Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
File:                     PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json)
Hash identifier:          xVwnPowhkqkdSxCQb4z88LH6MZe1dxbSni33F3dteDA=
Subject key identifier:   CC:1C:F8:B7:0F:BF:45:DC:F2:D9:2A:0E:16:A3:46:33:A0:F1:8E:F8
Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6
Certificate issuer:       /CN=3c59555ec232826c7dd6d9a926b53602837949f6
Certificate serial:       0197BFDA9C85A36C83D0E4584BECD8695A8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
Manifest number:          016E
Signing time:             Mon 30 Jun 2025 08:01:04 +0000
Manifest this update:     Mon 30 Jun 2025 08:01:04 +0000
Manifest next update:     Tue 01 Jul 2025 08:01:04 +0000
Files and hashes:         1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: v+haEXhwEvOrZEwlzivKvfEd/tIensWNzkb8BusUtNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bf:da:9c:85:a3:6c:83:d0:e4:58:4b:ec:d8:69:5a:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6
        Validity
            Not Before: Jun 30 08:01:04 2025 GMT
            Not After : Jul  1 08:01:04 2025 GMT
        Subject: CN=cc1cf8b70fbf45dcf2d92a0e16a34633a0f18ef8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:97:e3:67:47:56:54:ea:2f:dd:3e:aa:28:e6:
                    08:57:3e:29:90:2d:41:71:52:50:5d:3d:53:52:6c:
                    9f:37:9d:a6:5b:f0:61:03:55:31:ef:a5:df:fa:38:
                    a3:5b:23:f3:8a:a2:a5:79:be:ae:2e:bc:37:6e:a7:
                    b9:85:8b:02:b7:c0:b1:b2:4f:bf:6e:86:71:5b:75:
                    df:14:a0:42:db:d0:80:84:b1:e1:43:07:e4:81:b7:
                    82:57:4d:b3:f8:8d:b0:1a:38:6d:a2:54:2d:e8:2c:
                    95:be:c7:86:52:94:08:0c:ed:2e:eb:40:85:5e:48:
                    51:16:d0:07:56:fe:7d:d1:57:62:d4:46:e9:66:7e:
                    c8:57:16:e0:a0:9a:05:af:28:2b:33:da:9e:9f:29:
                    5f:ab:50:6d:b4:06:2e:87:62:47:62:5d:d3:05:6e:
                    22:a8:43:52:94:b0:19:5d:af:fd:59:9a:f5:b4:70:
                    47:86:0c:01:c6:82:9a:b3:9e:99:83:fb:06:86:72:
                    b9:de:36:6f:71:d2:c5:e6:10:f2:13:f2:af:02:93:
                    7f:08:42:14:e0:49:43:a0:34:28:26:53:d5:ce:ca:
                    6f:ae:ac:79:ab:cf:76:36:c9:6f:b6:49:f4:f3:97:
                    2f:1d:32:a4:37:bb:0e:ee:7a:a6:f9:41:4c:3b:01:
                    89:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:1C:F8:B7:0F:BF:45:DC:F2:D9:2A:0E:16:A3:46:33:A0:F1:8E:F8
            X509v3 Authority Key Identifier:
                keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:8b:90:a6:da:72:90:d2:39:d6:6a:8f:00:f8:e1:df:c8:51:
         65:13:44:bd:67:f4:cb:f9:d9:ae:0a:fa:75:43:d3:30:80:32:
         82:14:08:11:69:36:f8:bc:42:4b:31:54:5e:75:8c:df:56:8c:
         3a:91:65:d4:0e:55:b6:5a:39:9e:9d:21:ab:3d:c0:64:21:4c:
         66:78:23:ad:3e:df:21:99:b0:91:1e:b3:9e:6a:66:1b:b7:0c:
         bf:38:98:15:d6:3f:45:0b:98:f2:7d:b1:e3:8f:fb:1e:ed:37:
         8d:5d:05:90:84:36:2f:80:66:97:57:2e:e3:0f:57:07:15:e3:
         52:2a:3b:a8:1e:86:06:a9:38:84:85:12:2e:c9:6c:5b:90:3b:
         38:1e:66:d9:aa:1f:fe:43:e7:41:c4:c0:1c:00:b8:66:27:71:
         e0:8c:e2:ae:f1:8e:e7:f0:78:c4:cd:30:f9:34:56:bc:65:e7:
         49:19:f7:be:45:f2:3f:03:ff:a2:f0:c2:95:6f:9a:e3:df:35:
         86:12:af:70:1e:e3:89:b0:23:48:32:fc:6b:76:2c:36:2b:95:
         4a:5a:67:7b:11:e5:8e:83:07:e7:4c:e2:d1:4d:9e:2c:6f:b0:
         cc:b9:20:eb:2c:46:cf:9e:a5:3f:e6:b2:91:fc:ea:49:17:71:
         fc:72:c7:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/2pyFo2yD0ORYS+zYaVqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3
OTQ5ZjYwHhcNMjUwNjMwMDgwMTA0WhcNMjUwNzAxMDgwMTA0WjAzMTEwLwYDVQQD
EyhjYzFjZjhiNzBmYmY0NWRjZjJkOTJhMGUxNmEzNDYzM2EwZjE4ZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5fjZ0dWVOov3T6qKOYIVz4pkC1B
cVJQXT1TUmyfN52mW/BhA1Ux76Xf+jijWyPziqKleb6uLrw3bqe5hYsCt8Cxsk+/
boZxW3XfFKBC29CAhLHhQwfkgbeCV02z+I2wGjhtolQt6CyVvseGUpQIDO0u60CF
XkhRFtAHVv590Vdi1EbpZn7IVxbgoJoFrygrM9qenylfq1BttAYuh2JHYl3TBW4i
qENSlLAZXa/9WZr1tHBHhgwBxoKas56Zg/sGhnK53jZvcdLF5hDyE/KvApN/CEIU
4ElDoDQoJlPVzspvrqx5q892Nslvtkn085cvHTKkN7sO7nqm+UFMOwGJwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwc+LcPv0Xc8tkqDhajRjOg8Y74MB8GA1UdIwQY
MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt
OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5
LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt4uQptpy
kNI51mqPAPjh38hRZRNEvWf0y/nZrgr6dUPTMIAyghQIEWk2+LxCSzFUXnWM31aM
OpFl1A5Vtlo5np0hqz3AZCFMZngjrT7fIZmwkR6znmpmG7cMvziYFdY/RQuY8n2x
44/7Hu03jV0FkIQ2L4Bml1cu4w9XBxXjUio7qB6GBqk4hIUSLslsW5A7OB5m2aof
/kPnQcTAHAC4Zidx4IzirvGO5/B4xM0w+TRWvGXnSRn3vkXyPwP/ovDClW+a4981
hhKvcB7jibAjSDL8a3YsNiuVSlpnexHljoMH50zi0U2eLG+wzLkg6yxGz56lP+ay
kfzqSRdx/HLH8w==
-----END CERTIFICATE-----