Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          49EYNeBipCGKHsj+vHPVLzNhmXwxD9KlBkXiCRKbVT8=
Subject key identifier:   60:84:2B:C2:A3:FB:CC:CF:9B:FA:55:E1:2B:55:BB:B1:6D:25:AC:49
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       01974E5814DA8E8252F01B366744EF9EDABA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          10F5
Signing time:             Sun 08 Jun 2025 07:01:24 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:24 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:24 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: S/nVRWLGvnuqFW7blkubSZMyVULJLqW3aeyf+Tef4DY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:58:14:da:8e:82:52:f0:1b:36:67:44:ef:9e:da:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Jun  8 07:01:24 2025 GMT
            Not After : Jun  9 07:01:24 2025 GMT
        Subject: CN=60842bc2a3fbcccf9bfa55e12b55bbb16d25ac49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9e:99:e6:ba:a6:b2:44:d8:e7:32:8b:a1:9e:
                    d0:56:2c:96:83:f4:90:8f:3c:e8:6b:12:32:b0:b5:
                    57:60:19:e1:3f:f9:82:4c:46:56:3d:de:ac:54:73:
                    ac:8f:12:11:43:6c:9b:b1:3a:76:d9:47:ac:67:a2:
                    1d:c7:b6:4a:e1:e6:44:cd:52:71:ca:b4:57:1a:fa:
                    94:7f:d0:40:de:eb:53:11:c6:f4:b7:0b:d6:a3:65:
                    f8:56:a3:47:f5:67:ac:35:ce:d7:87:5c:9d:49:35:
                    b9:2f:9b:54:90:5d:36:db:11:da:bb:89:43:95:8c:
                    b9:1e:56:a5:4f:0e:6e:a3:cc:39:6e:e5:d4:42:96:
                    80:ed:87:72:76:84:05:6c:63:1f:5d:97:97:db:d7:
                    a3:77:93:d6:01:7f:45:f3:45:d3:96:d7:61:be:8b:
                    09:be:7f:75:cb:a9:55:8f:4f:2f:15:ca:0c:05:36:
                    e5:05:bb:60:ab:c7:f0:e7:4e:d9:00:1e:bd:72:ba:
                    90:91:b2:2b:d5:9a:98:5e:0d:2a:7a:1e:c7:98:e1:
                    13:15:57:87:86:f2:93:9b:77:0e:82:ca:2e:d6:84:
                    29:fc:01:d2:5d:ee:9d:0a:74:57:26:98:5a:e5:17:
                    23:5f:0c:e4:31:03:44:37:b1:c5:81:16:c9:59:c6:
                    0b:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:84:2B:C2:A3:FB:CC:CF:9B:FA:55:E1:2B:55:BB:B1:6D:25:AC:49
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:a2:b8:7f:a2:cc:76:f5:40:80:50:b0:75:49:8e:cb:45:75:
         83:fa:3e:cf:c0:e9:27:60:1b:e7:1a:36:93:b1:fd:82:e2:82:
         03:af:a3:09:9f:7b:63:0f:8c:03:b2:48:e4:b8:3b:df:48:5c:
         30:2f:26:38:ba:01:7c:ef:43:56:41:06:5a:4b:36:bb:6a:d0:
         83:2f:cb:d2:82:e3:33:0c:19:bb:34:68:d6:5c:c8:94:0d:37:
         cf:a6:55:fb:3c:3f:05:7e:c8:8b:8f:f6:01:f0:05:9e:9b:3e:
         2b:be:72:c3:35:87:72:bd:29:eb:1c:51:e4:ff:4b:e5:fa:8c:
         2c:7c:e0:54:8a:11:0b:52:55:55:36:ca:17:50:fd:96:f3:f8:
         21:21:3d:39:73:38:61:e3:cc:8f:b4:e9:5d:ba:8c:61:75:e4:
         d0:73:f4:12:2d:fa:54:46:9e:96:f5:f2:16:ff:52:61:bf:81:
         51:f2:ea:a7:b0:81:a0:bd:25:59:a4:bb:16:ae:4f:df:a4:8c:
         4a:26:0d:ad:5b:51:3a:8f:ce:60:f7:a3:f7:4e:15:80:9f:f9:
         13:20:12:a5:f9:56:6c:c3:44:97:ae:b4:66:c5:f4:db:57:ee:
         b9:9e:44:94:27:e5:e3:be:7b:fb:04:89:af:10:f0:40:72:ed:
         6d:e3:57:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOWBTajoJS8Bs2Z0Tvntq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUwNjA4MDcwMTI0WhcNMjUwNjA5MDcwMTI0WjAzMTEwLwYDVQQD
Eyg2MDg0MmJjMmEzZmJjY2NmOWJmYTU1ZTEyYjU1YmJiMTZkMjVhYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA056Z5rqmskTY5zKLoZ7QViyWg/SQ
jzzoaxIysLVXYBnhP/mCTEZWPd6sVHOsjxIRQ2ybsTp22UesZ6Idx7ZK4eZEzVJx
yrRXGvqUf9BA3utTEcb0twvWo2X4VqNH9WesNc7Xh1ydSTW5L5tUkF022xHau4lD
lYy5HlalTw5uo8w5buXUQpaA7YdydoQFbGMfXZeX29ejd5PWAX9F80XTltdhvosJ
vn91y6lVj08vFcoMBTblBbtgq8fw507ZAB69crqQkbIr1ZqYXg0qeh7HmOETFVeH
hvKTm3cOgsou1oQp/AHSXe6dCnRXJpha5RcjXwzkMQNEN7HFgRbJWcYL9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCEK8Kj+8zPm/pV4StVu7FtJaxJMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6K4f6LM
dvVAgFCwdUmOy0V1g/o+z8DpJ2Ab5xo2k7H9guKCA6+jCZ97Yw+MA7JI5Lg730hc
MC8mOLoBfO9DVkEGWks2u2rQgy/L0oLjMwwZuzRo1lzIlA03z6ZV+zw/BX7Ii4/2
AfAFnps+K75ywzWHcr0p6xxR5P9L5fqMLHzgVIoRC1JVVTbKF1D9lvP4ISE9OXM4
YePMj7TpXbqMYXXk0HP0Ei36VEaelvXyFv9SYb+BUfLqp7CBoL0lWaS7Fq5P36SM
SiYNrVtROo/OYPej904VgJ/5EyASpflWbMNEl660ZsX021fuuZ5ElCfl4757+wSJ
rxDwQHLtbeNXyg==
-----END CERTIFICATE-----