Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          xMzG4EQF93Rm6KM1VpwUEbKG/0sUPdUxrgxEjhu3XZU=
Subject key identifier:   BB:90:45:38:10:35:94:6B:FB:F3:60:2C:3D:FB:0F:0E:40:E1:3A:72
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       0196C7285ED145CCBA7C8E7C9A249764EB5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0851
Signing time:             Tue 13 May 2025 01:00:33 +0000
Manifest this update:     Tue 13 May 2025 01:00:33 +0000
Manifest next update:     Wed 14 May 2025 01:00:33 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: FkEx3RVwP7zYnOkqAbIXO+Xc0knLUg6M6a9iaFRa0V8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:28:5e:d1:45:cc:ba:7c:8e:7c:9a:24:97:64:eb:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: May 13 01:00:33 2025 GMT
            Not After : May 14 01:00:33 2025 GMT
        Subject: CN=bb9045381035946bfbf3602c3dfb0f0e40e13a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a6:d6:e1:76:b0:89:93:4c:07:be:94:db:aa:
                    d9:11:44:2f:a7:28:62:f3:1d:0e:25:48:33:a6:ed:
                    2b:6a:1e:97:d4:ed:d7:ff:53:74:be:10:64:25:aa:
                    b5:c3:be:c2:89:79:41:c5:9e:3b:0a:c0:c7:26:b8:
                    de:7e:91:cc:ff:28:e1:b3:24:43:34:0c:cf:34:8f:
                    fb:db:99:e3:ae:4e:f2:1a:a3:98:03:50:03:d1:e4:
                    29:7f:40:e7:fe:0d:cb:48:89:ea:30:55:cb:68:98:
                    03:55:a0:c9:3e:a9:f2:35:a8:5c:2c:b6:aa:9b:9a:
                    00:df:48:8c:9f:3d:54:f6:9b:32:7f:f7:73:d8:36:
                    1a:ef:89:d6:62:d4:66:de:40:2d:fe:b1:9c:41:36:
                    95:7f:87:05:05:76:d1:76:fc:84:d7:b4:9b:78:7d:
                    50:5e:2c:d2:98:e9:d2:82:e3:7b:82:b4:ce:d9:2c:
                    5e:c9:2d:1b:02:b3:7c:b2:15:a0:c1:17:37:fa:15:
                    e0:cb:3b:db:de:fb:b6:99:be:93:bf:b8:47:3f:8e:
                    71:dc:9b:ac:b5:2b:33:32:46:b9:7f:1e:f3:cf:9f:
                    e3:32:0b:16:8a:6e:41:1a:fe:99:eb:f6:fe:0c:16:
                    22:ae:c0:c8:bd:7d:c3:32:8d:3e:05:cd:f4:f6:5b:
                    f8:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:90:45:38:10:35:94:6B:FB:F3:60:2C:3D:FB:0F:0E:40:E1:3A:72
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:4e:7c:4a:e1:74:ba:0f:8c:8a:09:6f:e7:83:37:7b:54:a4:
         78:b1:21:f8:1c:d8:7c:03:a4:0e:d7:77:ff:4a:40:97:4b:3f:
         26:36:6a:08:80:73:4b:81:cf:5d:0e:99:67:34:6e:d5:91:4f:
         c2:d0:8c:49:07:e2:c6:3f:0f:eb:63:34:ad:35:e0:ed:06:50:
         4e:df:da:20:e2:a1:bc:8b:b8:4e:64:e5:0f:03:c9:2c:eb:1c:
         09:7b:e6:7a:e1:6b:25:b9:44:c1:a1:08:e6:ef:fc:e0:70:f0:
         d6:6c:c4:db:c9:db:28:ed:5c:60:74:2a:97:8a:d4:3b:60:a1:
         38:e6:67:4a:b0:92:63:88:b5:d8:9a:2c:ae:b4:af:13:f8:5d:
         12:7d:60:fe:c6:f4:1f:9d:93:37:88:ee:1a:fc:6f:fe:71:40:
         22:62:5f:b9:49:27:ca:5f:61:ad:64:97:73:12:32:64:13:f9:
         5a:7c:28:bc:4f:ea:a1:ca:47:a5:04:7a:cb:01:bb:35:01:33:
         ad:35:ac:88:96:b0:2e:ea:49:08:17:e7:f5:c0:65:b0:99:2a:
         01:db:93:84:18:01:7f:f4:6b:c0:78:be:fd:8a:ac:c6:6d:83:
         cf:55:55:96:74:38:e3:f7:d4:f3:bd:a0:82:4e:b2:7b:26:32:
         39:59:9b:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKF7RRcy6fI58miSXZOtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjUwNTEzMDEwMDMzWhcNMjUwNTE0MDEwMDMzWjAzMTEwLwYDVQQD
EyhiYjkwNDUzODEwMzU5NDZiZmJmMzYwMmMzZGZiMGYwZTQwZTEzYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6bW4XawiZNMB76U26rZEUQvpyhi
8x0OJUgzpu0rah6X1O3X/1N0vhBkJaq1w77CiXlBxZ47CsDHJrjefpHM/yjhsyRD
NAzPNI/725njrk7yGqOYA1AD0eQpf0Dn/g3LSInqMFXLaJgDVaDJPqnyNahcLLaq
m5oA30iMnz1U9psyf/dz2DYa74nWYtRm3kAt/rGcQTaVf4cFBXbRdvyE17SbeH1Q
XizSmOnSguN7grTO2SxeyS0bArN8shWgwRc3+hXgyzvb3vu2mb6Tv7hHP45x3Jus
tSszMka5fx7zz5/jMgsWim5BGv6Z6/b+DBYirsDIvX3DMo0+Bc309lv4xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuQRTgQNZRr+/NgLD37Dw5A4TpyMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsU58SuF0
ug+Miglv54M3e1SkeLEh+BzYfAOkDtd3/0pAl0s/JjZqCIBzS4HPXQ6ZZzRu1ZFP
wtCMSQfixj8P62M0rTXg7QZQTt/aIOKhvIu4TmTlDwPJLOscCXvmeuFrJblEwaEI
5u/84HDw1mzE28nbKO1cYHQql4rUO2ChOOZnSrCSY4i12JosrrSvE/hdEn1g/sb0
H52TN4juGvxv/nFAImJfuUknyl9hrWSXcxIyZBP5WnwovE/qocpHpQR6ywG7NQEz
rTWsiJawLupJCBfn9cBlsJkqAduThBgBf/RrwHi+/Yqsxm2Dz1VVlnQ44/fU872g
gk6yeyYyOVmbSg==
-----END CERTIFICATE-----