Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          6tJVgC+veTT22hbDacjvWIyD9ZXTaEJQlvsmsqU61E0=
Subject key identifier:   CB:B7:AF:2A:4A:72:E3:CB:4E:E9:26:21:AD:9A:C4:6E:3B:7F:A9:26
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       0197488BF852338687FE70BA0229D3FB5017
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          10A7
Signing time:             Sat 07 Jun 2025 04:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:21 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: MiQzJhbv1C/DoJZwYKFDyrQLZ3vboGnvM2VBD85EXQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8b:f8:52:33:86:87:fe:70:ba:02:29:d3:fb:50:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Jun  7 04:00:21 2025 GMT
            Not After : Jun  8 04:00:21 2025 GMT
        Subject: CN=cbb7af2a4a72e3cb4ee92621ad9ac46e3b7fa926
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:57:09:a2:3c:86:d9:4d:4f:92:0e:51:06:f4:
                    d6:b6:80:8b:1e:7c:db:64:c1:84:90:45:8c:77:98:
                    cc:3e:1c:5f:8d:38:3a:e3:94:c7:2e:06:49:e0:8e:
                    92:57:80:8d:5e:ea:12:b7:ff:72:bb:dc:8b:ae:92:
                    2f:1b:e6:7c:90:6f:94:a8:be:bc:30:cd:34:54:14:
                    66:b3:0f:e5:25:41:0d:b2:f9:9a:fb:16:60:8f:86:
                    0e:2a:9c:ce:9d:a9:7c:9c:c4:b4:79:72:9d:a6:86:
                    8c:3d:bc:41:69:3e:0d:2f:c7:59:5d:30:db:a4:80:
                    a5:4b:35:9e:dc:ba:6c:3c:cb:30:ca:df:7a:38:3c:
                    91:50:67:9f:17:da:a0:0f:63:0b:e1:82:35:21:8e:
                    5b:81:a4:07:7d:e0:ab:db:5f:85:84:27:fd:84:27:
                    90:6b:6c:7b:62:d4:15:8e:b0:1a:be:da:22:b5:2f:
                    af:ca:01:22:5f:09:78:15:9f:ff:8c:e4:d1:e6:34:
                    c5:51:04:9e:36:9c:9f:9a:e9:7f:8f:ad:c6:b4:7f:
                    04:20:ce:6b:51:0c:36:bf:4d:73:6d:10:ad:c0:91:
                    f9:1d:a7:22:e0:21:22:5c:70:65:eb:64:f7:ae:46:
                    b2:03:13:35:bf:64:ef:da:92:71:ac:1e:43:8c:31:
                    cc:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:B7:AF:2A:4A:72:E3:CB:4E:E9:26:21:AD:9A:C4:6E:3B:7F:A9:26
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:df:a6:2a:f4:1f:c5:ca:65:b0:ab:31:b1:ea:d4:89:09:60:
         89:42:4e:34:5c:b7:6a:aa:54:06:a2:ff:b0:72:d3:83:df:c7:
         23:6c:5d:c3:68:40:6b:f3:5a:cc:0f:b2:67:66:0e:81:ad:76:
         2d:ca:46:c3:ce:30:a3:21:d4:01:6c:b4:52:33:b7:61:bc:6e:
         b6:14:2b:8e:a0:31:a1:ed:42:77:5c:f7:70:9b:a4:59:3c:24:
         c5:61:b5:6c:b0:d6:37:8b:da:f4:f7:77:de:b2:d8:80:f4:97:
         07:48:df:76:16:05:c8:80:6e:3f:7f:64:2a:e5:46:e5:66:c9:
         f0:9d:72:b1:03:6f:bf:f2:b4:f5:53:ff:ce:05:7c:d2:6e:e6:
         f4:f4:57:c8:d0:30:a4:a4:57:c1:e4:36:1a:5b:a4:9e:4c:ee:
         d4:6a:b3:c7:64:50:10:0f:13:f1:dd:eb:2a:2a:87:bc:d9:f0:
         97:4e:75:42:56:9a:6f:a3:ab:b1:a5:b4:ed:77:e9:ba:7c:cd:
         a0:d8:1a:a9:c3:5a:30:ce:65:bc:f3:3b:cc:51:cd:91:be:49:
         1a:4f:92:32:d5:34:a8:fe:5d:32:f5:5d:81:a2:5c:df:92:91:
         ca:23:a9:47:e1:96:af:4e:07:f5:48:59:6b:fd:e4:56:92:d3:
         fd:ad:1a:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIi/hSM4aH/nC6AinT+1AXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjUwNjA3MDQwMDIxWhcNMjUwNjA4MDQwMDIxWjAzMTEwLwYDVQQD
EyhjYmI3YWYyYTRhNzJlM2NiNGVlOTI2MjFhZDlhYzQ2ZTNiN2ZhOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulcJojyG2U1Pkg5RBvTWtoCLHnzb
ZMGEkEWMd5jMPhxfjTg645THLgZJ4I6SV4CNXuoSt/9yu9yLrpIvG+Z8kG+UqL68
MM00VBRmsw/lJUENsvma+xZgj4YOKpzOnal8nMS0eXKdpoaMPbxBaT4NL8dZXTDb
pIClSzWe3LpsPMswyt96ODyRUGefF9qgD2ML4YI1IY5bgaQHfeCr21+FhCf9hCeQ
a2x7YtQVjrAavtoitS+vygEiXwl4FZ//jOTR5jTFUQSeNpyfmul/j63GtH8EIM5r
UQw2v01zbRCtwJH5Haci4CEiXHBl62T3rkayAxM1v2Tv2pJxrB5DjDHM8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMu3rypKcuPLTukmIa2axG47f6kmMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKd+mKvQf
xcplsKsxserUiQlgiUJONFy3aqpUBqL/sHLTg9/HI2xdw2hAa/NazA+yZ2YOga12
LcpGw84woyHUAWy0UjO3YbxuthQrjqAxoe1Cd1z3cJukWTwkxWG1bLDWN4va9Pd3
3rLYgPSXB0jfdhYFyIBuP39kKuVG5WbJ8J1ysQNvv/K09VP/zgV80m7m9PRXyNAw
pKRXweQ2Gluknkzu1Gqzx2RQEA8T8d3rKiqHvNnwl051Qlaab6OrsaW07XfpunzN
oNgaqcNaMM5lvPM7zFHNkb5JGk+SMtU0qP5dMvVdgaJc35KRyiOpR+GWr04H9UhZ
a/3kVpLT/a0azw==
-----END CERTIFICATE-----