Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          sNtleGkFVgOEmQvISG+crh91ykwD67m1IuCA06gU0yc=
Subject key identifier:   AB:5B:C3:1F:B5:79:C7:38:37:0E:77:A8:CD:0E:86:30:29:35:9C:74
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       0197CC834B1A2FCBB899E322D323D39BB430
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          053E
Signing time:             Wed 02 Jul 2025 19:00:45 +0000
Manifest this update:     Wed 02 Jul 2025 19:00:45 +0000
Manifest next update:     Thu 03 Jul 2025 19:00:45 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: 4ydkFLB4yiqeQWE+NThMmmPiKIquadIFkREdbXYG45c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 19:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cc:83:4b:1a:2f:cb:b8:99:e3:22:d3:23:d3:9b:b4:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Jul  2 19:00:45 2025 GMT
            Not After : Jul  3 19:00:45 2025 GMT
        Subject: CN=ab5bc31fb579c738370e77a8cd0e863029359c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5b:b0:88:80:5f:c5:98:a4:3d:fe:93:af:b6:
                    e7:37:2f:29:de:9d:4e:bf:4e:2c:a6:be:e8:b3:fd:
                    92:3d:dc:ee:7a:2c:b3:50:21:d0:cf:0f:16:81:3a:
                    9e:a0:7d:fc:36:79:29:60:91:78:f4:1a:17:a7:d5:
                    d6:5a:ea:06:1b:9a:b1:16:9a:2a:5a:8b:c9:ec:3d:
                    44:94:b8:22:63:1b:bb:b1:29:0f:68:51:49:ef:98:
                    de:9d:2e:90:98:42:2f:63:e1:a2:69:d5:a2:b4:a2:
                    c1:77:d3:92:1a:e8:08:92:21:65:70:91:b6:ea:e6:
                    29:69:db:a7:d7:68:3d:fe:08:7c:56:83:d2:c7:ae:
                    d6:55:19:80:9a:ef:05:63:b5:ee:6d:89:cc:1f:70:
                    a0:d3:e9:a8:c5:78:4b:15:48:cd:ed:9b:92:11:7f:
                    5e:80:d8:55:32:d6:5d:d0:59:49:d3:98:ed:e1:81:
                    0e:02:75:a8:95:0f:c8:cc:85:c6:5d:9c:1d:8d:a6:
                    08:ec:d4:37:ea:07:3b:e2:a8:f2:7e:8d:fd:7b:5b:
                    d0:64:38:4c:77:4b:bb:02:08:4d:0b:76:bb:45:9a:
                    68:cd:f5:57:4e:f5:7f:10:8d:54:68:07:65:21:c4:
                    7d:47:1a:1a:c8:cf:4c:fb:17:57:63:c4:3e:7d:f0:
                    36:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:5B:C3:1F:B5:79:C7:38:37:0E:77:A8:CD:0E:86:30:29:35:9C:74
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:aa:89:11:a2:ce:44:23:68:16:e8:7f:e2:a6:08:71:4f:0b:
         32:a6:4c:05:1a:2b:8e:97:13:51:03:51:05:d8:91:21:c2:e1:
         ac:b2:c1:cb:8a:12:33:b3:5f:5b:4a:fd:64:2b:41:6a:4f:05:
         dc:fa:97:41:bb:5f:7a:95:b2:e0:7e:96:85:d7:2c:e8:f1:9d:
         de:29:a4:d2:55:00:58:69:59:0b:a9:9d:1a:36:5e:0b:96:2b:
         55:16:cf:0c:b2:a1:52:a0:4b:82:36:72:26:d8:27:f4:16:3b:
         13:fb:38:75:62:7f:bd:cd:cb:3f:50:b7:73:12:2e:7b:b1:fa:
         d8:7b:48:60:05:77:41:ca:05:74:58:34:61:e9:a4:15:2d:7a:
         07:7f:67:ee:4f:61:b6:bf:e9:5e:c9:68:42:27:3e:cc:fc:44:
         e0:05:8c:5d:ca:f0:b2:06:5a:0d:ef:d5:7c:59:80:bc:f9:d7:
         78:f7:5d:05:54:63:31:98:15:61:08:24:16:d7:09:76:32:dc:
         3a:34:69:12:ab:1d:9d:fd:21:87:26:08:e0:bf:0f:a6:44:11:
         98:a0:57:ed:ad:3e:d6:25:50:44:e2:dc:01:73:f6:c4:55:a0:
         4f:0a:38:f1:16:fa:9b:6f:66:73:8a:e1:4b:aa:d6:4f:6b:97:
         ef:df:87:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfMg0saL8u4meMi0yPTm7QwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUwNzAyMTkwMDQ1WhcNMjUwNzAzMTkwMDQ1WjAzMTEwLwYDVQQD
EyhhYjViYzMxZmI1NzljNzM4MzcwZTc3YThjZDBlODYzMDI5MzU5Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1uwiIBfxZikPf6Tr7bnNy8p3p1O
v04spr7os/2SPdzueiyzUCHQzw8WgTqeoH38NnkpYJF49BoXp9XWWuoGG5qxFpoq
WovJ7D1ElLgiYxu7sSkPaFFJ75jenS6QmEIvY+GiadWitKLBd9OSGugIkiFlcJG2
6uYpadun12g9/gh8VoPSx67WVRmAmu8FY7XubYnMH3Cg0+moxXhLFUjN7ZuSEX9e
gNhVMtZd0FlJ05jt4YEOAnWolQ/IzIXGXZwdjaYI7NQ36gc74qjyfo39e1vQZDhM
d0u7AghNC3a7RZpozfVXTvV/EI1UaAdlIcR9RxoayM9M+xdXY8Q+ffA2/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtbwx+1ecc4Nw53qM0OhjApNZx0MB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKqJEaLO
RCNoFuh/4qYIcU8LMqZMBRorjpcTUQNRBdiRIcLhrLLBy4oSM7NfW0r9ZCtBak8F
3PqXQbtfepWy4H6Whdcs6PGd3imk0lUAWGlZC6mdGjZeC5YrVRbPDLKhUqBLgjZy
Jtgn9BY7E/s4dWJ/vc3LP1C3cxIue7H62HtIYAV3QcoFdFg0YemkFS16B39n7k9h
tr/pXsloQic+zPxE4AWMXcrwsgZaDe/VfFmAvPnXePddBVRjMZgVYQgkFtcJdjLc
OjRpEqsdnf0hhyYI4L8PpkQRmKBX7a0+1iVQROLcAXP2xFWgTwo48Rb6m29mc4rh
S6rWT2uX79+HEQ==
-----END CERTIFICATE-----