Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File:                     Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier:          L9XKpXECtjFdHZXzFdVdW7mJ64m2guk6W0G1FS0WA/I=
Subject key identifier:   69:56:DD:A0:1A:49:07:EB:26:37:19:54:5E:1C:BC:60:96:39:D2:C1
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer:       /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial:       019749D63B51727BAB271DCFFE1E71A0A021
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number:          1196
Signing time:             Sat 07 Jun 2025 10:01:06 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:06 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:06 +0000
Files and hashes:         1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: oxHZ9PImhP3raMwHoEGEa1YEqpUgC2SVm49lPvof8tQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:3b:51:72:7b:ab:27:1d:cf:fe:1e:71:a0:a0:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
        Validity
            Not Before: Jun  7 10:01:06 2025 GMT
            Not After : Jun  8 10:01:06 2025 GMT
        Subject: CN=6956dda01a4907eb263719545e1cbc609639d2c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:9a:89:d0:18:89:39:3c:ca:eb:05:f6:23:1d:
                    08:e5:5c:c5:13:09:28:1b:39:11:49:82:02:29:a4:
                    3a:90:0c:23:28:64:34:14:6a:b3:19:0e:ec:89:57:
                    a2:3a:d9:53:2a:3b:9f:f0:a1:0c:67:a2:cc:59:2c:
                    ac:99:a6:3a:25:ba:ae:7d:c4:d1:54:d2:0f:e7:b7:
                    64:fc:ec:f0:7e:1f:8d:bc:d3:79:a5:22:37:f1:ed:
                    da:ab:08:a2:3b:76:b3:d3:05:34:97:55:c5:85:93:
                    86:8b:ea:f7:cf:3e:45:d9:a7:f5:3f:86:9f:c8:a9:
                    a8:89:a6:ce:53:30:72:05:e1:aa:bb:ca:dd:e7:4d:
                    24:e9:bd:9c:5d:52:e9:bb:51:40:46:a0:3b:8d:d1:
                    6c:ee:33:5b:5f:13:0f:8a:7c:07:a0:a4:18:a3:39:
                    ea:09:42:d4:df:0e:49:5a:e4:51:bc:27:85:fd:d4:
                    01:23:4d:b8:1c:2e:c4:79:8d:bb:6b:c2:45:f8:2b:
                    66:e2:d3:b3:8c:10:21:01:5b:b0:c5:d3:27:97:d5:
                    b1:68:c6:c9:ac:09:18:88:51:2d:c2:2a:bb:e2:76:
                    50:9c:ec:23:4e:af:8c:f6:97:b5:1e:6f:17:81:2a:
                    ba:31:32:ca:75:ff:90:ee:2a:9d:07:11:a3:d6:9f:
                    2f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:56:DD:A0:1A:49:07:EB:26:37:19:54:5E:1C:BC:60:96:39:D2:C1
            X509v3 Authority Key Identifier:
                keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:49:e4:0a:ea:ee:cc:10:58:17:22:9d:b1:23:1e:42:f3:67:
         bd:28:b0:20:32:b4:9d:05:b1:60:20:5e:12:80:bc:54:fb:3b:
         6e:d2:94:2d:ca:e1:8a:bc:d8:92:f5:d0:0d:b5:16:b9:5a:dc:
         7b:fc:ac:15:03:ca:97:13:4f:4f:a5:15:f0:68:b2:79:30:36:
         34:5e:e3:1f:6c:93:ea:59:09:bb:89:fb:45:5c:43:f7:95:d3:
         fc:f7:15:42:80:da:22:9c:8c:13:b9:58:da:2e:d5:54:c9:11:
         58:8e:01:2b:4d:82:a2:85:4d:d3:99:2a:57:05:b5:b1:cc:d6:
         bf:ed:04:31:5b:6b:d2:67:12:45:be:25:06:bd:a0:34:e5:f5:
         9c:7d:ea:ca:2d:2e:32:a0:f2:62:4e:44:bc:28:98:4d:0e:06:
         9b:53:a8:4e:6b:5d:31:9b:68:c3:2e:d5:51:9a:54:8b:f5:f8:
         41:2c:62:ce:d7:eb:1b:36:3c:cf:9d:1f:4f:f8:56:53:15:f6:
         65:6b:9d:57:58:28:6d:3a:2d:bc:2f:86:91:61:33:7f:9b:e4:
         2d:9c:55:9d:20:b1:52:01:41:03:a1:ab:2d:33:fd:b0:b3:1e:
         51:00:6f:89:f2:9a:f6:b6:cc:07:b5:f6:1c:a7:f7:5d:12:73:
         57:d7:75:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1jtRcnurJx3P/h5xoKAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjUwNjA3MTAwMTA2WhcNMjUwNjA4MTAwMTA2WjAzMTEwLwYDVQQD
Eyg2OTU2ZGRhMDFhNDkwN2ViMjYzNzE5NTQ1ZTFjYmM2MDk2MzlkMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15qJ0BiJOTzK6wX2Ix0I5VzFEwko
GzkRSYICKaQ6kAwjKGQ0FGqzGQ7siVeiOtlTKjuf8KEMZ6LMWSysmaY6JbqufcTR
VNIP57dk/Ozwfh+NvNN5pSI38e3aqwiiO3az0wU0l1XFhZOGi+r3zz5F2af1P4af
yKmoiabOUzByBeGqu8rd500k6b2cXVLpu1FARqA7jdFs7jNbXxMPinwHoKQYoznq
CULU3w5JWuRRvCeF/dQBI024HC7EeY27a8JF+Ctm4tOzjBAhAVuwxdMnl9WxaMbJ
rAkYiFEtwiq74nZQnOwjTq+M9pe1Hm8XgSq6MTLKdf+Q7iqdBxGj1p8vYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlW3aAaSQfrJjcZVF4cvGCWOdLBMB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0nkCuru
zBBYFyKdsSMeQvNnvSiwIDK0nQWxYCBeEoC8VPs7btKULcrhirzYkvXQDbUWuVrc
e/ysFQPKlxNPT6UV8GiyeTA2NF7jH2yT6lkJu4n7RVxD95XT/PcVQoDaIpyME7lY
2i7VVMkRWI4BK02CooVN05kqVwW1sczWv+0EMVtr0mcSRb4lBr2gNOX1nH3qyi0u
MqDyYk5EvCiYTQ4Gm1OoTmtdMZtowy7VUZpUi/X4QSxiztfrGzY8z50fT/hWUxX2
ZWudV1gobTotvC+GkWEzf5vkLZxVnSCxUgFBA6GrLTP9sLMeUQBvifKa9rbMB7X2
HKf3XRJzV9d1Ow==
-----END CERTIFICATE-----