Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.mft
File:                     PpeXKwFXszTha_kfKifuDi3BOag.mft (raw, json)
Hash identifier:          EnFy/x65i8nv1TSsKXzapmUd5ag2lrO3dyo/3fRgDR4=
Subject key identifier:   E4:69:61:AE:B0:D3:F5:20:9B:27:E5:DB:54:83:77:97:E3:12:A6:F9
Authority key identifier: 3E:97:97:2B:01:57:B3:34:E1:6B:F9:1F:2A:27:EE:0E:2D:C1:39:A8
Certificate issuer:       /CN=3e97972b0157b334e16bf91f2a27ee0e2dc139a8
Certificate serial:       0197B7B2E6D0BBE5A4BF6C4C0461E23E8545
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PpeXKwFXszTha_kfKifuDi3BOag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.mft
Manifest number:          0223
Signing time:             Sat 28 Jun 2025 18:00:44 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:44 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:44 +0000
Files and hashes:         1: PpeXKwFXszTha_kfKifuDi3BOag.crl (hash: MKPW6tiFphXJeOWukuUcvlrZQKt9x6G2SrB4yvNPLeo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PpeXKwFXszTha_kfKifuDi3BOag.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:e6:d0:bb:e5:a4:bf:6c:4c:04:61:e2:3e:85:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e97972b0157b334e16bf91f2a27ee0e2dc139a8
        Validity
            Not Before: Jun 28 18:00:44 2025 GMT
            Not After : Jun 29 18:00:44 2025 GMT
        Subject: CN=e46961aeb0d3f5209b27e5db54837797e312a6f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:89:4c:42:56:e0:cd:1e:5a:a1:31:d7:93:ee:
                    03:4b:a7:df:db:e1:89:01:65:08:6f:16:3f:7d:4c:
                    71:44:3e:8c:f8:22:41:8c:6c:56:72:c8:e4:f1:c9:
                    81:ba:94:58:48:4c:6b:dd:9c:ff:11:d5:64:83:a3:
                    67:97:f5:13:9c:56:bc:c9:0b:f8:2c:aa:0d:43:7f:
                    5e:7d:86:e8:f5:57:5b:e3:56:34:46:47:21:b1:61:
                    45:1d:6f:96:ea:10:06:52:01:c2:0e:75:b2:6d:6d:
                    7a:2c:37:73:f2:ce:f7:5a:5c:79:ab:e8:74:f6:b5:
                    ed:60:28:e7:6c:8f:c7:ab:d6:98:02:aa:59:3c:5d:
                    16:4c:2a:0d:ac:33:13:aa:fd:83:d7:f6:ca:7d:96:
                    cd:27:e4:8b:2a:b1:a1:2b:36:89:f2:94:24:4e:7d:
                    20:fb:1e:1f:fc:1c:23:bb:76:6d:d8:d4:f1:4a:9b:
                    99:bc:b0:7f:85:a0:bf:63:8c:b2:e5:56:34:1c:fe:
                    3a:67:17:68:7f:f5:61:6b:c4:ec:21:2d:1c:19:d1:
                    7b:7c:28:d3:67:4c:25:69:a9:8a:46:9d:16:21:5d:
                    f9:65:c9:d6:26:bd:87:78:58:55:e4:e4:ef:24:40:
                    bd:91:d0:ce:63:ea:ed:1e:8a:86:a1:f9:a0:89:96:
                    0e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:69:61:AE:B0:D3:F5:20:9B:27:E5:DB:54:83:77:97:E3:12:A6:F9
            X509v3 Authority Key Identifier:
                keyid:3E:97:97:2B:01:57:B3:34:E1:6B:F9:1F:2A:27:EE:0E:2D:C1:39:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PpeXKwFXszTha_kfKifuDi3BOag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/27eba1-3ea1-4191-9699-9f004101ce4c/1/PpeXKwFXszTha_kfKifuDi3BOag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:77:03:f3:c9:e9:1f:bb:48:f1:91:3e:c0:59:ff:b0:99:a7:
         34:36:16:6c:aa:67:84:7b:a3:45:84:f5:c2:37:1c:56:b5:9c:
         32:c6:f1:1e:f8:ed:64:1b:a7:8e:92:02:d4:43:37:95:51:8a:
         da:7b:f4:54:bb:59:1e:92:0c:95:3c:c1:0d:5e:f9:71:d1:7b:
         aa:75:1d:8c:37:99:43:93:66:c6:95:04:a6:db:2c:b0:a8:b5:
         ae:07:69:e9:eb:a4:6e:c2:3a:3d:c4:be:d0:48:67:21:dc:20:
         1d:81:f7:e5:8b:79:45:42:de:d4:f1:be:54:e0:23:08:bb:ef:
         48:16:2e:55:5d:6d:dc:f8:dd:ee:6e:2a:eb:45:26:b9:c8:bf:
         c0:7d:90:74:27:5b:59:60:2d:6e:09:93:7c:4c:f5:e2:02:42:
         88:f2:e1:3e:3f:c8:3a:92:15:00:d0:82:4c:cf:8f:8d:b3:98:
         65:af:72:bc:b0:4b:9e:81:8e:2e:d3:76:12:b0:1a:98:88:df:
         e4:af:4b:76:ed:15:8e:33:8c:65:60:93:5d:af:2d:9c:b0:12:
         dc:b1:21:ca:1a:33:fd:71:b6:1a:e0:d4:e0:04:4c:8c:ba:82:
         77:16:2c:72:f4:23:dd:e7:54:d0:80:11:c1:ad:41:86:e3:4e:
         ed:22:3f:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3subQu+Wkv2xMBGHiPoVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlOTc5NzJiMDE1N2IzMzRlMTZiZjkxZjJhMjdlZTBlMmRj
MTM5YTgwHhcNMjUwNjI4MTgwMDQ0WhcNMjUwNjI5MTgwMDQ0WjAzMTEwLwYDVQQD
EyhlNDY5NjFhZWIwZDNmNTIwOWIyN2U1ZGI1NDgzNzc5N2UzMTJhNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4lMQlbgzR5aoTHXk+4DS6ff2+GJ
AWUIbxY/fUxxRD6M+CJBjGxWcsjk8cmBupRYSExr3Zz/EdVkg6Nnl/UTnFa8yQv4
LKoNQ39efYbo9Vdb41Y0RkchsWFFHW+W6hAGUgHCDnWybW16LDdz8s73Wlx5q+h0
9rXtYCjnbI/Hq9aYAqpZPF0WTCoNrDMTqv2D1/bKfZbNJ+SLKrGhKzaJ8pQkTn0g
+x4f/Bwju3Zt2NTxSpuZvLB/haC/Y4yy5VY0HP46Zxdof/Vha8TsIS0cGdF7fCjT
Z0wlaamKRp0WIV35ZcnWJr2HeFhV5OTvJEC9kdDOY+rtHoqGofmgiZYOowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORpYa6w0/Ugmyfl21SDd5fjEqb5MB8GA1UdIwQY
MBaAFD6XlysBV7M04Wv5Hyon7g4twTmoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHBlWEt3RlhzelRoYV9rZktpZnVEaTNCT2FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yN2ViYTEtM2VhMS00MTkxLTk2OTkt
OWYwMDQxMDFjZTRjLzEvUHBlWEt3RlhzelRoYV9rZktpZnVEaTNCT2FnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yN2ViYTEtM2VhMS00MTkxLTk2OTktOWYwMDQxMDFjZTRj
LzEvUHBlWEt3RlhzelRoYV9rZktpZnVEaTNCT2FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMHcD88np
H7tI8ZE+wFn/sJmnNDYWbKpnhHujRYT1wjccVrWcMsbxHvjtZBunjpIC1EM3lVGK
2nv0VLtZHpIMlTzBDV75cdF7qnUdjDeZQ5NmxpUEptsssKi1rgdp6eukbsI6PcS+
0EhnIdwgHYH35Yt5RULe1PG+VOAjCLvvSBYuVV1t3Pjd7m4q60Umuci/wH2QdCdb
WWAtbgmTfEz14gJCiPLhPj/IOpIVANCCTM+PjbOYZa9yvLBLnoGOLtN2ErAamIjf
5K9Ldu0VjjOMZWCTXa8tnLAS3LEhyhoz/XG2GuDU4ARMjLqCdxYscvQj3edU0IAR
wa1BhuNO7SI/IQ==
-----END CERTIFICATE-----