Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File:                     Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier:          NvuMcLGGtMUSkNiR0JBAIUht6smlOVJY/wp+DwGGBAA=
Subject key identifier:   B8:17:64:34:94:3B:62:AF:1A:73:FD:1F:80:A9:A7:2A:32:AA:EB:0D
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer:       /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial:       019650B64D6539964E40B9180CEA870D3ED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number:          1115
Signing time:             Sun 20 Apr 2025 01:00:46 +0000
Manifest this update:     Sun 20 Apr 2025 01:00:46 +0000
Manifest next update:     Mon 21 Apr 2025 01:00:46 +0000
Files and hashes:         1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: FHzTM8l5ogbne9gezgA2r6EHHhZncmWLEXPZW4GFWGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:b6:4d:65:39:96:4e:40:b9:18:0c:ea:87:0d:3e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
        Validity
            Not Before: Apr 20 01:00:46 2025 GMT
            Not After : Apr 21 01:00:46 2025 GMT
        Subject: CN=b8176434943b62af1a73fd1f80a9a72a32aaeb0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ff:b5:e2:0c:b8:c5:17:b7:43:03:f6:76:bb:
                    d7:29:1d:f3:a2:34:6c:b9:b4:c0:0e:cf:c5:67:06:
                    01:a5:d9:2d:d5:f9:57:ed:22:22:12:93:fd:83:7d:
                    32:ad:66:50:8c:99:8d:8b:53:cc:d2:72:db:eb:2f:
                    f2:a6:c4:08:88:a6:a3:ea:6e:06:12:34:a9:57:7a:
                    86:84:22:ce:eb:ea:3f:84:d9:7b:c9:0f:70:fd:05:
                    7b:d7:61:4b:86:ca:45:33:ec:8f:26:94:16:45:e5:
                    0d:fc:f7:6d:8f:9f:c4:2f:a6:f8:5a:dc:83:66:66:
                    28:17:e8:18:ba:01:d1:98:5a:f3:5b:44:86:bb:ab:
                    18:26:70:16:cf:cb:ff:ca:5e:13:49:d4:92:c4:1d:
                    c9:1a:65:8f:54:9c:fc:cd:f8:fa:40:04:3a:f4:db:
                    27:ae:c6:b4:17:8b:b3:81:9c:10:21:7d:12:9c:2d:
                    a8:d8:25:ab:bd:b0:72:cc:42:1c:53:9e:ff:b3:65:
                    b6:7e:b7:85:21:88:83:37:fe:8e:ca:49:44:b4:1a:
                    ba:0b:bb:2b:8b:86:c9:6e:36:86:af:e5:ab:8b:6e:
                    1e:58:37:6d:bb:2b:75:e7:e7:0d:78:3a:27:08:f6:
                    92:36:f0:a6:72:d7:32:c7:92:a4:94:78:db:27:4e:
                    d1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:17:64:34:94:3B:62:AF:1A:73:FD:1F:80:A9:A7:2A:32:AA:EB:0D
            X509v3 Authority Key Identifier:
                keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:2f:4a:56:42:80:e7:77:15:60:00:6f:37:58:00:bc:1c:b7:
         ae:cb:b1:27:57:74:a6:87:71:15:5f:57:05:59:54:71:49:73:
         7d:7b:4f:3f:ca:43:31:8e:64:73:ca:8c:0c:61:dd:df:c7:2f:
         49:4c:22:a0:7e:22:92:c0:01:43:ea:95:08:9a:7e:da:33:03:
         35:42:bf:35:a7:19:2f:b5:70:30:a3:ae:57:16:c8:63:01:0e:
         23:b6:6a:10:cd:6e:b6:12:7d:72:1e:4d:74:7c:d8:2f:ef:16:
         76:a2:fd:ab:24:3f:e8:59:69:5e:23:03:32:98:d5:31:00:ae:
         76:77:fd:bd:5c:10:ac:96:96:80:e4:dc:c7:f3:3e:75:1c:14:
         3d:e2:b8:a0:c8:3d:bd:04:44:13:76:a5:cb:cf:87:62:77:c3:
         49:9f:93:19:4b:ce:6b:01:03:4d:c4:5d:0a:06:2b:27:33:95:
         d8:58:af:1a:4a:ef:a2:5e:f6:92:39:13:ec:2a:38:94:08:49:
         a4:06:70:38:c7:ec:61:6a:40:8c:e9:23:50:71:22:b9:3e:77:
         e8:a4:ed:d7:5b:11:3b:79:73:7d:7c:90:27:63:14:73:9b:e2:
         9a:d3:6b:43:6f:70:34:3d:00:c9:db:57:1e:3b:08:04:6f:6d:
         9a:b0:67:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtk1lOZZOQLkYDOqHDT7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjUwNDIwMDEwMDQ2WhcNMjUwNDIxMDEwMDQ2WjAzMTEwLwYDVQQD
EyhiODE3NjQzNDk0M2I2MmFmMWE3M2ZkMWY4MGE5YTcyYTMyYWFlYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP+14gy4xRe3QwP2drvXKR3zojRs
ubTADs/FZwYBpdkt1flX7SIiEpP9g30yrWZQjJmNi1PM0nLb6y/ypsQIiKaj6m4G
EjSpV3qGhCLO6+o/hNl7yQ9w/QV712FLhspFM+yPJpQWReUN/Pdtj5/EL6b4WtyD
ZmYoF+gYugHRmFrzW0SGu6sYJnAWz8v/yl4TSdSSxB3JGmWPVJz8zfj6QAQ69Nsn
rsa0F4uzgZwQIX0SnC2o2CWrvbByzEIcU57/s2W2freFIYiDN/6OyklEtBq6C7sr
i4bJbjaGr+Wri24eWDdtuyt15+cNeDonCPaSNvCmctcyx5KklHjbJ07RHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgXZDSUO2KvGnP9H4CppyoyqusNMB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArC9KVkKA
53cVYABvN1gAvBy3rsuxJ1d0podxFV9XBVlUcUlzfXtPP8pDMY5kc8qMDGHd38cv
SUwioH4iksABQ+qVCJp+2jMDNUK/NacZL7VwMKOuVxbIYwEOI7ZqEM1uthJ9ch5N
dHzYL+8WdqL9qyQ/6FlpXiMDMpjVMQCudnf9vVwQrJaWgOTcx/M+dRwUPeK4oMg9
vQREE3aly8+HYnfDSZ+TGUvOawEDTcRdCgYrJzOV2FivGkrvol72kjkT7Co4lAhJ
pAZwOMfsYWpAjOkjUHEiuT536KTt11sRO3lzfXyQJ2MUc5vimtNrQ29wND0AydtX
HjsIBG9tmrBneA==
-----END CERTIFICATE-----