Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
File:                     PqlK-DEYyT_-izYnXtU0mU1not0.mft (raw, json)
Hash identifier:          v+ugqrka64XZkU0aV7eP9LA17idCsn1s/wLHIC3nNxU=
Subject key identifier:   4D:8E:D7:9E:77:9D:59:0C:62:BD:6F:F8:60:7F:D3:57:1C:BB:C8:3A
Authority key identifier: 3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD
Certificate issuer:       /CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
Certificate serial:       0199FCFD2516053D43C6627E53BFB74DF22F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
Manifest number:          12D3
Signing time:             Sun 19 Oct 2025 15:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:12 +0000
Files and hashes:         1: PqlK-DEYyT_-izYnXtU0mU1not0.crl (hash: DAet8/p/7j1+RjoFBKJXhCCWtgU8KFFCxmDC925LZpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:25:16:05:3d:43:c6:62:7e:53:bf:b7:4d:f2:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
        Validity
            Not Before: Oct 19 15:01:12 2025 GMT
            Not After : Oct 20 15:01:12 2025 GMT
        Subject: CN=4d8ed79e779d590c62bd6ff8607fd3571cbbc83a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a8:22:b8:6f:f0:80:f5:77:36:a6:c7:8c:e3:
                    8c:93:d5:21:60:9e:6b:b9:a4:55:53:f6:e7:d9:11:
                    65:ea:d3:26:d1:8e:94:af:84:a0:22:73:84:a0:9e:
                    cb:93:76:b5:23:2a:50:a8:0f:1d:a2:68:c2:da:d9:
                    e0:a7:b0:fd:86:09:75:37:e1:45:71:25:7b:a9:a0:
                    c8:5a:c8:c8:c2:64:7d:af:95:1a:3f:7a:c3:8c:84:
                    ed:65:69:e3:46:73:18:59:4b:6b:f7:ff:33:83:96:
                    67:35:a6:c7:3c:61:68:61:3c:94:b3:f1:2a:e9:82:
                    a3:46:07:b1:b9:77:13:d6:b7:8f:d8:3c:82:e1:4c:
                    92:03:cd:f5:98:f7:33:ca:cd:90:8b:2b:df:0d:55:
                    d1:11:5d:61:8b:63:71:51:a0:60:05:b4:53:6c:0a:
                    5d:2a:d7:af:d6:9b:b3:2f:b0:4b:f7:51:53:be:e5:
                    35:df:19:e2:b5:fb:70:1f:b3:68:d8:ff:b1:05:41:
                    b2:01:20:4e:43:70:b7:4d:6f:05:18:82:a6:7e:1f:
                    f2:14:39:20:5e:e8:ab:fd:f8:48:96:ed:3f:2c:1b:
                    78:5f:bd:2b:6d:04:3a:20:4b:ae:49:33:37:5f:09:
                    50:8d:8a:b6:e4:44:ea:3a:89:ff:d2:73:c5:9f:c7:
                    d1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:8E:D7:9E:77:9D:59:0C:62:BD:6F:F8:60:7F:D3:57:1C:BB:C8:3A
            X509v3 Authority Key Identifier:
                keyid:3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:2c:74:21:7b:5e:cd:18:40:2b:7c:36:e3:1d:36:c5:1a:aa:
         d3:64:7b:ca:61:d6:78:74:22:95:b8:c6:9f:f2:65:72:0c:76:
         14:f0:1c:61:85:ad:86:a1:a2:d8:8a:ec:3f:4d:2f:c0:b7:3f:
         01:1f:b4:2d:0a:92:f9:b6:92:aa:28:0b:52:ac:d0:3a:75:1d:
         46:15:da:46:d0:3b:f6:e1:e4:bd:cf:1f:72:0a:5f:e2:ac:77:
         6c:9e:35:77:09:0b:ae:f1:7e:0e:22:19:2b:a3:22:4a:3d:23:
         5d:b8:15:fa:6c:d9:25:71:ff:31:5f:ff:a6:1f:48:0d:d6:3e:
         80:46:d4:6c:31:3f:00:4a:2c:85:15:1d:23:f4:71:fc:59:bd:
         07:3d:90:60:fb:dd:28:1d:88:5c:94:ca:77:dc:d5:18:c2:3f:
         4d:6b:bb:03:e9:93:1a:52:fc:09:f9:46:5a:89:5f:f1:47:d5:
         68:f9:b4:c1:09:02:de:36:05:6c:62:43:da:53:62:9c:cf:c7:
         3a:f4:9c:9b:89:c3:c9:e8:68:c1:1b:a5:ee:0c:bb:0c:3c:fd:
         fa:38:df:37:31:d3:de:e4:76:b7:a9:bb:3a:4e:ed:79:90:d6:
         ca:b5:d3:ce:d9:c8:c1:bf:2b:1c:eb:40:57:6b:9c:7c:5f:ad:
         83:2a:35:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/SUWBT1DxmJ+U7+3TfIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTk0YWY4MzExOGM5M2ZmZThiMzYyNzVlZDUzNDk5NGQ2
N2EyZGQwHhcNMjUxMDE5MTUwMTEyWhcNMjUxMDIwMTUwMTEyWjAzMTEwLwYDVQQD
Eyg0ZDhlZDc5ZTc3OWQ1OTBjNjJiZDZmZjg2MDdmZDM1NzFjYmJjODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKgiuG/wgPV3NqbHjOOMk9UhYJ5r
uaRVU/bn2RFl6tMm0Y6Ur4SgInOEoJ7Lk3a1IypQqA8domjC2tngp7D9hgl1N+FF
cSV7qaDIWsjIwmR9r5UaP3rDjITtZWnjRnMYWUtr9/8zg5ZnNabHPGFoYTyUs/Eq
6YKjRgexuXcT1reP2DyC4UySA831mPczys2QiyvfDVXREV1hi2NxUaBgBbRTbApd
Ktev1puzL7BL91FTvuU13xnitftwH7No2P+xBUGyASBOQ3C3TW8FGIKmfh/yFDkg
Xuir/fhIlu0/LBt4X70rbQQ6IEuuSTM3XwlQjYq25ETqOon/0nPFn8fReQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2O1553nVkMYr1v+GB/01ccu8g6MB8GA1UdIwQY
MBaAFD6pSvgxGMk//os2J17VNJlNZ6LdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEt
Mjk1N2FmYjE0Nzk0LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEtMjk1N2FmYjE0Nzk0
LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVyx0IXte
zRhAK3w24x02xRqq02R7ymHWeHQilbjGn/Jlcgx2FPAcYYWthqGi2IrsP00vwLc/
AR+0LQqS+baSqigLUqzQOnUdRhXaRtA79uHkvc8fcgpf4qx3bJ41dwkLrvF+DiIZ
K6MiSj0jXbgV+mzZJXH/MV//ph9IDdY+gEbUbDE/AEoshRUdI/Rx/Fm9Bz2QYPvd
KB2IXJTKd9zVGMI/TWu7A+mTGlL8CflGWolf8UfVaPm0wQkC3jYFbGJD2lNinM/H
OvScm4nDyehowRul7gy7DDz9+jjfNzHT3uR2t6m7Ok7teZDWyrXTztnIwb8rHOtA
V2ucfF+tgyo1ng==
-----END CERTIFICATE-----