Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          KLNoy/Y3CXtPLyo0S6hon9wrSQDRUesOZgnrhgHqvKw=
Subject key identifier:   BC:65:73:68:A1:62:CC:35:98:BF:40:F8:D6:20:C5:3B:C6:DB:93:8F
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       0197469D9BC2F1EF3BEE6DB57371BDC80B09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0A69
Signing time:             Fri 06 Jun 2025 19:00:23 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:23 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:23 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: PvGZtnSu26gpNIaUQH5YPSiwIf723WdL+1YOjhhnkVU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:9b:c2:f1:ef:3b:ee:6d:b5:73:71:bd:c8:0b:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Jun  6 19:00:23 2025 GMT
            Not After : Jun  7 19:00:23 2025 GMT
        Subject: CN=bc657368a162cc3598bf40f8d620c53bc6db938f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1c:ab:3b:e2:42:72:ff:a6:4d:85:0c:9b:90:
                    03:0d:a7:23:a0:f0:53:e3:8e:59:af:ff:92:52:24:
                    09:c7:6e:75:7c:f2:71:fe:69:b7:86:7f:d3:90:d4:
                    f2:1b:43:ac:de:12:75:6e:59:ff:9d:d8:b3:fd:e4:
                    22:34:1f:bf:cf:97:25:b9:a1:65:1e:dc:22:39:0a:
                    c1:cf:60:5e:14:33:e7:c6:54:93:2f:a4:ee:e6:d9:
                    41:95:2e:82:d8:89:a9:40:af:dd:e4:e2:4d:c3:f9:
                    c3:59:bd:c4:06:f0:2f:a2:1b:ef:ca:4b:29:58:c2:
                    f6:65:69:67:b1:24:42:7c:9d:b4:a6:da:dd:17:a3:
                    57:20:ab:91:3b:38:c9:4d:8a:59:ec:10:f2:b7:28:
                    bb:2c:75:60:cf:24:43:f4:54:11:6b:8d:60:09:91:
                    8c:81:6b:14:00:65:e9:d9:48:c5:0b:57:7a:57:ef:
                    64:91:66:0b:96:f4:79:19:da:9c:fd:16:71:a7:a6:
                    b4:45:38:d3:a9:55:4a:fb:60:65:11:49:b5:f0:4a:
                    17:e4:47:79:d0:23:cd:ff:be:5e:65:d7:19:9f:b7:
                    71:52:80:4a:82:e7:2a:b3:43:2f:fe:24:0b:a4:46:
                    f5:00:d3:eb:76:80:54:32:99:cc:54:5c:19:81:cf:
                    58:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:65:73:68:A1:62:CC:35:98:BF:40:F8:D6:20:C5:3B:C6:DB:93:8F
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:ef:02:91:c8:24:f1:2b:f7:52:37:12:0b:95:61:11:d3:31:
         ee:91:41:a6:fb:a2:a6:80:d3:96:3f:5d:5c:c7:f7:84:6d:f1:
         03:87:32:4a:ef:5e:98:e0:8a:69:b7:99:c5:0d:da:15:63:70:
         9f:41:d4:25:1f:8a:3e:76:09:a3:bf:59:ff:21:bc:52:68:a9:
         c5:b5:40:34:99:81:64:7f:9b:ba:25:cb:e1:2f:96:bf:45:a7:
         fe:aa:6f:df:b9:6c:06:92:1b:5c:aa:52:63:a4:11:d5:ae:44:
         3e:91:78:cd:17:7a:88:ec:d0:63:10:c9:84:50:ca:e1:78:47:
         8a:3d:67:05:c9:96:7d:6d:a0:0a:51:3a:20:db:ed:02:4d:09:
         85:6d:85:23:17:c2:9d:a4:01:0a:6b:24:40:00:b2:45:18:1d:
         e1:7d:69:51:5c:57:09:38:88:57:6c:e4:65:4a:4e:ed:3c:38:
         df:d8:b0:38:b9:5a:7c:eb:82:1e:94:7f:2d:04:b2:fb:b4:57:
         27:2a:8d:12:b8:3b:d4:00:05:a4:a8:21:6f:f3:90:bd:82:b0:
         74:18:6a:a7:e3:19:5a:81:dd:ac:86:d3:6e:6e:db:c7:f2:42:
         bf:7f:e5:5b:9e:cb:69:55:02:2e:80:57:03:b8:2a:2e:61:93:
         64:b5:0d:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnZvC8e877m21c3G9yAsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwNjA2MTkwMDIzWhcNMjUwNjA3MTkwMDIzWjAzMTEwLwYDVQQD
EyhiYzY1NzM2OGExNjJjYzM1OThiZjQwZjhkNjIwYzUzYmM2ZGI5MzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvByrO+JCcv+mTYUMm5ADDacjoPBT
445Zr/+SUiQJx251fPJx/mm3hn/TkNTyG0Os3hJ1bln/ndiz/eQiNB+/z5cluaFl
HtwiOQrBz2BeFDPnxlSTL6Tu5tlBlS6C2ImpQK/d5OJNw/nDWb3EBvAvohvvyksp
WML2ZWlnsSRCfJ20ptrdF6NXIKuROzjJTYpZ7BDytyi7LHVgzyRD9FQRa41gCZGM
gWsUAGXp2UjFC1d6V+9kkWYLlvR5Gdqc/RZxp6a0RTjTqVVK+2BlEUm18EoX5Ed5
0CPN/75eZdcZn7dxUoBKgucqs0Mv/iQLpEb1ANPrdoBUMpnMVFwZgc9YrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxlc2ihYsw1mL9A+NYgxTvG25OPMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs+8Ckcgk
8Sv3UjcSC5VhEdMx7pFBpvuipoDTlj9dXMf3hG3xA4cySu9emOCKabeZxQ3aFWNw
n0HUJR+KPnYJo79Z/yG8UmipxbVANJmBZH+buiXL4S+Wv0Wn/qpv37lsBpIbXKpS
Y6QR1a5EPpF4zRd6iOzQYxDJhFDK4XhHij1nBcmWfW2gClE6INvtAk0JhW2FIxfC
naQBCmskQACyRRgd4X1pUVxXCTiIV2zkZUpO7Tw439iwOLlafOuCHpR/LQSy+7RX
JyqNErg71AAFpKghb/OQvYKwdBhqp+MZWoHdrIbTbm7bx/JCv3/lW57LaVUCLoBX
A7gqLmGTZLUNsQ==
-----END CERTIFICATE-----