Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          LLioTlrOrwa+AfiPxBCUF+o67PpS2kPJP+EU1IRx9p4=
Subject key identifier:   33:A0:69:89:D5:69:17:1D:22:71:6B:BA:07:96:D3:F2:40:45:8A:F7
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       0197493191C93544CD4A8F1AC93E78810319
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          0249
Signing time:             Sat 07 Jun 2025 07:01:14 +0000
Manifest this update:     Sat 07 Jun 2025 07:01:14 +0000
Manifest next update:     Sun 08 Jun 2025 07:01:14 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: VU70OMM5cotl8SPGNGm9N9TSnA52cEgcshYZGE82aFw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:91:c9:35:44:cd:4a:8f:1a:c9:3e:78:81:03:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Jun  7 07:01:14 2025 GMT
            Not After : Jun  8 07:01:14 2025 GMT
        Subject: CN=33a06989d569171d22716bba0796d3f240458af7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:dc:29:22:72:3f:94:c2:7d:8b:cb:55:76:1c:
                    8d:3c:6a:cb:3e:89:62:4e:93:de:20:6c:3f:bc:fa:
                    29:66:8b:71:e3:8f:9f:5f:d7:29:02:e6:5d:c5:70:
                    2d:13:63:ab:3c:66:a5:de:69:67:63:b2:e8:54:5c:
                    4d:51:c4:98:f1:ac:31:b6:32:cf:b3:e9:0d:ce:d9:
                    35:81:3c:58:89:22:09:b0:da:2a:c1:e5:d8:6f:e2:
                    10:64:1a:a6:68:3a:41:5c:26:69:6a:2d:9c:83:eb:
                    23:70:e7:35:3c:ab:50:33:e6:3e:25:b9:f7:7b:38:
                    76:4a:25:b9:44:db:3a:0b:1d:3f:aa:48:c6:9c:c5:
                    b7:72:e7:a7:8f:c5:61:31:ee:94:24:c5:fb:bf:cb:
                    82:1c:30:3b:1d:14:3f:1d:41:5f:a9:25:5b:ab:20:
                    1e:b2:3a:fa:4d:a8:71:65:f5:3b:92:a7:a3:52:bf:
                    86:6c:29:3f:56:fb:85:5a:06:d2:4d:96:bb:cd:12:
                    93:29:9d:10:55:f6:ac:06:72:6d:fe:5a:30:19:e3:
                    8c:50:fb:fb:f1:32:fe:6f:e9:c1:93:e6:3c:83:e7:
                    19:dc:a9:59:10:5b:57:77:02:d1:22:3f:67:f6:36:
                    8e:6d:58:90:46:2f:1c:d5:1f:c3:df:41:5f:cd:0e:
                    f4:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:A0:69:89:D5:69:17:1D:22:71:6B:BA:07:96:D3:F2:40:45:8A:F7
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:db:23:c5:54:0b:99:3c:6e:90:02:a4:4e:e6:40:28:54:ab:
         d2:9c:13:75:b1:9c:1f:32:f3:90:d1:78:ae:7f:16:65:6d:48:
         e3:c1:ae:40:b3:92:d4:66:1a:78:3b:04:96:c5:8a:01:f0:e7:
         c4:9a:e0:b6:b5:76:ae:7f:4b:3e:23:b3:c2:fa:4e:7b:04:d3:
         f0:62:1f:0a:80:ce:3c:53:7e:60:ad:0a:71:cd:11:0c:79:eb:
         fd:aa:65:4c:3f:3f:e8:30:de:b7:62:13:65:5c:9b:98:62:4a:
         ec:91:fd:3e:3f:a0:be:dc:61:3c:a2:50:84:48:30:d1:91:37:
         9f:f8:fc:4c:59:3a:f9:65:28:0d:a5:3e:c2:c6:dc:06:1c:e8:
         b5:73:47:f5:15:72:f2:3a:8d:0f:48:60:5d:b0:6d:32:03:ab:
         f3:65:00:17:b9:34:4d:63:16:09:f2:ee:92:a1:f9:ad:3c:92:
         75:a2:db:b6:bd:e4:cc:a6:37:8d:6a:ff:e2:7e:08:e8:ba:2e:
         af:3d:f0:d2:8c:af:66:df:a6:00:51:4e:27:6e:e8:0a:7a:6b:
         68:40:41:db:ef:52:c2:8e:ec:f0:0f:9d:b6:55:4f:0d:88:76:
         4e:f7:1c:53:64:72:28:49:da:e6:01:b0:01:96:03:e1:ab:6e:
         da:06:31:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMZHJNUTNSo8ayT54gQMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwNjA3MDcwMTE0WhcNMjUwNjA4MDcwMTE0WjAzMTEwLwYDVQQD
EygzM2EwNjk4OWQ1NjkxNzFkMjI3MTZiYmEwNzk2ZDNmMjQwNDU4YWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9wpInI/lMJ9i8tVdhyNPGrLPoli
TpPeIGw/vPopZotx44+fX9cpAuZdxXAtE2OrPGal3mlnY7LoVFxNUcSY8awxtjLP
s+kNztk1gTxYiSIJsNoqweXYb+IQZBqmaDpBXCZpai2cg+sjcOc1PKtQM+Y+Jbn3
ezh2SiW5RNs6Cx0/qkjGnMW3cuenj8VhMe6UJMX7v8uCHDA7HRQ/HUFfqSVbqyAe
sjr6TahxZfU7kqejUr+GbCk/VvuFWgbSTZa7zRKTKZ0QVfasBnJt/lowGeOMUPv7
8TL+b+nBk+Y8g+cZ3KlZEFtXdwLRIj9n9jaObViQRi8c1R/D30FfzQ70bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOgaYnVaRcdInFrugeW0/JARYr3MB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9sjxVQL
mTxukAKkTuZAKFSr0pwTdbGcHzLzkNF4rn8WZW1I48GuQLOS1GYaeDsElsWKAfDn
xJrgtrV2rn9LPiOzwvpOewTT8GIfCoDOPFN+YK0Kcc0RDHnr/aplTD8/6DDet2IT
ZVybmGJK7JH9Pj+gvtxhPKJQhEgw0ZE3n/j8TFk6+WUoDaU+wsbcBhzotXNH9RVy
8jqND0hgXbBtMgOr82UAF7k0TWMWCfLukqH5rTySdaLbtr3kzKY3jWr/4n4I6Lou
rz3w0oyvZt+mAFFOJ27oCnpraEBB2+9Swo7s8A+dtlVPDYh2TvccU2RyKEna5gGw
AZYD4atu2gYxJg==
-----END CERTIFICATE-----