Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          zkTCoO63vPcqUQ9Yf+kcsOUpWVVJb1M777qEwBsE1A8=
Subject key identifier:   80:AE:70:2A:7B:52:21:A0:BD:72:48:97:D9:2B:F6:37:10:A5:A6:59
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019A70DC89D67F52B10B5B6C6902EB667406
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          0448
Signing time:             Tue 11 Nov 2025 03:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:32 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: V5xPeEkkbFBsnfNsNTZ/NLtcF45Cc2sVhDEG/rZKMCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:89:d6:7f:52:b1:0b:5b:6c:69:02:eb:66:74:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Nov 11 03:01:32 2025 GMT
            Not After : Nov 12 03:01:32 2025 GMT
        Subject: CN=80ae702a7b5221a0bd724897d92bf63710a5a659
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ae:1d:e7:29:7b:f2:03:4b:81:b2:e4:29:08:
                    6c:0b:ed:15:aa:20:9b:85:6e:48:1b:dd:a6:83:4f:
                    9d:f6:7e:30:b7:66:3b:fb:e3:71:03:10:35:69:79:
                    72:5b:78:84:cb:16:57:59:73:b0:52:20:8e:57:71:
                    6c:96:f3:5d:b8:dc:a3:c6:8e:8a:07:c5:52:a2:0c:
                    f4:82:06:ea:e2:97:4c:31:5f:0e:b2:4d:4f:0b:08:
                    0d:f5:fe:a2:d5:db:e8:ef:16:6f:b7:3b:ec:ee:ff:
                    69:2a:68:e6:f4:56:3a:4f:5b:7a:c0:c7:2e:1b:48:
                    85:42:5b:08:8f:d6:18:e7:8a:9f:8e:f2:ae:89:1b:
                    e1:ae:8e:ff:95:af:94:54:9b:0c:d8:0f:a9:e0:4c:
                    c9:0d:85:99:0f:3e:78:77:38:3a:f9:17:8b:01:b4:
                    f6:a3:e4:c9:67:47:e2:07:bc:30:16:33:44:b6:2a:
                    00:d6:d0:25:67:25:12:58:09:78:c6:a0:68:80:2a:
                    13:9f:fd:45:81:0d:0e:0b:33:fd:ae:7a:42:13:a4:
                    7e:3f:08:da:80:21:0f:2d:23:c7:a1:72:4a:0a:54:
                    d2:52:75:f0:6c:23:df:04:0b:27:38:ee:90:3e:09:
                    f2:b6:3c:fa:c3:9d:91:6c:fe:2b:9b:73:b7:ab:96:
                    ff:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:AE:70:2A:7B:52:21:A0:BD:72:48:97:D9:2B:F6:37:10:A5:A6:59
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:63:2d:48:3e:58:67:c0:30:56:be:62:86:f5:64:a2:d1:65:
         09:6d:4f:98:fa:9b:37:84:3d:69:88:6d:60:b7:11:2a:d8:b6:
         5d:d8:ac:29:85:dc:83:08:af:9f:0e:53:aa:f3:6f:13:39:90:
         e6:aa:cb:79:5a:18:08:92:b2:00:c3:86:31:62:ec:30:27:c7:
         04:f1:b6:fb:89:7d:bf:c8:bf:7a:97:10:76:15:44:cf:f0:ae:
         2d:91:8a:c3:1e:d0:12:78:5e:05:60:ce:ad:f3:4b:b4:75:51:
         72:3f:e2:f5:15:39:fe:cb:2a:f8:01:48:1f:08:72:aa:38:6f:
         6e:c0:12:3b:48:64:06:5f:94:d8:4c:2b:ef:0b:b9:d9:79:1a:
         fe:88:c3:59:99:fb:22:f8:ef:cf:7d:c4:cf:18:58:c5:a0:5f:
         a6:09:c5:2e:d1:6a:ec:a8:cb:01:87:1c:62:4c:e2:ff:64:c8:
         8e:7c:d9:54:7a:01:3d:97:97:ea:d4:55:c6:96:dd:e6:66:d8:
         d1:99:3d:b8:f6:a9:34:f5:4a:68:7f:38:9a:7c:96:39:5b:77:
         7a:21:2d:80:dc:e9:4c:31:df:7d:f7:44:ae:ae:95:8e:e9:32:
         e1:46:eb:2f:ce:8f:e3:0d:d4:5c:80:d5:00:50:a6:81:b2:cc:
         62:e6:75:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3InWf1KxC1tsaQLrZnQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUxMTExMDMwMTMyWhcNMjUxMTEyMDMwMTMyWjAzMTEwLwYDVQQD
Eyg4MGFlNzAyYTdiNTIyMWEwYmQ3MjQ4OTdkOTJiZjYzNzEwYTVhNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq4d5yl78gNLgbLkKQhsC+0VqiCb
hW5IG92mg0+d9n4wt2Y7++NxAxA1aXlyW3iEyxZXWXOwUiCOV3FslvNduNyjxo6K
B8VSogz0ggbq4pdMMV8Osk1PCwgN9f6i1dvo7xZvtzvs7v9pKmjm9FY6T1t6wMcu
G0iFQlsIj9YY54qfjvKuiRvhro7/la+UVJsM2A+p4EzJDYWZDz54dzg6+ReLAbT2
o+TJZ0fiB7wwFjNEtioA1tAlZyUSWAl4xqBogCoTn/1FgQ0OCzP9rnpCE6R+Pwja
gCEPLSPHoXJKClTSUnXwbCPfBAsnOO6QPgnytjz6w52RbP4rm3O3q5b/+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICucCp7UiGgvXJIl9kr9jcQpaZZMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemMtSD5Y
Z8AwVr5ihvVkotFlCW1PmPqbN4Q9aYhtYLcRKti2XdisKYXcgwivnw5TqvNvEzmQ
5qrLeVoYCJKyAMOGMWLsMCfHBPG2+4l9v8i/epcQdhVEz/CuLZGKwx7QEnheBWDO
rfNLtHVRcj/i9RU5/ssq+AFIHwhyqjhvbsASO0hkBl+U2Ewr7wu52Xka/ojDWZn7
Ivjvz33EzxhYxaBfpgnFLtFq7KjLAYccYkzi/2TIjnzZVHoBPZeX6tRVxpbd5mbY
0Zk9uPapNPVKaH84mnyWOVt3eiEtgNzpTDHfffdErq6Vjuky4UbrL86P4w3UXIDV
AFCmgbLMYuZ1kg==
-----END CERTIFICATE-----