Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          ZCGQ5Y5h7c141XfoqTdQ+P6ChJeVTvSc4IoUTQbTEnI=
Subject key identifier:   55:0C:6D:BC:DE:15:29:82:1D:D0:52:F0:96:EA:CC:58:8E:C6:54:AC
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       01992255341EB056FBC5F36C7434E80ED6E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          033E
Signing time:             Sun 07 Sep 2025 04:00:33 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:33 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:33 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: Tm6ALoyMWhl80wwIaHE08X04WfoMjPxaOIcdJd0zqYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:34:1e:b0:56:fb:c5:f3:6c:74:34:e8:0e:d6:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Sep  7 04:00:33 2025 GMT
            Not After : Sep  8 04:00:33 2025 GMT
        Subject: CN=550c6dbcde1529821dd052f096eacc588ec654ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4e:d2:3f:d7:8f:f3:b7:5a:25:32:0b:92:3f:
                    fa:40:e9:6f:e2:d7:70:96:b3:07:f6:3f:1b:de:fe:
                    f6:ef:e0:77:44:9c:2b:70:b9:52:d3:1e:23:b0:c2:
                    01:fa:6b:3d:50:9c:60:4d:bc:b6:f1:49:0f:bb:b9:
                    1b:a6:5e:83:11:7a:4b:51:7b:71:42:08:87:11:df:
                    03:34:e8:b8:54:65:02:4d:62:6b:77:7f:98:c5:44:
                    40:75:27:99:56:72:41:f1:b7:b9:68:0b:a5:eb:b4:
                    45:a0:57:a9:0e:d1:98:93:49:d7:c0:e5:b5:83:1a:
                    63:0a:95:8a:f5:83:58:42:d5:84:3b:44:51:bb:45:
                    44:74:66:fc:40:a9:24:95:75:a0:7d:5e:ee:c8:8f:
                    67:14:44:1e:0f:03:57:dd:54:cf:b5:9f:88:c0:6c:
                    a5:d1:89:73:e0:24:b3:d7:0e:47:44:96:c2:c4:33:
                    2a:44:8b:15:ce:55:97:43:5d:52:33:23:73:93:9f:
                    4e:5f:7e:5c:cc:bf:c3:15:eb:86:70:a6:ad:27:ee:
                    c4:a3:13:6e:a7:72:c1:fd:68:f2:11:42:7b:13:24:
                    89:0b:8c:b3:98:18:b0:8c:4e:80:1f:92:90:9a:13:
                    ed:cf:34:7f:dc:13:da:9c:ce:7a:d7:8d:55:da:d0:
                    1b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:0C:6D:BC:DE:15:29:82:1D:D0:52:F0:96:EA:CC:58:8E:C6:54:AC
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:14:95:55:0a:cf:88:b6:cf:37:9b:87:b5:8e:76:91:4c:f9:
         e8:e4:e9:72:dd:29:8d:e3:bf:dd:fa:48:c6:20:02:41:d2:8e:
         21:e9:01:13:70:72:22:d8:6a:b6:c5:1a:86:9b:30:0a:bf:3d:
         1f:bb:c5:46:f4:22:7f:1c:97:86:8c:c4:b4:de:0a:98:6a:d1:
         1f:a8:09:7d:76:df:d6:5d:82:89:f5:b9:b9:b6:b3:7c:17:67:
         2e:da:a3:46:fa:78:79:57:73:1e:e7:4e:67:bb:6a:53:57:80:
         52:3e:12:82:93:27:ec:fa:1e:19:e7:eb:b1:60:ed:9f:dd:8b:
         91:5e:2f:f6:e7:38:13:1a:f9:d5:c6:09:68:77:80:8a:c4:31:
         fc:2f:9e:42:a0:43:8d:2f:81:7d:db:60:19:41:99:21:99:0a:
         a4:5d:df:74:35:34:f6:11:5a:b6:e3:fb:4b:87:8d:8a:85:f7:
         d8:ca:a5:01:9f:24:96:a9:c8:b8:ba:46:63:f3:ad:d8:dc:bf:
         e5:bf:54:ec:3e:64:5f:78:5f:be:5f:c1:df:a9:bd:81:3e:1b:
         f0:e0:f7:52:61:b4:f4:72:ac:1b:e6:aa:df:75:87:ff:03:f5:
         f0:33:5b:91:4f:0e:e3:b2:07:93:c1:3a:e9:dc:aa:ad:eb:25:
         9f:f5:ad:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVTQesFb7xfNsdDToDtbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwOTA3MDQwMDMzWhcNMjUwOTA4MDQwMDMzWjAzMTEwLwYDVQQD
Eyg1NTBjNmRiY2RlMTUyOTgyMWRkMDUyZjA5NmVhY2M1ODhlYzY1NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk07SP9eP87daJTILkj/6QOlv4tdw
lrMH9j8b3v727+B3RJwrcLlS0x4jsMIB+ms9UJxgTby28UkPu7kbpl6DEXpLUXtx
QgiHEd8DNOi4VGUCTWJrd3+YxURAdSeZVnJB8be5aAul67RFoFepDtGYk0nXwOW1
gxpjCpWK9YNYQtWEO0RRu0VEdGb8QKkklXWgfV7uyI9nFEQeDwNX3VTPtZ+IwGyl
0Ylz4CSz1w5HRJbCxDMqRIsVzlWXQ11SMyNzk59OX35czL/DFeuGcKatJ+7EoxNu
p3LB/WjyEUJ7EySJC4yzmBiwjE6AH5KQmhPtzzR/3BPanM56141V2tAb4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUMbbzeFSmCHdBS8JbqzFiOxlSsMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRSVVQrP
iLbPN5uHtY52kUz56OTpct0pjeO/3fpIxiACQdKOIekBE3ByIthqtsUahpswCr89
H7vFRvQifxyXhozEtN4KmGrRH6gJfXbf1l2CifW5ubazfBdnLtqjRvp4eVdzHudO
Z7tqU1eAUj4SgpMn7PoeGefrsWDtn92LkV4v9uc4Exr51cYJaHeAisQx/C+eQqBD
jS+BfdtgGUGZIZkKpF3fdDU09hFatuP7S4eNioX32MqlAZ8klqnIuLpGY/Ot2Ny/
5b9U7D5kX3hfvl/B36m9gT4b8OD3UmG09HKsG+aq33WH/wP18DNbkU8O47IHk8E6
6dyqresln/WtVw==
-----END CERTIFICATE-----