Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          fkBlcGfVUHXIaWbxymfbA/Zx7ckPDNpvnN9RfMJ/EQI=
Subject key identifier:   60:6F:D8:30:CA:BD:62:A0:E6:21:CA:B8:67:97:00:7F:0E:73:E5:CA
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       019A71B9253B5DD539EE17204636E9E297B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          124A
Signing time:             Tue 11 Nov 2025 07:02:30 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:30 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:30 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: YSwU/qguUn9LSkRfI5dw0EXsWWD/vLowZgFLRyrDvMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:25:3b:5d:d5:39:ee:17:20:46:36:e9:e2:97:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Nov 11 07:02:30 2025 GMT
            Not After : Nov 12 07:02:30 2025 GMT
        Subject: CN=606fd830cabd62a0e621cab86797007f0e73e5ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c6:fe:d8:ab:5c:59:14:73:8d:0e:9e:77:b6:
                    da:f7:42:9e:ee:86:fd:52:ee:9d:fa:98:59:c5:2a:
                    9e:4b:e9:c4:cc:36:29:a4:96:10:e2:d5:75:4b:aa:
                    be:ca:c5:31:b7:4b:b6:c2:b8:54:b5:e4:28:1e:b7:
                    90:99:31:87:df:be:40:c0:0f:0f:cd:58:30:c2:9e:
                    74:b2:77:07:55:a4:4d:1c:fe:11:ca:04:ba:60:08:
                    40:39:24:cf:eb:3d:f2:7e:79:1e:3c:1f:ce:95:58:
                    a7:33:8a:75:8a:c8:d0:20:1c:bf:ac:fe:13:25:84:
                    11:cd:60:06:72:c9:51:92:6e:73:3e:56:a5:59:4a:
                    26:2a:15:71:8d:c0:ac:10:16:1e:dd:6a:2a:3a:84:
                    b2:bf:c6:a8:24:d5:94:a9:18:34:ed:74:54:05:4e:
                    d2:15:20:c9:01:ef:7f:e3:b0:35:43:54:94:a4:37:
                    ba:de:fa:f2:53:a3:4c:58:e8:a7:6a:01:8a:88:d2:
                    b4:ca:f0:39:59:58:2d:5d:eb:73:5a:d5:a0:8e:0d:
                    aa:9a:de:fa:21:d2:fe:33:fc:46:38:44:a3:2b:32:
                    23:7a:ec:0d:ec:80:d1:12:f2:d2:84:bb:07:d9:dd:
                    c6:c6:ea:4f:7c:4b:3c:0a:5c:5f:b8:06:be:36:bd:
                    46:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:6F:D8:30:CA:BD:62:A0:E6:21:CA:B8:67:97:00:7F:0E:73:E5:CA
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:58:40:df:63:3d:5a:ba:af:df:a8:52:b6:2e:da:05:e7:51:
         9a:dd:e0:01:29:bd:a3:bf:b0:0f:57:6a:7b:8c:4c:3d:1b:35:
         a1:ac:53:1f:0e:bf:28:69:63:6b:7e:38:bb:48:4f:0d:ea:9a:
         9a:8e:19:cf:c1:08:64:03:f7:eb:67:28:f4:2d:1d:a0:8d:75:
         f2:a5:7c:b4:46:b6:98:1c:f2:85:05:ea:3d:a3:83:ee:a1:4f:
         0d:9a:c1:54:67:44:5b:d3:68:cb:0d:cd:16:62:aa:61:66:25:
         3e:f9:0b:b7:97:af:4d:1d:90:5d:32:2e:82:93:76:dd:68:3d:
         96:07:65:d2:14:6f:11:14:31:b5:8c:75:d3:25:fa:e5:ec:d2:
         2b:de:25:f6:68:d4:04:24:2f:86:7e:4d:b7:eb:c8:66:06:c8:
         d2:94:a1:45:a5:16:72:8a:17:db:bc:0e:e5:22:a9:f4:fd:0a:
         26:c3:14:a3:32:6a:c5:42:38:46:0c:c2:e4:4b:9e:bc:1b:58:
         45:88:1d:be:61:1e:0c:d9:63:3c:b0:3d:c5:75:41:a9:84:61:
         24:35:2d:59:7f:2e:41:93:3e:73:11:56:f4:0f:39:28:05:03:
         33:ba:72:01:7b:09:d8:3e:d8:eb:df:c3:67:97:4b:08:30:0f:
         4a:cf:a4:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSU7XdU57hcgRjbp4pezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjUxMTExMDcwMjMwWhcNMjUxMTEyMDcwMjMwWjAzMTEwLwYDVQQD
Eyg2MDZmZDgzMGNhYmQ2MmEwZTYyMWNhYjg2Nzk3MDA3ZjBlNzNlNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8b+2KtcWRRzjQ6ed7ba90Ke7ob9
Uu6d+phZxSqeS+nEzDYppJYQ4tV1S6q+ysUxt0u2wrhUteQoHreQmTGH375AwA8P
zVgwwp50sncHVaRNHP4RygS6YAhAOSTP6z3yfnkePB/OlVinM4p1isjQIBy/rP4T
JYQRzWAGcslRkm5zPlalWUomKhVxjcCsEBYe3WoqOoSyv8aoJNWUqRg07XRUBU7S
FSDJAe9/47A1Q1SUpDe63vryU6NMWOinagGKiNK0yvA5WVgtXetzWtWgjg2qmt76
IdL+M/xGOESjKzIjeuwN7IDREvLShLsH2d3GxupPfEs8ClxfuAa+Nr1GeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBv2DDKvWKg5iHKuGeXAH8Oc+XKMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlhA32M9
Wrqv36hSti7aBedRmt3gASm9o7+wD1dqe4xMPRs1oaxTHw6/KGlja344u0hPDeqa
mo4Zz8EIZAP362co9C0doI118qV8tEa2mBzyhQXqPaOD7qFPDZrBVGdEW9Noyw3N
FmKqYWYlPvkLt5evTR2QXTIugpN23Wg9lgdl0hRvERQxtYx10yX65ezSK94l9mjU
BCQvhn5Nt+vIZgbI0pShRaUWcooX27wO5SKp9P0KJsMUozJqxUI4RgzC5EuevBtY
RYgdvmEeDNljPLA9xXVBqYRhJDUtWX8uQZM+cxFW9A85KAUDM7pyAXsJ2D7Y69/D
Z5dLCDAPSs+kBQ==
-----END CERTIFICATE-----