Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          d/tQpZrERo3h1/TB+KdTARq0WmN115QDCWPMolW5Ljc=
Subject key identifier:   7A:D8:1E:5D:C0:6E:15:1D:53:F9:F3:A1:E1:EE:2A:A9:5E:0D:F0:DC
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       0199FC8F6340BC7980EB900A1D456FB79FB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          0660
Signing time:             Sun 19 Oct 2025 13:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:19 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: p5kJcb3XSUVGhb/lHXmPkT4NCoicDR6NWfN9yf2A28U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:63:40:bc:79:80:eb:90:0a:1d:45:6f:b7:9f:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Oct 19 13:01:19 2025 GMT
            Not After : Oct 20 13:01:19 2025 GMT
        Subject: CN=7ad81e5dc06e151d53f9f3a1e1ee2aa95e0df0dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b6:93:39:36:b6:14:6c:11:65:a7:90:2d:5c:
                    53:17:8f:0d:7a:61:80:d3:6c:7a:8c:28:ea:4a:57:
                    02:6b:72:33:07:17:a2:c2:77:3e:5a:98:b8:0a:04:
                    78:e8:df:7a:25:08:be:31:8b:e4:68:e0:a8:27:cd:
                    3c:5f:2c:e4:8e:c7:a4:bf:ac:3e:2d:b5:38:2d:a3:
                    6f:51:d6:58:d3:20:2b:cb:9b:67:de:74:5c:15:72:
                    6a:37:e5:08:61:8a:90:b5:99:ec:98:92:86:21:b6:
                    bc:1b:34:93:39:8d:46:25:3e:58:4e:9d:06:28:75:
                    a6:f4:3e:fb:84:16:09:b3:d7:6c:42:8d:db:3d:62:
                    84:58:4d:5c:f0:6d:01:3d:60:81:a4:ed:42:d9:73:
                    db:e7:be:14:8e:77:c9:d2:18:e6:d1:93:9b:07:35:
                    af:2a:3b:94:7a:c3:76:de:73:05:55:51:39:c2:cd:
                    00:72:d5:af:82:ba:60:6b:c9:36:87:b0:25:e4:ea:
                    64:2a:d8:a5:dd:94:ca:19:b3:b7:c8:87:2a:fc:45:
                    c9:83:83:f7:18:6c:3e:72:4a:89:a3:d3:1a:5f:8f:
                    05:6f:c0:e7:e9:ce:e1:f2:6f:c0:4b:87:6b:1b:40:
                    f1:82:b1:a0:7e:a2:66:20:42:69:89:3a:8d:bb:a8:
                    f7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D8:1E:5D:C0:6E:15:1D:53:F9:F3:A1:E1:EE:2A:A9:5E:0D:F0:DC
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f9:34:61:90:a4:4d:7e:55:be:86:e7:f1:ce:19:92:80:85:
         71:28:09:4b:09:6b:b6:d4:7f:b0:c3:2d:af:9d:97:dd:c9:bf:
         6c:74:05:8b:9f:0c:b6:65:08:44:e2:4f:d9:27:2e:8e:c0:1f:
         33:17:7a:17:a7:17:c7:53:45:a5:e3:70:6b:69:16:b8:c6:58:
         cd:a9:f0:c3:e9:f6:63:a8:56:3b:18:78:29:1c:f1:0c:6d:e9:
         43:c4:b3:2e:da:51:87:64:c6:0f:95:79:c6:79:0a:df:51:34:
         8b:19:90:f0:ce:8a:9d:0c:ef:fe:a7:03:06:c5:20:7f:2f:05:
         df:44:4a:f9:82:1d:ca:e1:ac:9c:69:a3:73:6c:1a:33:f7:5b:
         41:f0:9c:6e:80:ab:74:44:0e:82:ae:82:84:fa:6c:b3:03:60:
         6e:73:cd:69:19:b2:6e:ad:e1:8e:8c:96:c0:2a:19:db:54:de:
         48:6e:3b:8c:b7:16:08:67:b2:fb:3d:69:9b:59:7e:04:fd:71:
         3d:ed:40:09:0f:fb:a5:21:00:58:c8:3d:ff:31:73:45:b2:e1:
         90:02:07:06:c0:1e:34:2d:7d:8c:0d:f9:49:0c:20:8a:fa:72:
         b1:bb:cb:39:8e:01:7e:60:40:04:2b:ac:49:ef:7e:7d:53:a1:
         4b:e5:e0:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j2NAvHmA65AKHUVvt5+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUxMDE5MTMwMTE5WhcNMjUxMDIwMTMwMTE5WjAzMTEwLwYDVQQD
Eyg3YWQ4MWU1ZGMwNmUxNTFkNTNmOWYzYTFlMWVlMmFhOTVlMGRmMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7aTOTa2FGwRZaeQLVxTF48NemGA
02x6jCjqSlcCa3IzBxeiwnc+Wpi4CgR46N96JQi+MYvkaOCoJ808Xyzkjsekv6w+
LbU4LaNvUdZY0yAry5tn3nRcFXJqN+UIYYqQtZnsmJKGIba8GzSTOY1GJT5YTp0G
KHWm9D77hBYJs9dsQo3bPWKEWE1c8G0BPWCBpO1C2XPb574UjnfJ0hjm0ZObBzWv
KjuUesN23nMFVVE5ws0ActWvgrpga8k2h7Al5OpkKtil3ZTKGbO3yIcq/EXJg4P3
GGw+ckqJo9MaX48Fb8Dn6c7h8m/AS4drG0DxgrGgfqJmIEJpiTqNu6j39QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrYHl3AbhUdU/nzoeHuKqleDfDcMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/k0YZCk
TX5Vvobn8c4ZkoCFcSgJSwlrttR/sMMtr52X3cm/bHQFi58MtmUIROJP2ScujsAf
Mxd6F6cXx1NFpeNwa2kWuMZYzanww+n2Y6hWOxh4KRzxDG3pQ8SzLtpRh2TGD5V5
xnkK31E0ixmQ8M6KnQzv/qcDBsUgfy8F30RK+YIdyuGsnGmjc2waM/dbQfCcboCr
dEQOgq6ChPpsswNgbnPNaRmybq3hjoyWwCoZ21TeSG47jLcWCGey+z1pm1l+BP1x
Pe1ACQ/7pSEAWMg9/zFzRbLhkAIHBsAeNC19jA35SQwgivpysbvLOY4BfmBABCus
Se9+fVOhS+XgQQ==
-----END CERTIFICATE-----