Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          bbHZcUsIL+PKdn7XbXWwXAAnvKTSK9lcitvXzosQkT8=
Subject key identifier:   75:CA:00:AB:C2:54:B9:63:3B:37:C7:25:69:C6:5C:5B:4E:84:BC:1C
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0198D660353E617E8E2422286E7C201D6C64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          03CE
Signing time:             Sat 23 Aug 2025 10:01:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:25 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: pPmRAmFWOwiPVk9iJGce3f7aO2s8d5i5VSgOp1BNsa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:35:3e:61:7e:8e:24:22:28:6e:7c:20:1d:6c:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Aug 23 10:01:25 2025 GMT
            Not After : Aug 24 10:01:25 2025 GMT
        Subject: CN=75ca00abc254b9633b37c72569c65c5b4e84bc1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:cd:7e:04:8f:45:f2:cc:41:98:fd:64:8d:e7:
                    63:b5:c5:71:78:d8:cb:26:90:33:d9:7a:4b:2d:79:
                    0f:39:fd:28:c1:b5:d6:16:69:36:5d:fd:90:cf:f7:
                    bb:5f:c0:24:5c:67:dc:53:e9:23:3c:bc:71:7a:fb:
                    9c:4e:9e:4b:fd:7e:68:ba:6c:aa:fe:83:56:4f:ce:
                    24:d4:08:be:c1:59:65:a0:2a:b6:ae:4a:06:7f:e4:
                    50:58:a6:14:e1:11:13:dd:ff:27:b9:a1:67:2d:c1:
                    ff:a6:03:ce:bd:8b:9a:24:26:8e:38:0d:b2:fb:bb:
                    e4:f4:67:5b:c3:0e:2f:bb:b6:25:b6:a2:fd:fd:80:
                    59:dc:1b:7f:6a:9a:08:1f:f6:f4:aa:40:fa:56:48:
                    3e:9f:2b:1d:a7:17:95:01:6e:98:1d:f8:00:2a:db:
                    be:88:8e:5c:10:26:34:a1:aa:4c:81:ab:5b:3e:79:
                    55:35:a1:44:1d:04:8b:72:88:7a:2c:3b:ae:51:c7:
                    b1:79:de:5f:de:09:fc:a4:b9:51:36:bd:42:31:2c:
                    d0:98:cd:60:df:80:d8:dd:c4:75:aa:52:99:70:1e:
                    9c:93:d8:63:ef:70:00:63:ab:0a:60:06:85:fd:e2:
                    d3:ad:c8:88:66:43:51:f3:13:ee:4f:69:07:fb:40:
                    2e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:CA:00:AB:C2:54:B9:63:3B:37:C7:25:69:C6:5C:5B:4E:84:BC:1C
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:8c:3b:5d:1a:a1:f8:01:9e:72:e4:f3:03:5e:03:ae:7c:72:
         b0:bf:20:bd:a1:cc:76:a7:d8:c4:c6:99:c8:67:c9:63:d0:cb:
         bd:76:89:9d:84:86:6c:86:93:fa:4e:16:39:a1:23:91:df:1e:
         cb:c9:37:71:47:cd:17:24:5b:45:5f:89:1c:ce:e5:d9:f7:ee:
         62:8c:84:7c:78:f6:62:2e:0d:69:62:cc:72:4e:d9:58:82:b3:
         b3:74:fd:0c:a9:24:32:d4:1b:52:0f:e3:19:6f:dd:3b:32:d0:
         b2:18:8a:68:5f:44:1b:f9:a9:d5:2e:f1:53:d1:c2:7e:48:2d:
         87:84:e2:03:87:38:06:5e:54:cf:de:c9:77:83:c1:7e:c3:04:
         86:99:7e:4d:19:fb:a8:97:d1:08:93:88:d6:50:fb:fb:f3:71:
         c2:fd:15:cf:09:ae:b6:d1:1e:96:86:9a:26:b4:14:24:ab:d3:
         c5:aa:ae:28:ed:71:05:3e:7c:45:88:bb:68:4c:b2:db:ba:36:
         88:90:90:85:dd:1a:ae:2c:45:89:44:96:bd:e8:36:42:b4:b3:
         f5:e7:ac:f5:1a:75:12:18:70:77:01:57:3b:3c:75:e8:4a:39:
         7f:d8:4b:2b:2b:ec:0e:37:3d:a5:6b:a5:0c:9a:f0:52:5b:31:
         b4:bf:e5:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDU+YX6OJCIobnwgHWxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUwODIzMTAwMTI1WhcNMjUwODI0MTAwMTI1WjAzMTEwLwYDVQQD
Eyg3NWNhMDBhYmMyNTRiOTYzM2IzN2M3MjU2OWM2NWM1YjRlODRiYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3M1+BI9F8sxBmP1kjedjtcVxeNjL
JpAz2XpLLXkPOf0owbXWFmk2Xf2Qz/e7X8AkXGfcU+kjPLxxevucTp5L/X5oumyq
/oNWT84k1Ai+wVlloCq2rkoGf+RQWKYU4RET3f8nuaFnLcH/pgPOvYuaJCaOOA2y
+7vk9Gdbww4vu7YltqL9/YBZ3Bt/apoIH/b0qkD6Vkg+nysdpxeVAW6YHfgAKtu+
iI5cECY0oapMgatbPnlVNaFEHQSLcoh6LDuuUcexed5f3gn8pLlRNr1CMSzQmM1g
34DY3cR1qlKZcB6ck9hj73AAY6sKYAaF/eLTrciIZkNR8xPuT2kH+0AuLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXKAKvCVLljOzfHJWnGXFtOhLwcMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOIw7XRqh
+AGecuTzA14DrnxysL8gvaHMdqfYxMaZyGfJY9DLvXaJnYSGbIaT+k4WOaEjkd8e
y8k3cUfNFyRbRV+JHM7l2ffuYoyEfHj2Yi4NaWLMck7ZWIKzs3T9DKkkMtQbUg/j
GW/dOzLQshiKaF9EG/mp1S7xU9HCfkgth4TiA4c4Bl5Uz97Jd4PBfsMEhpl+TRn7
qJfRCJOI1lD7+/Nxwv0VzwmuttEeloaaJrQUJKvTxaquKO1xBT58RYi7aEyy27o2
iJCQhd0arixFiUSWveg2QrSz9ees9Rp1EhhwdwFXOzx16Eo5f9hLKyvsDjc9pWul
DJrwUlsxtL/lfg==
-----END CERTIFICATE-----