Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          EdCQUTy7UgMNLzmDHmG8N6xw7b+WPc91WBI0unkaSGk=
Subject key identifier:   17:D3:55:90:95:04:46:26:9D:05:21:4E:F0:62:05:2C:5C:2F:0E:E3
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       01974B8DCE73F25991E2866FA8E305FE0E30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          02A7
Signing time:             Sat 07 Jun 2025 18:01:13 +0000
Manifest this update:     Sat 07 Jun 2025 18:01:13 +0000
Manifest next update:     Sun 08 Jun 2025 18:01:13 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: /NmnaaiwGOVS0dVOFQEqt6dXdrWSqgDuJEvhYLBvKIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:ce:73:f2:59:91:e2:86:6f:a8:e3:05:fe:0e:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Jun  7 18:01:13 2025 GMT
            Not After : Jun  8 18:01:13 2025 GMT
        Subject: CN=17d35590950446269d05214ef062052c5c2f0ee3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7d:cb:cb:73:50:ec:cc:76:91:5f:5e:d7:a5:
                    6b:d7:22:e5:ec:8d:ee:c1:d4:01:3b:69:5a:d0:e3:
                    23:53:d4:55:e9:a7:0e:88:77:99:d8:24:a4:3c:3f:
                    e9:6c:1a:15:1c:52:c9:ca:40:43:de:a9:aa:96:5a:
                    9a:12:98:e5:ba:85:dc:55:ff:12:39:32:12:23:2c:
                    2a:3e:0b:7d:26:f3:a4:87:66:7d:5b:ab:78:d3:b1:
                    c5:8c:30:c2:7b:bd:d9:ab:02:f0:f7:b5:27:19:df:
                    98:a6:ee:a7:dd:a8:cf:ff:04:b7:76:7f:1a:45:ea:
                    eb:2e:b7:9f:54:ba:2d:7c:62:05:6b:cf:65:97:83:
                    5c:6a:76:8f:bc:76:49:c1:f9:c2:4a:2c:3a:7c:b9:
                    1e:56:13:4e:41:01:74:31:24:1e:81:4d:e5:87:5b:
                    f2:27:74:29:f7:92:27:49:ad:94:e1:72:1e:ac:08:
                    9b:e4:67:7b:46:96:79:d0:79:6b:80:71:e8:82:14:
                    d8:25:34:20:9c:13:80:f8:19:38:9f:cf:28:2c:1f:
                    46:3f:69:a1:e3:7b:55:35:de:e5:af:ab:d9:2e:81:
                    82:65:37:84:39:d1:2e:73:5b:02:70:65:c1:2e:07:
                    5a:a3:82:a2:b1:1a:7a:88:77:22:bc:c5:15:95:1e:
                    74:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D3:55:90:95:04:46:26:9D:05:21:4E:F0:62:05:2C:5C:2F:0E:E3
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:bc:91:16:60:fd:fa:8f:1e:5d:54:77:2f:1c:0c:df:95:00:
         73:90:6d:ca:bc:3c:73:11:fc:a9:47:32:4d:a5:6a:3a:4c:1d:
         16:f6:ce:19:7b:2b:75:e1:6e:1b:a0:5b:25:ea:47:70:a3:00:
         65:50:41:21:ea:90:94:85:98:42:13:ac:ac:7c:e0:f7:8e:7f:
         f0:71:c7:17:cf:f7:84:9e:5e:87:34:d8:84:85:b4:01:2a:99:
         ea:cf:b4:0f:53:40:9d:82:3b:a0:85:27:c0:80:69:25:50:a8:
         23:83:36:98:f2:e8:68:5f:30:34:4a:be:31:9c:be:08:37:62:
         39:b2:02:24:d9:ec:9e:2a:c8:82:09:50:fb:95:6c:d0:7d:4e:
         54:c6:37:be:c2:b2:37:b9:fc:90:f6:e0:e3:d2:a2:53:34:22:
         65:67:33:a7:71:56:e3:a2:e2:32:e1:6c:3e:cc:41:ec:bd:25:
         1e:84:b9:13:b4:29:db:43:c2:ba:a0:02:fb:f1:df:42:49:a1:
         72:4a:3c:66:52:e7:f3:ce:66:b7:bb:8c:42:54:c9:14:85:77:
         88:59:22:7b:86:f8:5f:0b:e2:7c:c6:eb:b2:1e:ae:c1:20:71:
         49:1d:9d:de:d5:24:f7:dd:b5:40:f3:7e:d1:31:09:ca:3e:d3:
         23:80:1e:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjc5z8lmR4oZvqOMF/g4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUwNjA3MTgwMTEzWhcNMjUwNjA4MTgwMTEzWjAzMTEwLwYDVQQD
EygxN2QzNTU5MDk1MDQ0NjI2OWQwNTIxNGVmMDYyMDUyYzVjMmYwZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs33Ly3NQ7Mx2kV9e16Vr1yLl7I3u
wdQBO2la0OMjU9RV6acOiHeZ2CSkPD/pbBoVHFLJykBD3qmqllqaEpjluoXcVf8S
OTISIywqPgt9JvOkh2Z9W6t407HFjDDCe73ZqwLw97UnGd+Ypu6n3ajP/wS3dn8a
RerrLrefVLotfGIFa89ll4NcanaPvHZJwfnCSiw6fLkeVhNOQQF0MSQegU3lh1vy
J3Qp95InSa2U4XIerAib5Gd7RpZ50HlrgHHoghTYJTQgnBOA+Bk4n88oLB9GP2mh
43tVNd7lr6vZLoGCZTeEOdEuc1sCcGXBLgdao4KisRp6iHcivMUVlR50SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfTVZCVBEYmnQUhTvBiBSxcLw7jMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLyRFmD9
+o8eXVR3LxwM35UAc5Btyrw8cxH8qUcyTaVqOkwdFvbOGXsrdeFuG6BbJepHcKMA
ZVBBIeqQlIWYQhOsrHzg945/8HHHF8/3hJ5ehzTYhIW0ASqZ6s+0D1NAnYI7oIUn
wIBpJVCoI4M2mPLoaF8wNEq+MZy+CDdiObICJNnsnirIgglQ+5Vs0H1OVMY3vsKy
N7n8kPbg49KiUzQiZWczp3FW46LiMuFsPsxB7L0lHoS5E7Qp20PCuqAC+/HfQkmh
cko8ZlLn885mt7uMQlTJFIV3iFkie4b4XwvifMbrsh6uwSBxSR2d3tUk9921QPN+
0TEJyj7TI4Ae0A==
-----END CERTIFICATE-----