Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          FjJ3GvJYTsNmrxNV07mJfS9rWgv5rsvF4KaXOeJP254=
Subject key identifier:   E9:88:58:85:E9:4A:16:2B:30:7F:BB:84:A8:08:CB:0E:F8:06:67:6E
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       01974A7B0449C4F2865AA4B9DAFADBDFF74D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          08AF
Signing time:             Sat 07 Jun 2025 13:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:05 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: +5nyU3p8u9Wa2Kx5oFnqfd8WllkZilvBBsDlBmKde+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:04:49:c4:f2:86:5a:a4:b9:da:fa:db:df:f7:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Jun  7 13:01:05 2025 GMT
            Not After : Jun  8 13:01:05 2025 GMT
        Subject: CN=e9885885e94a162b307fbb84a808cb0ef806676e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2a:fe:84:74:73:95:b1:0c:f3:61:9e:53:35:
                    de:7a:e9:ac:12:d8:ac:7a:82:14:40:4f:91:af:31:
                    01:10:5e:3a:57:af:ea:d6:08:3b:68:8e:75:dd:71:
                    6c:9d:48:3c:8c:33:72:37:29:11:8e:b5:62:a6:e3:
                    f4:ae:97:7b:f3:97:8c:98:2d:96:75:ab:16:7f:a1:
                    77:08:fc:04:52:6f:90:8c:a6:a6:c4:a5:00:7c:50:
                    c7:25:4b:9d:31:ac:25:90:18:18:4b:91:1c:ee:bf:
                    c8:f6:8e:9f:6c:b4:19:93:0e:df:26:60:14:4a:41:
                    b1:a0:9b:d5:d9:b0:0f:29:22:e8:10:32:13:f4:89:
                    80:6f:09:d2:1d:1c:36:24:7a:75:28:18:25:86:4b:
                    37:84:72:61:9b:a0:c6:8c:7d:ff:a7:f0:06:2d:95:
                    68:29:d9:93:31:60:0f:48:b6:a4:53:49:81:b0:00:
                    2b:2f:2c:5c:46:de:af:49:cd:41:25:bb:39:99:85:
                    24:18:db:fe:a8:78:d7:9b:9a:56:81:c3:3b:db:a5:
                    c6:fa:3c:5f:92:e2:be:be:fd:4c:ba:24:55:36:16:
                    b8:38:a4:ce:87:66:df:0f:d7:48:97:7b:cf:7a:77:
                    7d:9f:79:a1:fd:0e:a1:67:ce:70:05:f1:3f:73:67:
                    1c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:88:58:85:E9:4A:16:2B:30:7F:BB:84:A8:08:CB:0E:F8:06:67:6E
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:9a:42:48:96:42:47:35:cc:d8:cd:cf:82:4e:4f:9d:49:fc:
         bf:43:db:82:c9:8f:f5:aa:50:8a:e7:2a:61:1d:34:33:11:cd:
         c9:be:15:29:88:68:9a:ad:13:60:ed:41:8f:37:fc:80:b2:21:
         b3:95:fc:44:18:88:b0:b8:be:4c:60:65:d4:09:48:f5:da:f5:
         b2:7f:b9:81:42:7c:10:39:69:bb:de:60:c2:89:88:56:28:a6:
         41:5d:af:6f:e6:20:cb:1f:b8:b9:df:01:07:8a:59:43:7b:2a:
         c5:0b:8a:c0:2b:1b:14:e2:19:f9:a6:17:04:f6:20:26:02:ef:
         48:af:46:f3:39:45:0d:8f:b4:71:bc:9a:cb:3a:85:20:d5:8a:
         46:2c:a6:d0:3b:ff:a4:4c:5a:7e:3f:0a:84:c1:1d:db:82:9e:
         cb:87:56:df:23:b9:63:52:56:98:05:3d:dd:8f:76:59:d3:42:
         16:a8:28:4e:2b:84:11:61:cb:57:af:e9:34:5f:55:ef:25:41:
         54:bd:97:d3:84:b1:9e:8e:f1:36:02:71:64:9e:c9:98:a8:41:
         06:c6:a9:56:95:f7:a9:03:48:79:0a:44:dd:14:00:57:c7:26:
         95:d7:61:aa:61:bc:92:80:85:8c:d0:11:ee:37:e1:e3:82:29:
         06:7e:4d:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKewRJxPKGWqS52vrb3/dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwNjA3MTMwMTA1WhcNMjUwNjA4MTMwMTA1WjAzMTEwLwYDVQQD
EyhlOTg4NTg4NWU5NGExNjJiMzA3ZmJiODRhODA4Y2IwZWY4MDY2NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCr+hHRzlbEM82GeUzXeeumsEtis
eoIUQE+RrzEBEF46V6/q1gg7aI513XFsnUg8jDNyNykRjrVipuP0rpd785eMmC2W
dasWf6F3CPwEUm+QjKamxKUAfFDHJUudMawlkBgYS5Ec7r/I9o6fbLQZkw7fJmAU
SkGxoJvV2bAPKSLoEDIT9ImAbwnSHRw2JHp1KBglhks3hHJhm6DGjH3/p/AGLZVo
KdmTMWAPSLakU0mBsAArLyxcRt6vSc1BJbs5mYUkGNv+qHjXm5pWgcM726XG+jxf
kuK+vv1MuiRVNha4OKTOh2bfD9dIl3vPend9n3mh/Q6hZ85wBfE/c2ccuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmIWIXpShYrMH+7hKgIyw74BmduMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJpCSJZC
RzXM2M3Pgk5PnUn8v0PbgsmP9apQiucqYR00MxHNyb4VKYhomq0TYO1Bjzf8gLIh
s5X8RBiIsLi+TGBl1AlI9dr1sn+5gUJ8EDlpu95gwomIViimQV2vb+Ygyx+4ud8B
B4pZQ3sqxQuKwCsbFOIZ+aYXBPYgJgLvSK9G8zlFDY+0cbyayzqFINWKRiym0Dv/
pExafj8KhMEd24Key4dW3yO5Y1JWmAU93Y92WdNCFqgoTiuEEWHLV6/pNF9V7yVB
VL2X04Sxno7xNgJxZJ7JmKhBBsapVpX3qQNIeQpE3RQAV8cmlddhqmG8koCFjNAR
7jfh44IpBn5NMw==
-----END CERTIFICATE-----