Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          877UU6ICrqcXYX2o1/5rKaklu4cb6oaV2qSWtjfNqXk=
Subject key identifier:   67:4D:0A:35:0C:71:7E:19:DC:44:5C:CC:4D:3A:7E:BE:20:39:5B:AF
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       0198D66032F79C21F5FE7C8B8055A0E2BD62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0962
Signing time:             Sat 23 Aug 2025 10:01:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:25 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: /9tEnMC+RMJ/Tds/g1T/Em5ReZXe2I7Szi8NXPOAhwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:32:f7:9c:21:f5:fe:7c:8b:80:55:a0:e2:bd:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Aug 23 10:01:25 2025 GMT
            Not After : Aug 24 10:01:25 2025 GMT
        Subject: CN=674d0a350c717e19dc445ccc4d3a7ebe20395baf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:79:77:03:0b:41:93:ec:07:07:f5:63:ac:53:
                    0f:67:1b:5a:5c:09:53:fe:6c:75:84:86:42:5b:f2:
                    ca:96:b7:7d:86:3c:3e:e2:c7:4f:25:47:cf:f5:c8:
                    04:ee:cb:12:0a:6a:94:e7:d1:3f:bf:77:a3:7f:9a:
                    76:ad:47:5a:bc:c1:b1:0c:8f:8b:6c:ab:2c:b4:ee:
                    34:63:f2:df:99:1b:b7:2d:59:ff:6e:a1:18:55:7f:
                    24:04:ac:c1:25:6f:50:36:d8:7c:2e:e5:40:64:db:
                    f4:12:54:19:b0:12:26:52:4f:d3:46:92:87:0e:91:
                    fd:a1:8b:8b:ae:1d:3f:1e:75:c8:0c:68:52:69:27:
                    56:ec:fc:1f:c7:ba:39:e5:0e:fa:a3:de:d4:0e:8b:
                    2e:31:25:3d:d6:7a:8c:86:60:14:e4:71:cb:f9:58:
                    cb:83:1c:9c:7e:df:43:12:c6:e2:2d:6a:e0:2d:4c:
                    21:fd:2d:bc:78:d4:09:b1:2f:1e:8a:1b:7a:cb:4e:
                    2d:14:fa:50:52:7c:c3:66:7d:27:41:e3:dd:bc:2b:
                    f9:b3:1b:84:56:89:ca:6e:33:4e:54:fe:0b:dd:65:
                    60:9a:6e:d9:89:ab:d7:1d:5c:8f:e6:1f:ea:65:7f:
                    cb:58:27:d3:78:0d:c6:96:8b:9c:8a:a9:c8:c9:a0:
                    23:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:4D:0A:35:0C:71:7E:19:DC:44:5C:CC:4D:3A:7E:BE:20:39:5B:AF
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:53:1c:2a:55:a5:29:db:c8:48:a8:ea:63:38:59:fb:de:a5:
         40:fb:ed:92:c6:ac:4c:48:a5:97:3b:97:4e:61:8c:d7:bd:9c:
         4b:d8:88:4f:30:4b:53:e7:79:36:7b:7c:d2:e9:14:6d:6e:00:
         64:d3:29:92:e3:d4:26:a4:db:e4:7b:6d:78:2d:14:7d:17:eb:
         cb:68:09:0e:30:28:d7:b9:66:68:69:83:af:40:7a:55:ee:da:
         46:c4:a4:8e:4e:f5:e7:c3:73:d4:60:e3:dc:24:c5:63:48:ae:
         ec:ea:ed:9b:d3:16:78:5a:2b:67:c5:28:b8:9d:89:b9:a1:f2:
         6f:23:8b:0e:dc:7c:64:d4:87:bb:93:d5:0f:a1:63:27:29:b2:
         bb:f5:1f:c4:cb:65:f8:83:6a:b7:90:4b:11:cd:06:28:e1:2b:
         fb:55:93:eb:98:47:ea:05:a9:79:77:ea:0a:9d:8b:38:51:52:
         ba:29:cd:37:0e:b3:ea:4d:de:7e:63:0c:36:fa:e1:9a:80:bd:
         45:2f:53:8a:51:1d:80:e3:32:82:8b:bc:52:02:61:dc:d0:c9:
         7b:54:46:b2:14:03:9b:39:5b:86:2f:46:3f:51:fb:1c:99:56:
         33:a1:d3:87:61:33:58:6a:42:6a:19:87:2c:bd:94:fd:c2:cd:
         31:c5:ea:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDL3nCH1/nyLgFWg4r1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwODIzMTAwMTI1WhcNMjUwODI0MTAwMTI1WjAzMTEwLwYDVQQD
Eyg2NzRkMGEzNTBjNzE3ZTE5ZGM0NDVjY2M0ZDNhN2ViZTIwMzk1YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hl3AwtBk+wHB/VjrFMPZxtaXAlT
/mx1hIZCW/LKlrd9hjw+4sdPJUfP9cgE7ssSCmqU59E/v3ejf5p2rUdavMGxDI+L
bKsstO40Y/LfmRu3LVn/bqEYVX8kBKzBJW9QNth8LuVAZNv0ElQZsBImUk/TRpKH
DpH9oYuLrh0/HnXIDGhSaSdW7Pwfx7o55Q76o97UDosuMSU91nqMhmAU5HHL+VjL
gxycft9DEsbiLWrgLUwh/S28eNQJsS8eiht6y04tFPpQUnzDZn0nQePdvCv5sxuE
VonKbjNOVP4L3WVgmm7ZiavXHVyP5h/qZX/LWCfTeA3GlouciqnIyaAjKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdNCjUMcX4Z3ERczE06fr4gOVuvMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPFMcKlWl
KdvISKjqYzhZ+96lQPvtksasTEillzuXTmGM172cS9iITzBLU+d5Nnt80ukUbW4A
ZNMpkuPUJqTb5HtteC0UfRfry2gJDjAo17lmaGmDr0B6Ve7aRsSkjk7158Nz1GDj
3CTFY0iu7Ortm9MWeForZ8UouJ2JuaHybyOLDtx8ZNSHu5PVD6FjJymyu/UfxMtl
+INqt5BLEc0GKOEr+1WT65hH6gWpeXfqCp2LOFFSuinNNw6z6k3efmMMNvrhmoC9
RS9TilEdgOMygou8UgJh3NDJe1RGshQDmzlbhi9GP1H7HJlWM6HTh2EzWGpCahmH
LL2U/cLNMcXq9Q==
-----END CERTIFICATE-----