Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
File:                     PI0Z2SQBkcNql0ti35PCIUNtm90.mft (raw, json)
Hash identifier:          bwmRSYLrJRJcYM1fQNJiR5CICoNydp7YA6PE5KFo1z0=
Subject key identifier:   A4:C0:6D:3D:E1:B5:36:3B:D5:15:50:C8:97:61:CD:C5:E0:6E:86:FF
Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
Certificate issuer:       /CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Certificate serial:       0198D6609FC9939CA7F577DC01AB8DC48B9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
Manifest number:          0A84
Signing time:             Sat 23 Aug 2025 10:01:53 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:53 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:53 +0000
Files and hashes:         1: PI0Z2SQBkcNql0ti35PCIUNtm90.crl (hash: NKItK+161vJWl6ZPxNcGEH/ugpBq9AAyTQ5GXKVTQpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:9f:c9:93:9c:a7:f5:77:dc:01:ab:8d:c4:8b:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd
        Validity
            Not Before: Aug 23 10:01:53 2025 GMT
            Not After : Aug 24 10:01:53 2025 GMT
        Subject: CN=a4c06d3de1b5363bd51550c89761cdc5e06e86ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:2d:38:0e:72:47:f5:62:39:19:2a:4c:60:72:
                    d7:e3:52:54:ed:13:14:e1:32:f5:39:87:45:31:83:
                    1d:ff:50:bc:87:a2:12:c7:cb:bf:e4:01:b7:47:25:
                    df:1b:d8:1c:1e:17:ac:6f:bb:91:2e:77:20:10:db:
                    47:6e:c0:29:d1:cb:c1:18:34:e8:13:3d:27:8b:dc:
                    57:23:55:ef:02:1d:e0:e2:ef:db:2a:72:74:16:80:
                    c2:c3:cb:ec:74:65:33:a2:71:81:0a:d0:d0:49:94:
                    14:ca:75:f9:a0:d6:bf:28:cb:ef:ed:bc:49:7c:a7:
                    ca:52:19:e7:c4:ae:8a:60:3b:cf:39:9c:ca:fd:85:
                    63:47:c6:37:eb:24:bf:ec:95:4a:75:da:b5:26:73:
                    c9:bb:a1:40:7b:46:04:bb:00:34:36:6e:f5:3e:80:
                    ab:81:f8:49:ac:60:05:72:f7:6a:d4:15:71:e5:9d:
                    cf:7b:c0:74:91:e6:5f:9a:6b:11:69:74:39:42:9c:
                    21:cd:f0:ec:54:01:f6:11:ba:9f:9d:9d:2f:6a:40:
                    00:1e:d2:dc:cb:2d:d4:79:5d:30:d8:74:62:66:ae:
                    ae:88:50:30:6a:25:7c:1e:ca:76:b5:cc:ea:c4:a8:
                    6b:d4:97:27:66:93:da:8c:26:92:7b:7f:7c:1a:4a:
                    da:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C0:6D:3D:E1:B5:36:3B:D5:15:50:C8:97:61:CD:C5:E0:6E:86:FF
            X509v3 Authority Key Identifier:
                keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:84:2f:ed:4b:b5:0d:a2:81:39:a7:2d:87:2d:4f:42:1a:e2:
         c1:a2:93:d5:1f:8e:0d:fd:dc:b3:a3:c1:46:87:f0:d1:8a:eb:
         14:5b:4c:9d:2d:f6:dd:87:a4:c9:63:a7:96:33:5a:02:5b:95:
         f0:0c:05:87:86:59:c2:1f:55:f3:55:21:c3:a9:f5:13:14:81:
         9e:4e:0d:be:8a:c8:b9:27:09:82:a3:e8:c3:54:20:5c:ab:2d:
         84:2c:24:0f:fb:da:0e:fb:c4:c4:5a:de:8f:c1:74:c5:76:72:
         ce:3e:c0:45:45:a5:ff:e1:db:15:71:5d:83:a7:62:8d:56:d2:
         ba:ea:fc:6b:86:98:a3:05:b7:01:88:e4:19:c0:aa:f6:d2:b2:
         4f:95:cf:a3:33:b1:90:30:26:b6:f9:b7:98:88:92:e2:ce:8f:
         5e:5c:e8:87:5c:ba:e6:a9:13:7e:91:39:f7:c4:10:2e:02:0a:
         08:41:f4:47:86:03:f1:9e:ec:1a:2e:16:35:5b:9d:73:6b:a8:
         7b:29:d7:68:90:18:5b:14:79:be:2e:02:84:be:ed:11:96:cc:
         af:a6:05:51:12:e7:c7:af:e2:94:b7:fa:ca:08:3d:f1:b8:cf:
         94:ea:c8:83:cb:99:e2:2f:b4:54:0e:2f:3b:9a:e3:13:67:d6:
         1c:1e:b5:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJ/Jk5yn9XfcAauNxIubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2
ZDliZGQwHhcNMjUwODIzMTAwMTUzWhcNMjUwODI0MTAwMTUzWjAzMTEwLwYDVQQD
EyhhNGMwNmQzZGUxYjUzNjNiZDUxNTUwYzg5NzYxY2RjNWUwNmU4NmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki04DnJH9WI5GSpMYHLX41JU7RMU
4TL1OYdFMYMd/1C8h6ISx8u/5AG3RyXfG9gcHhesb7uRLncgENtHbsAp0cvBGDTo
Ez0ni9xXI1XvAh3g4u/bKnJ0FoDCw8vsdGUzonGBCtDQSZQUynX5oNa/KMvv7bxJ
fKfKUhnnxK6KYDvPOZzK/YVjR8Y36yS/7JVKddq1JnPJu6FAe0YEuwA0Nm71PoCr
gfhJrGAFcvdq1BVx5Z3Pe8B0keZfmmsRaXQ5QpwhzfDsVAH2EbqfnZ0vakAAHtLc
yy3UeV0w2HRiZq6uiFAwaiV8Hsp2tczqxKhr1JcnZpPajCaSe398GkraWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTAbT3htTY71RVQyJdhzcXgbob/MB8GA1UdIwQY
MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt
MTAzNTdiODdjYjIzLzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz
LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYQv7Uu1
DaKBOacthy1PQhriwaKT1R+ODf3cs6PBRofw0YrrFFtMnS323YekyWOnljNaAluV
8AwFh4ZZwh9V81Uhw6n1ExSBnk4NvorIuScJgqPow1QgXKsthCwkD/vaDvvExFre
j8F0xXZyzj7ARUWl/+HbFXFdg6dijVbSuur8a4aYowW3AYjkGcCq9tKyT5XPozOx
kDAmtvm3mIiS4s6PXlzoh1y65qkTfpE598QQLgIKCEH0R4YD8Z7sGi4WNVudc2uo
eynXaJAYWxR5vi4ChL7tEZbMr6YFURLnx6/ilLf6ygg98bjPlOrIg8uZ4i+0VA4v
O5rjE2fWHB61WA==
-----END CERTIFICATE-----