Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          hjo7piO8iNlXPTuvWSGcWJ/6Zl7UQH7KPrko4XCxeEA=
Subject key identifier:   01:37:F6:24:AE:E9:5F:EA:02:62:CA:4D:34:6E:58:F0:69:6D:49:94
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019511D99F061B71D7AA110433E90C6BEFD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          0180
Signing time:             Mon 17 Feb 2025 03:00:29 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:29 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:29 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: yQ2PrwrSv9e3qo4QvbTAsnZ4xHbw27U0qC4/FNAXdUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:9f:06:1b:71:d7:aa:11:04:33:e9:0c:6b:ef:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Feb 17 03:00:29 2025 GMT
            Not After : Feb 18 03:00:29 2025 GMT
        Subject: CN=0137f624aee95fea0262ca4d346e58f0696d4994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:b9:c6:a6:e1:86:04:df:74:1e:82:c3:19:68:
                    dc:a5:fb:18:08:0f:82:8b:c0:2c:48:d5:f2:10:53:
                    f0:56:57:18:2e:e5:73:43:fe:7a:87:4b:ce:9b:84:
                    77:54:83:b2:1f:ae:9b:62:d3:20:fc:2d:ff:a0:95:
                    3a:aa:ce:35:69:9c:f2:ef:8f:74:8a:a3:39:54:59:
                    62:7b:f7:b6:14:15:f2:1f:e3:e0:65:d2:7d:08:a0:
                    4d:e3:44:75:75:35:d3:07:c3:e8:3d:97:4a:32:ca:
                    47:e2:ba:fd:f2:c5:09:d6:87:8a:a9:ff:87:03:39:
                    e2:de:6f:9b:ef:0a:20:3f:de:d6:7d:65:a1:28:10:
                    fa:f9:6c:81:7e:56:bf:4b:d7:4f:f8:21:39:91:4e:
                    84:8c:11:14:be:57:8f:4c:a2:48:d2:da:ae:fe:d6:
                    65:32:97:57:97:e2:52:61:2f:83:6c:e9:9d:3d:71:
                    12:0c:39:43:70:de:c4:83:19:21:9f:fa:00:d0:7e:
                    65:9a:af:2e:d4:31:64:ff:2f:42:55:f7:73:f8:af:
                    7c:6c:a0:27:cd:ec:8c:6e:da:e8:5b:7b:31:df:7b:
                    c6:92:d4:88:f4:a9:3f:44:ba:cb:f1:9a:64:98:ac:
                    b4:a0:05:0f:1b:39:f8:e7:70:bd:04:83:97:e9:af:
                    06:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:37:F6:24:AE:E9:5F:EA:02:62:CA:4D:34:6E:58:F0:69:6D:49:94
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:be:c0:07:3a:b1:8f:01:e0:e6:b5:db:17:59:57:34:ec:0f:
         39:88:ea:80:06:b6:be:95:97:4c:97:8c:96:d2:98:58:33:81:
         46:b8:3a:51:7f:4d:df:3f:f1:95:3b:48:34:ab:f5:c8:12:7f:
         22:fa:e0:9c:81:48:aa:5b:97:57:7a:3d:8f:9c:1e:6b:a1:48:
         7b:bb:a0:b7:73:26:1e:1d:52:14:7b:80:21:97:45:67:45:8b:
         c5:28:cb:f3:5d:36:bf:dc:c6:e2:03:03:76:41:b9:6b:98:04:
         a0:c1:d4:51:39:c9:a4:6e:15:ab:cb:a0:80:67:89:32:7f:e5:
         c1:ca:b2:59:5c:13:8e:d4:59:ee:71:40:5c:15:35:22:b3:98:
         0c:b3:6f:73:84:53:dd:c3:b2:30:2e:f3:a1:c0:21:8b:7c:18:
         91:f9:7e:20:34:df:3c:b8:a4:53:fe:94:81:7b:7b:47:93:68:
         d5:ce:ad:70:52:df:fe:44:45:ff:49:f3:b8:20:24:df:e5:4a:
         b8:56:87:b4:93:09:58:53:7d:2f:22:77:ec:4f:64:26:61:b8:
         fa:27:5a:b5:cb:1d:5f:da:8b:6a:b5:7a:b1:3f:06:7f:3f:db:
         67:09:ba:e2:62:0a:62:de:1b:a1:b5:57:3b:7e:f9:9b:73:e1:
         0d:d6:53:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2Z8GG3HXqhEEM+kMa+/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUwMjE3MDMwMDI5WhcNMjUwMjE4MDMwMDI5WjAzMTEwLwYDVQQD
EygwMTM3ZjYyNGFlZTk1ZmVhMDI2MmNhNGQzNDZlNThmMDY5NmQ0OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77nGpuGGBN90HoLDGWjcpfsYCA+C
i8AsSNXyEFPwVlcYLuVzQ/56h0vOm4R3VIOyH66bYtMg/C3/oJU6qs41aZzy7490
iqM5VFlie/e2FBXyH+PgZdJ9CKBN40R1dTXTB8PoPZdKMspH4rr98sUJ1oeKqf+H
Azni3m+b7wogP97WfWWhKBD6+WyBfla/S9dP+CE5kU6EjBEUvlePTKJI0tqu/tZl
MpdXl+JSYS+DbOmdPXESDDlDcN7Egxkhn/oA0H5lmq8u1DFk/y9CVfdz+K98bKAn
zeyMbtroW3sx33vGktSI9Kk/RLrL8ZpkmKy0oAUPGzn453C9BIOX6a8GZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAE39iSu6V/qAmLKTTRuWPBpbUmUMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiL7ABzqx
jwHg5rXbF1lXNOwPOYjqgAa2vpWXTJeMltKYWDOBRrg6UX9N3z/xlTtINKv1yBJ/
IvrgnIFIqluXV3o9j5wea6FIe7ugt3MmHh1SFHuAIZdFZ0WLxSjL8102v9zG4gMD
dkG5a5gEoMHUUTnJpG4Vq8uggGeJMn/lwcqyWVwTjtRZ7nFAXBU1IrOYDLNvc4RT
3cOyMC7zocAhi3wYkfl+IDTfPLikU/6UgXt7R5No1c6tcFLf/kRF/0nzuCAk3+VK
uFaHtJMJWFN9LyJ37E9kJmG4+idatcsdX9qLarV6sT8Gfz/bZwm64mIKYt4bobVX
O375m3PhDdZTRg==
-----END CERTIFICATE-----