Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
File:                     PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft (raw, json)
Hash identifier:          abrI67/CkyND+dr6qKZRixNxOAqwLB3tzlAVjF6LFcI=
Subject key identifier:   92:4B:83:24:C3:2A:A9:20:C0:E8:A9:CA:F4:E4:FF:F2:A9:47:7E:59
Authority key identifier: 3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A
Certificate issuer:       /CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
Certificate serial:       0197B74584C59BE2FD409F82E36A50EC7C8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 16:01:15 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:15 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:15 +0000
Files and hashes:         1: PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl (hash: MzvwsPH4TQLeBtUUt3lhj7FsLrPInTpZsmBmv9XA4v8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:84:c5:9b:e2:fd:40:9f:82:e3:6a:50:ec:7c:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
        Validity
            Not Before: Jun 28 16:01:15 2025 GMT
            Not After : Jun 29 16:01:15 2025 GMT
        Subject: CN=924b8324c32aa920c0e8a9caf4e4fff2a9477e59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bd:69:00:8e:92:b5:a2:36:83:ce:e4:e3:e5:
                    b7:5d:ca:b6:c5:f3:f9:c3:9b:6f:82:5e:0c:21:ce:
                    1e:d2:04:7a:87:56:8b:30:47:a5:28:0a:91:27:c3:
                    4a:99:68:09:0a:7b:0c:70:02:7e:cb:ee:e6:94:94:
                    71:9c:ca:32:ec:ca:5c:9e:48:34:5a:1f:18:12:cd:
                    d1:98:27:05:90:b7:ca:34:ed:12:f1:8d:2c:0b:89:
                    c7:0e:e0:55:81:25:d2:9b:7b:5f:d8:d6:ff:5e:78:
                    f8:df:b2:63:a9:a9:aa:d6:25:22:6a:cc:ee:31:07:
                    08:00:ca:72:5f:4d:f1:48:b0:32:64:e5:24:f6:b0:
                    36:d5:59:12:17:12:90:a3:0e:29:29:c9:39:c8:77:
                    65:d8:8d:79:43:dc:ad:e0:fc:c6:88:4e:bd:a6:b1:
                    ed:9a:df:6f:3b:f1:21:01:19:e1:3d:17:74:2b:bb:
                    e4:ce:49:7d:7f:71:53:8f:dd:44:c1:31:90:62:67:
                    90:62:18:f8:3d:cb:5a:b7:10:e9:89:d9:52:3c:ee:
                    24:ba:71:f2:66:4d:6a:94:43:5f:0d:06:47:87:84:
                    25:1f:92:89:ca:bc:0c:64:db:94:73:f9:f6:a2:e2:
                    27:07:b2:36:92:2e:76:a8:30:ae:32:e9:12:ba:4a:
                    69:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:4B:83:24:C3:2A:A9:20:C0:E8:A9:CA:F4:E4:FF:F2:A9:47:7E:59
            X509v3 Authority Key Identifier:
                keyid:3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:da:8f:b4:c8:f1:fa:b5:09:83:a0:ff:5a:d3:24:c9:7a:62:
         96:0a:7c:f0:c6:8b:32:14:59:0d:ca:c2:6f:33:ab:c9:61:cd:
         85:43:c5:5c:61:7d:93:26:1e:3f:18:1d:29:47:52:e9:d3:f6:
         04:55:7a:92:62:27:46:19:ce:06:cd:bd:96:ee:99:f2:35:07:
         3c:3b:b9:37:12:45:1f:38:dc:a8:5b:85:e5:00:d4:59:d6:74:
         e1:53:9f:b4:fc:5d:96:83:37:4e:4b:37:12:2e:73:82:08:c5:
         cd:ac:f5:1d:75:ec:82:8c:06:51:29:b2:ba:8e:20:12:42:bb:
         53:32:68:06:6e:14:72:b4:1d:72:8e:e0:17:88:36:6b:0b:9e:
         c6:2a:62:1c:84:1d:3f:cc:4e:08:68:3c:38:52:28:f2:26:84:
         4f:d0:8a:84:9c:14:46:cf:03:26:90:36:d1:5b:8d:54:77:5d:
         4a:23:4a:d1:0b:39:f0:5b:a7:77:63:c5:08:23:8d:82:ad:d2:
         a6:fb:8a:f8:7d:3a:fb:19:9a:11:2a:eb:e2:33:99:03:00:d7:
         25:8a:14:c7:85:f6:2e:cb:51:b7:9a:f9:26:ff:2c:f7:c5:26:
         f5:8d:2d:ab:21:57:23:9c:86:2f:0e:be:62:e2:e3:1d:4f:3c:
         b8:90:3f:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RYTFm+L9QJ+C42pQ7HyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjNhYjczMDUzMDQ3OTJkYzJjZTgxNzgwYjVkYjg4OWQ4
ZjdmM2EwHhcNMjUwNjI4MTYwMTE1WhcNMjUwNjI5MTYwMTE1WjAzMTEwLwYDVQQD
Eyg5MjRiODMyNGMzMmFhOTIwYzBlOGE5Y2FmNGU0ZmZmMmE5NDc3ZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr1pAI6StaI2g87k4+W3Xcq2xfP5
w5tvgl4MIc4e0gR6h1aLMEelKAqRJ8NKmWgJCnsMcAJ+y+7mlJRxnMoy7Mpcnkg0
Wh8YEs3RmCcFkLfKNO0S8Y0sC4nHDuBVgSXSm3tf2Nb/Xnj437Jjqamq1iUiaszu
MQcIAMpyX03xSLAyZOUk9rA21VkSFxKQow4pKck5yHdl2I15Q9yt4PzGiE69prHt
mt9vO/EhARnhPRd0K7vkzkl9f3FTj91EwTGQYmeQYhj4PctatxDpidlSPO4kunHy
Zk1qlENfDQZHh4QlH5KJyrwMZNuUc/n2ouInB7I2ki52qDCuMukSukppMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJLgyTDKqkgwOipyvTk//KpR35ZMB8GA1UdIwQY
MBaAFD8jq3MFMEeS3CzoF4C124idj386MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzIt
NjAwMzNkNWIwM2JiLzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzItNjAwMzNkNWIwM2Ji
LzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNqPtMjx
+rUJg6D/WtMkyXpilgp88MaLMhRZDcrCbzOryWHNhUPFXGF9kyYePxgdKUdS6dP2
BFV6kmInRhnOBs29lu6Z8jUHPDu5NxJFHzjcqFuF5QDUWdZ04VOftPxdloM3Tks3
Ei5zggjFzaz1HXXsgowGUSmyuo4gEkK7UzJoBm4UcrQdco7gF4g2awuexipiHIQd
P8xOCGg8OFIo8iaET9CKhJwURs8DJpA20VuNVHddSiNK0Qs58Fund2PFCCONgq3S
pvuK+H06+xmaESrr4jOZAwDXJYoUx4X2LstRt5r5Jv8s98Um9Y0tqyFXI5yGLw6+
YuLjHU88uJA/6A==
-----END CERTIFICATE-----