Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          SUjbW/QU6mXOm9qHUfx3HrH46LgkLXLz9IQXMKOs35w=
Subject key identifier:   F0:0F:35:95:49:73:1D:42:E7:0C:16:9A:7C:76:21:30:E3:69:91:21
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019923A0904EEFD22C3FA446438D33569C19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0B60
Signing time:             Sun 07 Sep 2025 10:02:29 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:29 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:29 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: 2+6whACox0Zm6r14m1ZmwzrQrnUFctLp6nAhzHOJhlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:90:4e:ef:d2:2c:3f:a4:46:43:8d:33:56:9c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Sep  7 10:02:29 2025 GMT
            Not After : Sep  8 10:02:29 2025 GMT
        Subject: CN=f00f359549731d42e70c169a7c762130e3699121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0d:15:00:8d:b7:5a:f5:d5:c4:a0:3b:18:43:
                    61:9a:bf:43:fb:3f:d3:10:33:fb:2f:2d:d3:56:b3:
                    9f:bc:99:fa:b6:e3:fc:5d:bf:f3:c1:36:b4:8e:b6:
                    72:59:e4:b9:e0:9a:0f:99:67:7c:80:ce:f7:07:92:
                    30:6c:13:b3:50:7b:b9:3f:68:e2:f2:a2:52:38:b5:
                    bd:75:0b:a1:eb:5d:b0:d5:78:76:a9:7f:ee:5b:84:
                    e9:0d:8d:ec:79:73:a0:dd:d5:19:da:41:29:be:51:
                    26:c7:fc:d3:a9:0a:00:d6:2c:17:d8:ab:34:32:b7:
                    27:15:67:8e:9d:18:ca:fa:86:cb:fb:ff:11:e2:88:
                    0e:37:22:b1:4d:a0:a7:a0:a8:5e:d1:69:40:4e:4c:
                    8e:2f:bd:0e:b6:3f:e1:4b:8a:80:3a:f6:39:02:74:
                    8d:c6:23:db:3d:5e:37:44:f7:5c:3c:6e:18:4c:c0:
                    6a:36:30:c5:d4:8f:ae:7a:46:cc:02:d1:d4:16:99:
                    3f:4b:36:62:6c:6d:39:72:84:5e:b6:5d:df:eb:b5:
                    a6:67:d0:aa:57:82:b2:ab:6e:96:93:e2:ae:f0:ad:
                    f1:58:44:cb:b9:45:85:57:8f:32:86:0b:97:a6:98:
                    7c:25:6b:14:39:26:79:6c:33:12:41:f6:e4:de:23:
                    40:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:0F:35:95:49:73:1D:42:E7:0C:16:9A:7C:76:21:30:E3:69:91:21
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:84:0d:1e:a9:16:0d:1c:0b:2b:e0:b1:83:8e:64:6f:b6:cc:
         1b:70:49:31:1e:01:6b:e5:58:0d:9d:0b:b4:51:0f:fc:cb:92:
         b9:09:fd:09:2f:0f:a6:6e:2c:5f:e8:5d:01:02:87:68:cc:4c:
         7b:17:8e:7a:41:06:f0:df:17:86:27:45:86:df:ea:ac:69:e4:
         47:ba:3a:3f:6c:f3:24:86:28:e4:b9:ae:7b:8a:d8:ac:cc:1f:
         99:8e:33:35:eb:bf:87:b7:b4:35:e1:38:f9:a4:5b:bc:c2:91:
         93:8a:41:ee:69:04:11:74:0a:4d:41:c6:e3:96:a0:1d:d6:ec:
         be:5c:b5:d5:1e:8c:b1:75:c7:41:66:71:91:f1:76:87:16:0a:
         bf:c9:a2:5f:d0:35:5e:4a:40:9c:16:58:1e:82:47:be:8f:96:
         ab:f9:76:bf:d3:f7:d2:8a:6a:8b:b2:ae:23:aa:d8:bf:1c:8a:
         85:a1:49:9d:0d:bd:c5:8a:29:aa:cf:5b:42:c0:cb:1b:78:5f:
         10:c5:df:ea:79:ea:9b:0e:92:ac:fc:44:44:13:b4:1a:97:3b:
         77:04:13:b4:35:a4:25:59:7b:03:17:0c:25:3f:c0:91:b9:d8:
         61:c6:5d:6f:8f:92:d9:ae:a5:b0:fb:fb:d0:c5:7c:cc:86:60:
         88:93:c0:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoJBO79IsP6RGQ40zVpwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwOTA3MTAwMjI5WhcNMjUwOTA4MTAwMjI5WjAzMTEwLwYDVQQD
EyhmMDBmMzU5NTQ5NzMxZDQyZTcwYzE2OWE3Yzc2MjEzMGUzNjk5MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog0VAI23WvXVxKA7GENhmr9D+z/T
EDP7Ly3TVrOfvJn6tuP8Xb/zwTa0jrZyWeS54JoPmWd8gM73B5IwbBOzUHu5P2ji
8qJSOLW9dQuh612w1Xh2qX/uW4TpDY3seXOg3dUZ2kEpvlEmx/zTqQoA1iwX2Ks0
MrcnFWeOnRjK+obL+/8R4ogONyKxTaCnoKhe0WlATkyOL70Otj/hS4qAOvY5AnSN
xiPbPV43RPdcPG4YTMBqNjDF1I+uekbMAtHUFpk/SzZibG05coRetl3f67WmZ9Cq
V4Kyq26Wk+Ku8K3xWETLuUWFV48yhguXpph8JWsUOSZ5bDMSQfbk3iNAxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAPNZVJcx1C5wwWmnx2ITDjaZEhMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeYQNHqkW
DRwLK+Cxg45kb7bMG3BJMR4Ba+VYDZ0LtFEP/MuSuQn9CS8Ppm4sX+hdAQKHaMxM
exeOekEG8N8XhidFht/qrGnkR7o6P2zzJIYo5Lmue4rYrMwfmY4zNeu/h7e0NeE4
+aRbvMKRk4pB7mkEEXQKTUHG45agHdbsvly11R6MsXXHQWZxkfF2hxYKv8miX9A1
XkpAnBZYHoJHvo+Wq/l2v9P30opqi7KuI6rYvxyKhaFJnQ29xYopqs9bQsDLG3hf
EMXf6nnqmw6SrPxERBO0Gpc7dwQTtDWkJVl7AxcMJT/AkbnYYcZdb4+S2a6lsPv7
0MV8zIZgiJPACw==
-----END CERTIFICATE-----