:d1:60:96:a8:
                    ae:84:08:73:d0:d4:72:64:64:ac:1a:e4:0a:64:ce:
                    8c:77:9e:d0:45:24:d0:17:7b:e5:10:56:b5:da:00:
                    1b:77:8a:0b:f4:57:0b:ca:d5:f3:60:c0:6b:ac:47:
                    58:b3:9d:d6:34:e6:5a:92:34:f8:f3:5e:f4:b4:e4:
                    cb:70:e3:08:1c:57:74:c9:36:dd:b7:58:aa:c6:dd:
                    d3:a8:ef:c2:8b:1b:70:6f:88:e9:24:17:eb:63:3b:
                    7d:4c:14:49:c3:4a:6a:d9:d7:2b:32:89:c4:47:fd:
                    9a:f7:3f:35:a1:d6:24:71:94:47:54:6c:00:64:6c:
                    b5:80:f2:6b:fd:a3:a4:f2:ba:be:d9:6c:e6:56:41:
                    fc:44:10:5a:ba:0d:f6:bf:93:60:ad:b2:3b:a8:ea:
                    18:27:d6:ff:50:a5:f4:d1:fe:d0:13:b1:5e:d1:3e:
                    39:93:e9:20:3f:85:b4:21:e3:e3:0f:e8:24:05:1d:
                    fb:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:14:3E:F5:91:0F:24:BA:98:13:19:DF:86:A0:47:C1:45:68:F9:04
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:aa:84:9d:9c:e3:1c:b9:4d:cd:e5:d4:e0:07:01:47:1d:ab:
         a9:3a:81:fa:79:4d:a7:a1:65:a9:ce:ce:9e:3f:5d:8b:21:1f:
         6c:5d:ea:fc:4e:09:05:4d:f8:e3:90:8e:05:68:91:1e:fe:01:
         fc:48:50:7f:ed:01:e7:65:66:ba:4b:16:87:96:92:28:d9:db:
         24:87:28:d4:77:31:45:cf:0a:d7:19:68:1e:75:57:f2:dc:cb:
         35:79:74:c5:b0:a1:c9:15:91:07:e1:17:9b:54:ad:04:47:65:
         68:c2:35:5e:78:e7:80:c6:fc:6a:4b:80:a2:d7:74:20:81:37:
         21:ff:60:87:9b:88:a5:d2:59:0b:4a:73:42:3c:17:57:cf:a4:
         4c:b8:18:34:24:b0:47:d0:9b:19:32:7a:31:ad:75:96:bd:86:
         e6:47:28:7a:ce:89:0f:6f:70:7a:2f:31:0b:d6:69:10:e7:bd:
         71:bb:2c:f6:03:e1:b8:d7:5c:f1:2d:b0:b5:41:69:10:16:59:
         05:ca:ce:d3:35:ee:33:ea:0e:5d:94:c0:32:aa:df:50:7f:2b:
         dc:63:05:cf:ea:f0:a2:89:d3:1c:0c:32:b5:e8:13:5b:f5:cb:
         dc:31:1b:d4:f2:96:be:c3:ae:d2:cf:be:03:8f:12:b7:fb:f6:
         c7:92:11:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMEeYUfQXzi+g30NccVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
EygxZTE0M2VmNTkxMGYyNGJhOTgxMzE5ZGY4NmEwNDdjMTQ1NjhmOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0+nIGOHRLmVGROzGUxuuWnX5TN5
DTey4IlDu3dWA65mOp+CNNNP2u5qOwViSHFIfEi9htnt/zlX3PSss7nGvp9SaDFU
ONFglqiuhAhz0NRyZGSsGuQKZM6Md57QRSTQF3vlEFa12gAbd4oL9FcLytXzYMBr
rEdYs53WNOZakjT48170tOTLcOMIHFd0yTbdt1iqxt3TqO/Cixtwb4jpJBfrYzt9
TBRJw0pq2dcrMonER/2a9z81odYkcZRHVGwAZGy1gPJr/aOk8rq+2WzmVkH8RBBa
ug32v5NgrbI7qOoYJ9b/UKX00f7QE7Fe0T45k+kgP4W0IePjD+gkBR37vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4UPvWRDyS6mBMZ34agR8FFaPkEMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADqqEnZzj
HLlNzeXU4AcBRx2rqTqB+nlNp6Flqc7Onj9diyEfbF3q/E4JBU3445COBWiRHv4B
/EhQf+0B52VmuksWh5aSKNnbJIco1HcxRc8K1xloHnVX8tzLNXl0xbChyRWRB+EX
m1StBEdlaMI1XnjngMb8akuAotd0IIE3If9gh5uIpdJZC0pzQjwXV8+kTLgYNCSw
R9CbGTJ6Ma11lr2G5kcoes6JD29wei8xC9ZpEOe9cbss9gPhuNdc8S2wtUFpEBZZ
BcrO0zXuM+oOXZTAMqrfUH8r3GMFz+rwoonTHAwytegTW/XL3DEb1PKWvsOu0s++
A48St/v2x5IR1w==
-----END CERTIFICATE-----