Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          2DqkrXAGfsCxQ3Tkj3CRxO/3qcCMhtBoHlQw9Voc7/4=
Subject key identifier:   6E:4A:70:58:F0:57:32:8D:3D:3D:EF:33:EF:E9:F9:17:32:A5:94:A8
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       0198D65FDA3702ACD64480F23AB2F5F89F2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:01:02 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:02 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:02 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: PICnVSDtfXtaDbb1QUlrsZXR6hEUYeco6+FeUFJEXjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:da:37:02:ac:d6:44:80:f2:3a:b2:f5:f8:9f:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Aug 23 10:01:02 2025 GMT
            Not After : Aug 24 10:01:02 2025 GMT
        Subject: CN=6e4a7058f057328d3d3def33efe9f91732a594a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7a:0e:14:d6:b6:f3:84:cc:1e:ff:3d:05:ba:
                    5c:1c:e3:d2:40:db:3a:fc:29:15:d9:92:d2:bc:4e:
                    92:a6:10:ad:da:27:d2:a7:c5:15:45:c5:14:c2:15:
                    1d:86:bf:c3:92:6a:e9:90:79:1d:f2:97:84:06:cf:
                    3d:fe:48:73:c2:9d:93:85:66:83:3c:b1:02:b0:e9:
                    6b:9e:5e:9f:9c:8d:d1:6a:bd:20:b4:09:26:d3:46:
                    46:93:e6:4b:0e:77:5c:02:4a:c1:d2:6d:7a:ff:c6:
                    54:89:1a:45:45:f9:7a:67:c6:73:fb:1c:fb:e0:0c:
                    45:35:49:6a:38:93:3b:77:ce:5b:10:4c:c2:02:af:
                    07:e8:5a:fa:56:96:96:d5:e5:6f:1a:50:d8:93:ad:
                    32:f4:60:0f:6d:d9:7f:57:80:a7:56:a3:45:11:27:
                    be:2a:94:46:71:77:cd:d9:09:9e:25:9f:fc:58:31:
                    59:d1:69:31:89:f7:90:4e:fd:25:5c:34:2b:02:5b:
                    68:38:ff:8e:6b:de:ba:4c:a9:7d:39:d7:c3:97:56:
                    ae:44:7f:02:1e:73:78:3b:7b:93:7b:26:e2:1d:7c:
                    e4:87:92:dd:28:7b:95:e1:8d:01:d9:73:39:29:88:
                    de:63:35:10:18:8f:c9:de:39:42:77:c6:d5:5d:64:
                    2e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:4A:70:58:F0:57:32:8D:3D:3D:EF:33:EF:E9:F9:17:32:A5:94:A8
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:a6:3a:9f:c1:18:db:94:50:1a:54:5d:72:7e:f2:5e:db:fd:
         5e:7c:78:3a:ef:21:6b:8d:9d:1f:2d:7c:51:c9:e2:bf:88:25:
         86:6b:7e:37:38:37:3a:72:1a:1a:af:50:eb:35:07:d3:87:b4:
         8c:84:3a:91:88:24:18:e1:7b:1d:cb:4b:13:29:bc:36:e1:66:
         ef:69:24:20:96:c2:f5:96:d1:19:52:1d:cd:02:4c:9e:90:57:
         77:f2:47:20:cc:d5:e4:27:5e:fe:b3:4f:ca:94:0b:e5:e8:87:
         63:6c:1d:1f:e4:b6:e7:c1:1a:6b:78:9d:f2:f1:73:18:52:e7:
         48:93:38:67:ee:63:d8:b4:8e:3c:ac:30:ea:6b:75:de:48:3d:
         91:e2:97:7b:c8:9e:4d:b5:ed:01:fb:d9:54:c8:2a:00:91:06:
         29:dc:b7:1a:33:f5:0b:62:33:bf:3b:ac:9f:82:c1:50:cc:e1:
         cf:81:35:7f:b9:e0:fa:1a:95:be:09:e2:d1:f0:be:81:49:8a:
         cb:7e:3a:4a:41:67:85:5c:84:e6:7c:b0:28:73:75:cb:d3:d0:
         2a:95:a1:fc:ef:21:b5:4a:1f:b4:8e:48:f2:29:e1:e5:5c:11:
         65:4d:7b:37:c8:21:44:f6:cb:88:98:98:51:a1:54:00:d8:8b:
         bb:61:48:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX9o3AqzWRIDyOrL1+J8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwODIzMTAwMTAyWhcNMjUwODI0MTAwMTAyWjAzMTEwLwYDVQQD
Eyg2ZTRhNzA1OGYwNTczMjhkM2QzZGVmMzNlZmU5ZjkxNzMyYTU5NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHoOFNa284TMHv89BbpcHOPSQNs6
/CkV2ZLSvE6SphCt2ifSp8UVRcUUwhUdhr/DkmrpkHkd8peEBs89/khzwp2ThWaD
PLECsOlrnl6fnI3Rar0gtAkm00ZGk+ZLDndcAkrB0m16/8ZUiRpFRfl6Z8Zz+xz7
4AxFNUlqOJM7d85bEEzCAq8H6Fr6VpaW1eVvGlDYk60y9GAPbdl/V4CnVqNFESe+
KpRGcXfN2QmeJZ/8WDFZ0WkxifeQTv0lXDQrAltoOP+Oa966TKl9OdfDl1auRH8C
HnN4O3uTeybiHXzkh5LdKHuV4Y0B2XM5KYjeYzUQGI/J3jlCd8bVXWQulQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5KcFjwVzKNPT3vM+/p+RcypZSoMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKY6n8EY
25RQGlRdcn7yXtv9Xnx4Ou8ha42dHy18Ucniv4glhmt+Nzg3OnIaGq9Q6zUH04e0
jIQ6kYgkGOF7HctLEym8NuFm72kkIJbC9ZbRGVIdzQJMnpBXd/JHIMzV5Cde/rNP
ypQL5eiHY2wdH+S258Eaa3id8vFzGFLnSJM4Z+5j2LSOPKww6mt13kg9keKXe8ie
TbXtAfvZVMgqAJEGKdy3GjP1C2Izvzusn4LBUMzhz4E1f7ng+hqVvgni0fC+gUmK
y346SkFnhVyE5nywKHN1y9PQKpWh/O8htUoftI5I8inh5VwRZU17N8ghRPbLiJiY
UaFUANiLu2FI2w==
-----END CERTIFICATE-----