Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          /TUzmFEBaTtguUKOBoyr1gp6UNfcU0FRg+JpByTGalE=
Subject key identifier:   DF:FF:73:C7:FA:B6:63:14:2B:46:CD:21:FA:02:87:FB:C5:0E:25:24
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       0199239EDC306111C2E3C9E9B714A0264094
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          119D
Signing time:             Sun 07 Sep 2025 10:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:37 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: hQvbTx2dNIZ//U4PfTEtpP4ejRW2Dq7ch2WMfARj+Qw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:dc:30:61:11:c2:e3:c9:e9:b7:14:a0:26:40:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Sep  7 10:00:37 2025 GMT
            Not After : Sep  8 10:00:37 2025 GMT
        Subject: CN=dfff73c7fab663142b46cd21fa0287fbc50e2524
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:28:76:0b:7d:ef:91:48:6f:99:96:45:ba:3d:
                    2f:b0:aa:d2:b9:dc:e0:d6:8f:61:ac:fd:03:85:fb:
                    ee:c8:5d:c3:13:8b:31:bd:01:ef:fb:dd:77:9a:90:
                    fb:e7:d3:3d:02:21:05:2e:7a:c8:a8:14:f1:ec:e2:
                    2d:51:59:f1:da:b4:ac:be:57:5f:38:f5:c1:65:bf:
                    2b:1d:86:60:7b:2f:72:2d:2d:e5:4f:e6:43:37:3f:
                    b7:d7:79:88:33:e4:81:bc:dd:a6:5b:69:d6:21:c1:
                    68:53:db:1a:08:1e:b6:19:46:a0:24:9b:2e:f3:2b:
                    88:f5:1c:87:ab:cf:f5:29:45:b8:98:5c:8e:82:93:
                    9b:45:02:32:96:e2:d9:36:aa:4a:45:51:2a:c8:f9:
                    d7:33:f8:f8:43:89:4b:ef:8a:47:3a:38:cb:ea:ce:
                    b4:14:97:d1:54:61:d9:00:3a:6b:95:d1:7f:35:d8:
                    bb:3c:47:5b:68:d1:84:c8:a5:58:2f:4b:5d:29:72:
                    67:06:a3:78:55:6d:74:7b:3d:82:7b:e0:cc:65:0d:
                    ae:27:64:af:17:22:a6:e4:8d:48:28:0b:1b:76:ff:
                    e4:a4:94:47:ff:18:3a:f0:fb:0a:91:fd:00:11:c3:
                    8a:04:11:08:bb:36:b1:15:e7:fe:69:ed:3d:56:8e:
                    f7:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:FF:73:C7:FA:B6:63:14:2B:46:CD:21:FA:02:87:FB:C5:0E:25:24
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:06:f3:65:af:69:de:43:2f:ad:bf:f1:9c:c9:ad:51:1e:3e:
         ed:cc:1e:b9:f1:96:33:23:53:18:fd:7c:3f:10:b6:13:84:d8:
         c6:eb:4f:3e:cc:c8:26:ec:fe:53:13:f5:8d:a6:b9:28:cb:d5:
         2b:49:e6:b5:3e:b2:c4:3b:b3:91:54:e6:10:ba:57:a7:bb:cc:
         5e:e7:ed:20:35:05:22:ae:06:fa:2c:f2:9f:1c:d1:96:82:41:
         fb:2e:cb:58:10:84:a1:74:7d:7e:56:5d:09:46:ae:6b:19:b9:
         3f:f4:c7:47:61:43:aa:4c:30:94:1c:84:5e:ba:8b:8a:d7:06:
         c5:ed:52:92:c6:3e:ea:d2:99:a6:76:98:bc:d5:92:0d:32:23:
         d7:e3:a9:e2:41:1a:66:14:8c:14:6b:48:6e:78:19:a6:97:02:
         d5:91:1e:a8:b5:97:a8:8d:85:da:74:82:da:7e:b6:b6:a1:11:
         af:e0:2b:43:fb:68:8e:41:32:76:0b:a1:97:41:91:28:73:07:
         4d:c3:5e:23:8a:ad:32:38:f2:4c:3d:16:12:99:d3:76:25:e3:
         cd:d5:5e:f8:e2:91:4a:f3:8f:12:22:4e:5a:9b:b5:8a:7d:3c:
         e3:85:2c:28:51:62:61:b6:f9:d8:2b:71:e8:1f:df:bf:ff:55:
         58:7b:49:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjntwwYRHC48nptxSgJkCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjUwOTA3MTAwMDM3WhcNMjUwOTA4MTAwMDM3WjAzMTEwLwYDVQQD
EyhkZmZmNzNjN2ZhYjY2MzE0MmI0NmNkMjFmYTAyODdmYmM1MGUyNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Sh2C33vkUhvmZZFuj0vsKrSudzg
1o9hrP0DhfvuyF3DE4sxvQHv+913mpD759M9AiEFLnrIqBTx7OItUVnx2rSsvldf
OPXBZb8rHYZgey9yLS3lT+ZDNz+313mIM+SBvN2mW2nWIcFoU9saCB62GUagJJsu
8yuI9RyHq8/1KUW4mFyOgpObRQIyluLZNqpKRVEqyPnXM/j4Q4lL74pHOjjL6s60
FJfRVGHZADprldF/Ndi7PEdbaNGEyKVYL0tdKXJnBqN4VW10ez2Ce+DMZQ2uJ2Sv
FyKm5I1IKAsbdv/kpJRH/xg68PsKkf0AEcOKBBEIuzaxFef+ae09Vo73RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN//c8f6tmMUK0bNIfoCh/vFDiUkMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAbzZa9p
3kMvrb/xnMmtUR4+7cweufGWMyNTGP18PxC2E4TYxutPPszIJuz+UxP1jaa5KMvV
K0nmtT6yxDuzkVTmELpXp7vMXuftIDUFIq4G+izynxzRloJB+y7LWBCEoXR9flZd
CUauaxm5P/THR2FDqkwwlByEXrqLitcGxe1SksY+6tKZpnaYvNWSDTIj1+Op4kEa
ZhSMFGtIbngZppcC1ZEeqLWXqI2F2nSC2n62tqERr+ArQ/tojkEydguhl0GRKHMH
TcNeI4qtMjjyTD0WEpnTdiXjzdVe+OKRSvOPEiJOWpu1in0844UsKFFiYbb52Ctx
6B/fv/9VWHtJPQ==
-----END CERTIFICATE-----