Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          hyw4B7j99s2SY5B9qJ9g8FHqIY8Ik2N1RJ/2kvAixcE=
Subject key identifier:   E9:8A:E4:D9:21:51:30:F4:C2:68:EB:CD:09:DF:B5:18:0A:6B:25:FF
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       0198D705892B5D39C5B744E524E14C6B1754
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          05C8
Signing time:             Sat 23 Aug 2025 13:02:00 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:00 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:00 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: sVPX0Z1a3PI2ZWjq2NrYz43jpRumJijTP3m1vE3n1pI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:89:2b:5d:39:c5:b7:44:e5:24:e1:4c:6b:17:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Aug 23 13:02:00 2025 GMT
            Not After : Aug 24 13:02:00 2025 GMT
        Subject: CN=e98ae4d9215130f4c268ebcd09dfb5180a6b25ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:35:72:de:95:70:80:86:1a:6b:1c:60:07:60:
                    12:b3:7f:7a:76:9f:86:c9:a0:65:8a:78:cd:c8:ad:
                    c4:6e:48:34:59:3c:c0:93:a8:ac:fe:07:f4:ac:31:
                    e2:7d:b3:c9:ac:45:4c:0b:51:93:76:c7:cd:f5:bc:
                    80:91:39:8d:a5:d2:fe:b6:f7:47:da:b0:5c:e6:1a:
                    cd:60:32:3a:ea:04:a9:6f:cc:cd:7f:9c:6d:68:8d:
                    ef:82:14:2d:5f:f8:39:5c:7a:18:61:05:e2:0c:dc:
                    4f:93:f1:a7:0d:fe:cc:7d:f4:63:3d:bf:fd:6d:c4:
                    58:44:15:33:cc:d2:b8:62:6b:e6:83:4d:9f:b6:a3:
                    fa:e8:2b:a7:87:2d:1e:e6:9d:87:58:e5:d7:cd:ea:
                    4d:73:f3:b2:75:0a:16:85:ea:3c:58:b5:30:aa:49:
                    60:73:26:6f:cf:06:ce:09:32:ef:ae:a5:6d:0c:48:
                    cb:13:a7:c4:7f:af:e4:40:48:cb:d9:4f:77:f4:40:
                    a0:38:8a:34:05:bc:57:5d:3a:0f:3f:aa:c6:83:59:
                    3b:93:39:34:d0:30:9c:64:0c:94:52:3e:d7:e0:0d:
                    75:70:8f:ca:e6:da:0b:2e:e7:a6:e5:69:d7:ce:71:
                    6a:f1:66:99:ff:6b:8f:52:5f:5f:eb:86:01:1c:e4:
                    d5:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:8A:E4:D9:21:51:30:F4:C2:68:EB:CD:09:DF:B5:18:0A:6B:25:FF
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:35:b0:cb:62:b8:e1:e2:5f:01:8e:77:94:99:d6:0b:b4:27:
         6d:97:6b:54:9c:70:17:24:af:4d:9b:cb:a2:9d:ed:a9:78:9c:
         20:b8:27:b7:8f:63:91:9b:8b:7d:12:c9:98:0e:a9:53:25:16:
         5d:b8:87:fa:ca:3c:c2:25:de:26:26:aa:cd:ff:a9:b4:20:49:
         58:d3:12:16:82:2b:e4:22:5c:7a:1a:5a:d3:16:cc:ba:05:fc:
         e9:3e:80:61:18:36:b4:19:66:ee:85:3e:a2:17:e1:f0:13:28:
         8f:31:ee:ca:f0:4c:67:8f:2f:06:b6:6d:34:e7:14:e6:4b:5f:
         36:1d:1b:e4:b8:5e:d3:51:a2:3e:70:bc:5f:93:bd:f5:7c:2a:
         94:ee:86:1e:62:cb:4f:35:5b:21:58:ac:42:e7:2b:4c:11:0e:
         fc:be:d3:f9:b9:34:ff:c3:bf:61:c2:7c:bf:f1:1b:e4:e9:17:
         73:56:ce:38:e3:73:8a:c9:7f:52:41:33:94:97:07:0d:a0:d2:
         1d:df:b5:c3:0d:29:e5:36:14:67:ec:4f:b5:58:e0:f9:fb:bf:
         d9:d6:9e:3e:25:06:8b:ce:72:f6:6c:60:09:83:6e:9f:7c:2e:
         61:47:a8:68:f3:07:2b:38:d4:d1:40:a7:11:ba:da:43:df:69:
         1b:f8:02:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBYkrXTnFt0TlJOFMaxdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUwODIzMTMwMjAwWhcNMjUwODI0MTMwMjAwWjAzMTEwLwYDVQQD
EyhlOThhZTRkOTIxNTEzMGY0YzI2OGViY2QwOWRmYjUxODBhNmIyNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjVy3pVwgIYaaxxgB2ASs396dp+G
yaBlinjNyK3Ebkg0WTzAk6is/gf0rDHifbPJrEVMC1GTdsfN9byAkTmNpdL+tvdH
2rBc5hrNYDI66gSpb8zNf5xtaI3vghQtX/g5XHoYYQXiDNxPk/GnDf7MffRjPb/9
bcRYRBUzzNK4Ymvmg02ftqP66Cunhy0e5p2HWOXXzepNc/OydQoWheo8WLUwqklg
cyZvzwbOCTLvrqVtDEjLE6fEf6/kQEjL2U939ECgOIo0BbxXXToPP6rGg1k7kzk0
0DCcZAyUUj7X4A11cI/K5toLLuem5WnXznFq8WaZ/2uPUl9f64YBHOTV2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmK5NkhUTD0wmjrzQnftRgKayX/MB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATWwy2K4
4eJfAY53lJnWC7QnbZdrVJxwFySvTZvLop3tqXicILgnt49jkZuLfRLJmA6pUyUW
XbiH+so8wiXeJiaqzf+ptCBJWNMSFoIr5CJcehpa0xbMugX86T6AYRg2tBlm7oU+
ohfh8BMojzHuyvBMZ48vBrZtNOcU5ktfNh0b5Lhe01GiPnC8X5O99XwqlO6GHmLL
TzVbIVisQucrTBEO/L7T+bk0/8O/YcJ8v/Eb5OkXc1bOOONzisl/UkEzlJcHDaDS
Hd+1ww0p5TYUZ+xPtVjg+fu/2daePiUGi85y9mxgCYNun3wuYUeoaPMHKzjU0UCn
EbraQ99pG/gC7A==
-----END CERTIFICATE-----