Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          RBTgwdJTLtkmA4DpqK9tj3XT6sc/ZqaMmk555NdlTys=
Subject key identifier:   00:E5:98:9D:03:25:31:4D:BD:25:F4:50:38:09:48:D6:4B:7F:24:F0
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       0198D5F1965A7DD836B0A3130AC42C6C4F57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          04F5
Signing time:             Sat 23 Aug 2025 08:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:36 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: DMWZZ5jxNKsu7enDRZM9hhp2+SEn4qbSH+VFg8iCApE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:96:5a:7d:d8:36:b0:a3:13:0a:c4:2c:6c:4f:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Aug 23 08:00:36 2025 GMT
            Not After : Aug 24 08:00:36 2025 GMT
        Subject: CN=00e5989d0325314dbd25f450380948d64b7f24f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:72:e2:08:9b:7a:23:8e:59:e9:2d:46:73:ea:
                    26:ca:0f:57:23:61:27:d0:38:77:51:e6:d7:fd:36:
                    8c:80:92:7f:e8:e7:f8:03:99:7d:84:01:cb:0b:a1:
                    6e:a8:ef:42:66:59:ac:d3:17:2b:08:6b:df:36:da:
                    c7:74:ad:c6:d3:a8:87:27:00:2d:5d:b1:ab:af:e5:
                    56:6c:ad:af:9e:f0:2a:56:3e:69:4b:9a:d0:19:71:
                    d8:e0:5c:fe:2d:62:77:14:aa:cf:63:90:48:4c:ae:
                    64:62:97:a7:49:ba:43:8a:bf:ea:47:85:c3:42:43:
                    20:69:17:8e:bb:5e:cd:78:fc:db:25:2e:cd:88:3f:
                    eb:7e:14:2f:2f:a2:12:ff:59:66:33:52:1a:4a:ff:
                    b4:e6:57:0c:7b:76:19:65:19:f2:14:ee:66:56:32:
                    96:92:db:cb:8e:31:43:02:19:d8:f7:39:d4:f8:f5:
                    ff:ea:3f:d3:d7:03:0b:10:99:73:d1:d3:ec:a2:a8:
                    cd:6a:9b:0c:ad:cc:8b:36:9c:66:e7:c7:53:7a:11:
                    cc:85:aa:9b:af:54:6f:b8:51:82:35:9e:db:dc:4a:
                    3f:af:ba:b5:2e:2a:f8:34:f5:99:f4:f9:4d:57:19:
                    2f:27:be:2a:07:24:47:57:70:6b:08:01:91:71:21:
                    b9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E5:98:9D:03:25:31:4D:BD:25:F4:50:38:09:48:D6:4B:7F:24:F0
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:23:c8:d8:b5:bd:7e:8d:84:8a:d3:07:5f:25:05:2b:02:38:
         8d:16:f1:1d:cf:9f:62:b1:f3:ab:7d:b8:2a:d8:ea:84:60:71:
         6c:66:a6:8a:78:87:50:ce:2f:d7:18:41:d6:e3:45:28:18:6a:
         8b:9e:84:b9:2e:45:da:e8:83:c5:e6:9f:c3:0c:46:f2:93:01:
         53:bd:2f:46:8e:94:b0:52:46:be:89:a1:9f:13:cd:2f:fa:eb:
         2f:f7:e0:03:f0:27:da:44:fc:12:62:03:97:35:40:2d:44:9b:
         44:4c:c5:9b:e6:c8:69:b4:c8:66:9d:7d:6e:da:0b:49:2d:7d:
         e9:f5:ed:57:9a:f2:8e:53:d1:bc:cc:82:dc:51:67:b6:55:e3:
         30:4a:0d:c0:ec:bb:e2:f7:db:94:4d:da:8e:b7:72:1c:ef:9b:
         e7:4b:cc:ce:b9:f1:40:fe:10:1b:f2:b8:67:1d:49:02:7d:a3:
         6f:16:d0:4d:6c:18:3f:b8:5d:b0:0a:28:1e:0b:33:e5:33:ae:
         ae:54:df:b0:1e:b1:34:97:be:b1:27:36:5f:f6:42:e1:3a:e6:
         ad:48:3e:4b:54:36:df:6b:bb:8b:31:d2:19:f1:0d:47:4d:df:
         18:2c:d0:67:82:c3:fd:1c:07:df:04:58:60:68:f4:b5:29:5c:
         b8:c5:dd:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8ZZafdg2sKMTCsQsbE9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwODIzMDgwMDM2WhcNMjUwODI0MDgwMDM2WjAzMTEwLwYDVQQD
EygwMGU1OTg5ZDAzMjUzMTRkYmQyNWY0NTAzODA5NDhkNjRiN2YyNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3LiCJt6I45Z6S1Gc+omyg9XI2En
0Dh3UebX/TaMgJJ/6Of4A5l9hAHLC6FuqO9CZlms0xcrCGvfNtrHdK3G06iHJwAt
XbGrr+VWbK2vnvAqVj5pS5rQGXHY4Fz+LWJ3FKrPY5BITK5kYpenSbpDir/qR4XD
QkMgaReOu17NePzbJS7NiD/rfhQvL6IS/1lmM1IaSv+05lcMe3YZZRnyFO5mVjKW
ktvLjjFDAhnY9znU+PX/6j/T1wMLEJlz0dPsoqjNapsMrcyLNpxm58dTehHMhaqb
r1RvuFGCNZ7b3Eo/r7q1Lir4NPWZ9PlNVxkvJ74qByRHV3BrCAGRcSG5gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADlmJ0DJTFNvSX0UDgJSNZLfyTwMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEyPI2LW9
fo2EitMHXyUFKwI4jRbxHc+fYrHzq324KtjqhGBxbGaminiHUM4v1xhB1uNFKBhq
i56EuS5F2uiDxeafwwxG8pMBU70vRo6UsFJGvomhnxPNL/rrL/fgA/An2kT8EmID
lzVALUSbREzFm+bIabTIZp19btoLSS196fXtV5ryjlPRvMyC3FFntlXjMEoNwOy7
4vfblE3ajrdyHO+b50vMzrnxQP4QG/K4Zx1JAn2jbxbQTWwYP7hdsAooHgsz5TOu
rlTfsB6xNJe+sSc2X/ZC4TrmrUg+S1Q232u7izHSGfENR03fGCzQZ4LD/RwH3wRY
YGj0tSlcuMXd8A==
-----END CERTIFICATE-----