Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          XENJ63VyfhIl+5RfF0NDY+8qMC1YT14usCfDxSBOxdM=
Subject key identifier:   F1:5A:F6:55:E4:0D:AA:16:2C:34:71:B2:FA:47:7A:79:4D:81:E5:54
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0196CD98BC591C42703EF342A2BBA5E9FFCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          0FBF
Signing time:             Wed 14 May 2025 07:01:01 +0000
Manifest this update:     Wed 14 May 2025 07:01:01 +0000
Manifest next update:     Thu 15 May 2025 07:01:01 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: 5iaQAO/xW7mieq2YLkjhb7paHz+xlKZbHCDhfscXEfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cd:98:bc:59:1c:42:70:3e:f3:42:a2:bb:a5:e9:ff:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: May 14 07:01:01 2025 GMT
            Not After : May 15 07:01:01 2025 GMT
        Subject: CN=f15af655e40daa162c3471b2fa477a794d81e554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:0f:89:44:17:ab:ea:2b:48:7a:94:0a:f6:73:
                    c6:54:b8:1b:0b:46:de:d5:9f:d1:f0:0e:fe:02:8a:
                    78:8e:a5:2f:c2:be:08:62:5d:f2:5a:db:df:a5:00:
                    f3:2f:77:da:61:80:18:a3:30:65:e9:8a:42:da:b8:
                    38:3a:bd:79:94:f1:ff:07:b0:fd:ed:1f:d1:4d:9c:
                    44:11:bf:f6:35:81:5e:cb:68:d1:b0:b3:52:62:f0:
                    f3:6b:cc:29:26:f9:25:eb:51:b2:c9:41:43:0f:77:
                    7e:1a:b0:5b:09:21:ad:df:94:11:92:c2:10:34:4c:
                    2b:4c:fd:f7:b0:c7:43:42:d4:b6:77:6f:4a:51:d5:
                    f7:ce:a0:27:06:b4:d8:15:95:a9:17:ca:5d:45:09:
                    a3:0a:94:9e:7b:c8:96:55:36:16:d4:26:c0:3a:10:
                    ca:30:a6:fc:9e:ca:47:0f:14:0e:5e:31:be:f4:e8:
                    a6:5b:08:d8:28:63:39:25:86:66:83:b9:1f:2a:94:
                    3c:64:43:12:43:44:b8:d1:d7:1a:62:c4:41:8a:1e:
                    74:c6:a0:2e:a8:55:1c:98:26:7b:eb:27:df:ed:ba:
                    99:fd:54:90:ec:a8:2f:04:11:24:42:e4:8e:58:db:
                    1c:57:50:e7:cc:17:36:3e:70:5f:b3:37:3b:8b:ae:
                    e7:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:5A:F6:55:E4:0D:AA:16:2C:34:71:B2:FA:47:7A:79:4D:81:E5:54
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:aa:ee:1a:81:c2:03:b3:1b:11:0c:da:ff:59:c1:7a:d7:15:
         4b:4e:c4:11:30:d2:08:17:a8:32:09:8c:6e:a7:e9:26:c8:df:
         24:5d:af:e2:e8:52:29:63:ef:25:51:56:78:ff:b5:88:e2:25:
         bc:af:4c:df:b4:0b:0c:a1:77:68:1b:96:c2:12:51:2a:b9:34:
         43:c6:36:d6:e0:26:70:8d:ec:7f:30:8b:da:0d:b9:08:d2:cf:
         36:32:df:c4:bf:c8:d4:2a:85:be:72:85:01:14:4b:bc:6a:27:
         f5:05:6a:3b:ae:58:2d:32:6d:e2:6a:a4:4c:9f:ba:9d:2c:45:
         bd:dd:f4:0e:31:0c:77:3c:88:d9:41:3d:7f:4c:50:67:e1:8c:
         2d:2a:8f:ca:da:49:c3:2c:fb:ea:9f:e4:db:ad:d9:8d:12:bd:
         3e:51:6e:4c:84:45:7d:35:94:51:9c:0f:69:af:59:f8:fc:71:
         7e:44:93:98:05:b9:b0:a5:9b:9f:03:4d:a6:2d:b2:46:c2:4a:
         b1:b2:a1:e1:bd:da:36:44:a2:60:22:e7:90:09:63:b9:71:78:
         e8:00:73:07:1b:a3:5a:c6:fa:b0:53:62:2d:5f:53:cf:b7:5c:
         21:b2:40:a5:8c:52:e5:e9:84:45:bc:72:13:ea:93:fd:8c:64:
         7c:b9:24:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbNmLxZHEJwPvNCorul6f/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwNTE0MDcwMTAxWhcNMjUwNTE1MDcwMTAxWjAzMTEwLwYDVQQD
EyhmMTVhZjY1NWU0MGRhYTE2MmMzNDcxYjJmYTQ3N2E3OTRkODFlNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ+JRBer6itIepQK9nPGVLgbC0be
1Z/R8A7+Aop4jqUvwr4IYl3yWtvfpQDzL3faYYAYozBl6YpC2rg4Or15lPH/B7D9
7R/RTZxEEb/2NYFey2jRsLNSYvDza8wpJvkl61GyyUFDD3d+GrBbCSGt35QRksIQ
NEwrTP33sMdDQtS2d29KUdX3zqAnBrTYFZWpF8pdRQmjCpSee8iWVTYW1CbAOhDK
MKb8nspHDxQOXjG+9OimWwjYKGM5JYZmg7kfKpQ8ZEMSQ0S40dcaYsRBih50xqAu
qFUcmCZ76yff7bqZ/VSQ7KgvBBEkQuSOWNscV1DnzBc2PnBfszc7i67nCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFa9lXkDaoWLDRxsvpHenlNgeVUMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr6ruGoHC
A7MbEQza/1nBetcVS07EETDSCBeoMgmMbqfpJsjfJF2v4uhSKWPvJVFWeP+1iOIl
vK9M37QLDKF3aBuWwhJRKrk0Q8Y21uAmcI3sfzCL2g25CNLPNjLfxL/I1CqFvnKF
ARRLvGon9QVqO65YLTJt4mqkTJ+6nSxFvd30DjEMdzyI2UE9f0xQZ+GMLSqPytpJ
wyz76p/k263ZjRK9PlFuTIRFfTWUUZwPaa9Z+PxxfkSTmAW5sKWbnwNNpi2yRsJK
sbKh4b3aNkSiYCLnkAljuXF46ABzBxujWsb6sFNiLV9Tz7dcIbJApYxS5emERbxy
E+qT/YxkfLkkJA==
-----END CERTIFICATE-----