Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          R4QG2/871d2j/hH4E27oPONBDn7yB1kymB8OH21SjoA=
Subject key identifier:   86:24:91:75:EC:2D:7C:F6:65:7D:99:D0:0E:36:6B:F6:7B:02:B7:9B
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0197B6A221BAE102E5E33AD3C1A80CBE5021
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          0339
Signing time:             Sat 28 Jun 2025 13:02:48 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:48 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:48 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: 2GYDNYbPAafZuIhpgLq++B8VRGGYMOnLpLpi351yHcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:21:ba:e1:02:e5:e3:3a:d3:c1:a8:0c:be:50:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Jun 28 13:02:48 2025 GMT
            Not After : Jun 29 13:02:48 2025 GMT
        Subject: CN=86249175ec2d7cf6657d99d00e366bf67b02b79b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:67:57:d7:ba:75:af:c4:1a:b9:89:b7:b3:cb:
                    eb:f1:af:d5:15:80:f2:72:f3:c6:18:39:af:2e:24:
                    15:37:c3:aa:8b:cb:28:d7:e8:1b:38:fa:c5:40:49:
                    a2:a8:77:85:b9:ee:ac:55:73:a9:a9:21:e4:fd:3a:
                    c2:4f:c1:ed:17:8c:cf:a2:78:8b:44:81:dd:ff:5a:
                    c6:9e:c9:3b:dc:9d:cd:eb:f9:ab:56:ea:e5:27:d1:
                    37:1d:80:37:04:29:47:91:0e:06:ff:67:fc:f2:b9:
                    86:22:ad:ff:17:81:c6:92:38:70:26:28:1c:80:8d:
                    f8:b1:9e:ad:9a:26:97:8f:f2:ce:72:96:e2:01:32:
                    b4:88:fe:6c:bb:6b:a7:47:a1:d9:b8:ed:8d:90:64:
                    51:cb:92:09:2c:49:12:a3:52:b5:b3:7c:5b:df:d4:
                    56:36:be:83:b1:cc:80:16:d1:6a:95:58:e5:95:ad:
                    6b:41:af:19:de:c4:7b:52:e9:45:cf:91:21:43:35:
                    31:03:25:cf:ad:be:99:7c:9d:ed:3b:ca:af:e5:a6:
                    5b:d8:0e:cd:c1:5c:a9:d9:23:11:f9:c5:a0:a2:78:
                    71:89:d3:29:a9:0a:26:67:e0:2d:8e:a3:b4:38:8a:
                    18:db:22:b7:1b:03:22:2c:95:ae:9e:d4:62:20:cf:
                    22:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:24:91:75:EC:2D:7C:F6:65:7D:99:D0:0E:36:6B:F6:7B:02:B7:9B
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:1b:4d:12:74:11:9d:f6:58:8d:ce:3d:f0:8f:f4:ce:f1:4b:
         54:01:75:06:ee:9a:a6:78:06:dd:72:1b:b7:e3:54:a3:39:ad:
         a5:51:18:24:76:ed:ef:dd:87:74:ee:95:63:e9:f0:d6:8d:b1:
         21:95:dc:76:b8:f6:62:bc:83:52:e0:bd:8e:03:17:a1:e6:3b:
         67:40:45:c8:4a:e1:0a:67:60:22:1f:88:23:02:f0:19:93:f1:
         cf:9e:3e:11:08:56:22:ea:55:b2:9c:ca:2b:cf:76:3f:b8:22:
         4a:ae:4b:8d:a4:13:35:50:56:2c:dc:05:f0:e7:f6:10:8d:3b:
         8e:fb:6b:75:29:2f:f2:50:48:df:08:8b:21:61:4f:ef:7c:d8:
         90:28:58:11:32:87:b1:1c:dc:1d:76:3e:21:82:02:f6:da:c4:
         81:b0:ad:66:43:2d:de:be:f2:c7:25:32:63:b5:c0:3b:33:92:
         c3:bc:f8:06:80:d0:90:33:81:58:2e:a0:0d:99:8b:2f:19:43:
         df:d2:64:1f:c6:67:fb:f0:ff:99:51:30:ca:b6:7c:88:4d:7a:
         db:59:99:1d:b9:1a:cd:2a:f5:a4:90:e8:56:05:58:d9:2f:15:
         2e:a6:46:23:63:1e:1b:a2:b1:05:87:97:bb:4b:70:7d:b5:0d:
         a6:f4:32:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oiG64QLl4zrTwagMvlAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUwNjI4MTMwMjQ4WhcNMjUwNjI5MTMwMjQ4WjAzMTEwLwYDVQQD
Eyg4NjI0OTE3NWVjMmQ3Y2Y2NjU3ZDk5ZDAwZTM2NmJmNjdiMDJiNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2dX17p1r8QauYm3s8vr8a/VFYDy
cvPGGDmvLiQVN8Oqi8so1+gbOPrFQEmiqHeFue6sVXOpqSHk/TrCT8HtF4zPoniL
RIHd/1rGnsk73J3N6/mrVurlJ9E3HYA3BClHkQ4G/2f88rmGIq3/F4HGkjhwJigc
gI34sZ6tmiaXj/LOcpbiATK0iP5su2unR6HZuO2NkGRRy5IJLEkSo1K1s3xb39RW
Nr6DscyAFtFqlVjlla1rQa8Z3sR7UulFz5EhQzUxAyXPrb6ZfJ3tO8qv5aZb2A7N
wVyp2SMR+cWgonhxidMpqQomZ+AtjqO0OIoY2yK3GwMiLJWuntRiIM8iAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYkkXXsLXz2ZX2Z0A42a/Z7ArebMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiBtNEnQR
nfZYjc498I/0zvFLVAF1Bu6apngG3XIbt+NUozmtpVEYJHbt792HdO6VY+nw1o2x
IZXcdrj2YryDUuC9jgMXoeY7Z0BFyErhCmdgIh+IIwLwGZPxz54+EQhWIupVspzK
K892P7giSq5LjaQTNVBWLNwF8Of2EI07jvtrdSkv8lBI3wiLIWFP73zYkChYETKH
sRzcHXY+IYIC9trEgbCtZkMt3r7yxyUyY7XAOzOSw7z4BoDQkDOBWC6gDZmLLxlD
39JkH8Zn+/D/mVEwyrZ8iE1621mZHbkazSr1pJDoVgVY2S8VLqZGI2MeG6KxBYeX
u0twfbUNpvQyqA==
-----END CERTIFICATE-----