Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          e6TTi7ndeOg/3ofV+WHrvHt9RsUSS7B6VgHqM0MGzMw=
Subject key identifier:   8A:85:83:9F:65:1E:55:D4:E6:FF:E0:16:05:25:A9:1D:C0:70:B0:49
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0198D51625F39A3D78676F2632D79696262A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          10CC
Signing time:             Sat 23 Aug 2025 04:00:55 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:55 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:55 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: 2zTunLFkntMICBzjavthFwcvYzS5qKu06NFQKqbXUMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:25:f3:9a:3d:78:67:6f:26:32:d7:96:96:26:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Aug 23 04:00:55 2025 GMT
            Not After : Aug 24 04:00:55 2025 GMT
        Subject: CN=8a85839f651e55d4e6ffe0160525a91dc070b049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:31:4c:fe:75:34:74:46:88:c3:a5:be:6f:66:
                    04:0d:08:a9:e8:a0:3a:d8:20:f5:95:2c:05:25:71:
                    f2:0d:d2:9a:2c:97:37:c5:76:05:96:b0:12:85:0e:
                    3e:b3:9f:aa:40:79:e4:46:fd:38:f4:3e:5d:1a:30:
                    d9:1b:77:f9:30:7b:41:10:58:92:fe:80:74:1a:75:
                    7a:e9:8b:7d:98:c3:e0:95:7b:27:6d:59:2c:a5:7a:
                    d4:27:a1:6a:36:05:6c:11:90:b6:60:a0:f7:07:c9:
                    7e:38:92:7a:b3:40:91:1d:d7:c1:08:4d:fc:17:7a:
                    7b:2b:8f:27:eb:e9:53:2d:ee:5e:bb:eb:6f:88:d6:
                    c9:36:be:2e:b1:32:99:31:88:00:d5:67:c7:3f:44:
                    44:5b:66:06:7a:f6:45:32:7e:49:37:94:18:29:1d:
                    51:2c:36:fb:05:9c:b8:b5:81:6b:f2:3b:94:c4:da:
                    6a:9b:4b:1c:8d:27:6d:be:79:37:47:75:9f:2e:ca:
                    64:01:08:23:6c:1c:1d:be:b1:19:d3:48:c5:d9:9d:
                    f2:bd:79:30:ee:1b:e6:c9:87:33:da:d0:bb:3a:1a:
                    58:cc:7b:8e:24:bf:ba:c7:b3:09:08:83:8a:a9:6f:
                    4a:e0:f5:ca:f3:5d:fb:1d:fd:1e:11:92:09:27:88:
                    1b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:85:83:9F:65:1E:55:D4:E6:FF:E0:16:05:25:A9:1D:C0:70:B0:49
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:92:c0:be:36:06:80:ab:5a:42:f7:35:aa:01:40:44:46:6a:
         da:0d:75:0f:52:23:97:dc:e8:0b:d4:64:01:03:ff:ef:b4:83:
         ed:e1:16:fc:a6:2f:4f:cc:6a:56:03:f1:2a:26:c1:04:74:eb:
         a6:ca:f9:30:d2:13:6a:ef:54:54:98:59:1a:a5:62:1a:b8:db:
         3a:4b:df:8f:f1:2a:bf:f4:dd:e5:07:7b:f5:05:9f:23:a3:b8:
         ce:74:be:c6:92:a7:df:02:4a:91:20:26:78:50:d0:82:91:ac:
         74:fc:0f:dc:a9:73:84:7a:51:09:cc:18:9c:61:a9:37:08:e8:
         b1:7d:98:b0:f4:e9:c8:9a:68:cb:e0:02:14:13:a6:5b:54:a0:
         95:13:c7:eb:41:75:5f:cb:84:d1:1b:2e:a8:87:6a:b7:02:aa:
         2d:32:5c:6a:05:50:68:b2:e8:c3:f6:62:48:ad:18:e7:17:41:
         5d:62:b7:72:b8:17:df:76:98:c8:2d:00:8d:fc:c8:51:17:a7:
         25:05:dc:a1:b6:4b:4f:09:9f:c9:31:da:1d:ae:05:c6:e2:78:
         98:a9:a5:97:be:c6:ef:dc:d3:ef:59:74:a7:9d:95:fe:ce:fe:
         d5:dd:a0:27:e1:38:88:97:8b:83:d2:c2:af:6b:7b:7c:d2:9b:
         bf:da:1e:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFiXzmj14Z28mMteWliYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwODIzMDQwMDU1WhcNMjUwODI0MDQwMDU1WjAzMTEwLwYDVQQD
Eyg4YTg1ODM5ZjY1MWU1NWQ0ZTZmZmUwMTYwNTI1YTkxZGMwNzBiMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TFM/nU0dEaIw6W+b2YEDQip6KA6
2CD1lSwFJXHyDdKaLJc3xXYFlrAShQ4+s5+qQHnkRv049D5dGjDZG3f5MHtBEFiS
/oB0GnV66Yt9mMPglXsnbVkspXrUJ6FqNgVsEZC2YKD3B8l+OJJ6s0CRHdfBCE38
F3p7K48n6+lTLe5eu+tviNbJNr4usTKZMYgA1WfHP0REW2YGevZFMn5JN5QYKR1R
LDb7BZy4tYFr8juUxNpqm0scjSdtvnk3R3WfLspkAQgjbBwdvrEZ00jF2Z3yvXkw
7hvmyYcz2tC7OhpYzHuOJL+6x7MJCIOKqW9K4PXK8137Hf0eEZIJJ4gb/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqFg59lHlXU5v/gFgUlqR3AcLBJMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoZLAvjYG
gKtaQvc1qgFAREZq2g11D1Ijl9zoC9RkAQP/77SD7eEW/KYvT8xqVgPxKibBBHTr
psr5MNITau9UVJhZGqViGrjbOkvfj/Eqv/Td5Qd79QWfI6O4znS+xpKn3wJKkSAm
eFDQgpGsdPwP3KlzhHpRCcwYnGGpNwjosX2YsPTpyJpoy+ACFBOmW1SglRPH60F1
X8uE0RsuqIdqtwKqLTJcagVQaLLow/ZiSK0Y5xdBXWK3crgX33aYyC0AjfzIURen
JQXcobZLTwmfyTHaHa4FxuJ4mKmll77G79zT71l0p52V/s7+1d2gJ+E4iJeLg9LC
r2t7fNKbv9oe5g==
-----END CERTIFICATE-----