Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
File:                     PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft (raw, json)
Hash identifier:          MIu+wixYrRPbg3z/kPvr68y5/Ae9KP2zbxQpUvMCVNQ=
Subject key identifier:   D4:DE:A4:09:78:C8:56:B1:73:DA:EE:A7:85:80:DB:9F:C4:1C:25:F5
Authority key identifier: 3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF
Certificate issuer:       /CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
Certificate serial:       0198D660B50696A1550CE9F68F7BA891132B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
Manifest number:          1438
Signing time:             Sat 23 Aug 2025 10:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:58 +0000
Files and hashes:         1: PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl (hash: x/g+ulvZjus40UrVPfpWoZM9NH2648U13GJ9POarEt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:b5:06:96:a1:55:0c:e9:f6:8f:7b:a8:91:13:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
        Validity
            Not Before: Aug 23 10:01:58 2025 GMT
            Not After : Aug 24 10:01:58 2025 GMT
        Subject: CN=d4dea40978c856b173daeea78580db9fc41c25f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cc:84:bc:bb:dc:74:14:c3:e6:eb:07:f6:fc:
                    38:a0:a6:33:e4:a9:05:b6:97:6d:21:ce:89:b0:57:
                    70:1f:f6:fa:de:eb:e1:79:8c:cf:5c:ed:7a:02:fd:
                    0a:ac:e2:b9:90:91:40:07:e6:be:f9:cf:5d:a0:e5:
                    82:c6:7e:c0:7b:31:c3:c4:37:dc:8f:92:86:8a:da:
                    0a:d8:e2:26:d1:d0:b7:50:af:62:f4:5c:90:c1:cd:
                    bb:13:57:ed:0d:52:11:27:01:b3:aa:51:a2:4a:96:
                    8f:6c:1c:ad:7b:7b:0e:09:51:27:3b:52:38:a4:33:
                    62:a4:fc:05:e1:d7:b1:c0:17:11:32:8d:e9:28:e6:
                    4f:41:4c:88:96:50:ca:b1:c8:1d:0d:23:6c:9c:2b:
                    03:ff:0d:fa:07:b3:e8:e6:49:79:f4:f0:87:3e:e0:
                    e8:1f:c7:1b:01:36:96:72:79:55:b6:fa:a2:fe:04:
                    8a:d5:a3:a9:57:76:d8:06:6c:74:be:81:5f:62:08:
                    95:48:11:ef:7d:b5:6e:27:d8:ca:42:c8:2d:8e:d5:
                    7e:68:22:41:1d:c7:3e:5c:a0:ba:0c:f1:b9:d3:a1:
                    72:53:6b:86:e5:b3:cc:3e:32:69:bb:de:8e:08:a0:
                    d4:d7:3e:d1:05:c9:e3:d4:8b:65:e3:38:a6:fd:17:
                    c8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:DE:A4:09:78:C8:56:B1:73:DA:EE:A7:85:80:DB:9F:C4:1C:25:F5
            X509v3 Authority Key Identifier:
                keyid:3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:46:38:35:29:8c:94:35:79:33:8e:5c:67:ac:72:44:b7:cd:
         41:b3:e7:6c:24:ca:4f:06:f3:94:57:16:10:56:d3:b5:fb:d9:
         76:fc:3c:86:9e:4c:fd:35:bc:68:aa:12:35:0d:36:4f:03:0d:
         93:f3:39:12:10:bd:97:9c:3d:3c:0e:e2:38:7a:30:0b:94:35:
         5e:cf:fd:bf:c5:03:91:49:90:0f:8f:75:13:b2:4c:38:e8:15:
         63:b8:88:82:37:57:7c:7d:fa:e9:cb:74:98:cd:24:24:22:18:
         d4:5a:43:17:da:61:10:02:e4:52:d9:c3:27:eb:6e:fb:ae:02:
         8a:0e:a5:48:d4:59:76:37:96:fa:cc:a0:96:76:a2:4f:75:d4:
         c1:f9:31:ed:d9:7e:fc:8d:77:76:c0:87:70:70:40:a7:89:85:
         ca:ea:ff:7d:b5:a5:35:e2:2a:fc:3f:d3:b5:82:8a:cc:d3:24:
         51:41:d6:8c:6f:04:09:b1:13:81:3a:78:a5:57:fb:7b:b6:8a:
         e0:ba:6e:25:51:48:5e:93:9e:c4:76:05:98:b9:cb:fe:ab:2c:
         f0:28:2f:44:3c:ea:10:51:a4:d8:c4:11:ff:ae:f4:e5:e5:79:
         ce:0e:39:47:5a:99:74:c8:7c:5b:2d:8c:4d:7b:db:45:e5:56:
         55:98:9e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYLUGlqFVDOn2j3uokRMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkM2Q2OWFiNjJjOGQ4ODI1ZjJiYTRiNDgzZDBlMzkzZTI1
MzRlZWYwHhcNMjUwODIzMTAwMTU4WhcNMjUwODI0MTAwMTU4WjAzMTEwLwYDVQQD
EyhkNGRlYTQwOTc4Yzg1NmIxNzNkYWVlYTc4NTgwZGI5ZmM0MWMyNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcyEvLvcdBTD5usH9vw4oKYz5KkF
tpdtIc6JsFdwH/b63uvheYzPXO16Av0KrOK5kJFAB+a++c9doOWCxn7AezHDxDfc
j5KGitoK2OIm0dC3UK9i9FyQwc27E1ftDVIRJwGzqlGiSpaPbByte3sOCVEnO1I4
pDNipPwF4dexwBcRMo3pKOZPQUyIllDKscgdDSNsnCsD/w36B7Po5kl59PCHPuDo
H8cbATaWcnlVtvqi/gSK1aOpV3bYBmx0voFfYgiVSBHvfbVuJ9jKQsgtjtV+aCJB
Hcc+XKC6DPG506FyU2uG5bPMPjJpu96OCKDU1z7RBcnj1Itl4zim/RfImQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTepAl4yFaxc9rup4WA25/EHCX1MB8GA1UdIwQY
MBaAFD09aatiyNiCXyuktIPQ45PiU07vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAt
MDcwNWJjY2QxZjJhLzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAtMDcwNWJjY2QxZjJh
LzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr0Y4NSmM
lDV5M45cZ6xyRLfNQbPnbCTKTwbzlFcWEFbTtfvZdvw8hp5M/TW8aKoSNQ02TwMN
k/M5EhC9l5w9PA7iOHowC5Q1Xs/9v8UDkUmQD491E7JMOOgVY7iIgjdXfH366ct0
mM0kJCIY1FpDF9phEALkUtnDJ+tu+64Cig6lSNRZdjeW+syglnaiT3XUwfkx7dl+
/I13dsCHcHBAp4mFyur/fbWlNeIq/D/TtYKKzNMkUUHWjG8ECbETgTp4pVf7e7aK
4LpuJVFIXpOexHYFmLnL/qss8CgvRDzqEFGk2MQR/6705eV5zg45R1qZdMh8Wy2M
TXvbReVWVZieBA==
-----END CERTIFICATE-----