Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
File:                     PqlK-DEYyT_-izYnXtU0mU1not0.mft (raw, json)
Hash identifier:          VPYRLpimFolqmYxPuN3g2ro7J+YDvmuLS5fnYkx3MVo=
Subject key identifier:   54:7D:8A:AD:35:9E:5A:EB:AE:FC:DE:8A:81:DD:CD:10:C5:E4:F4:43
Authority key identifier: 3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD
Certificate issuer:       /CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
Certificate serial:       0196CE05DE768D053FB2795673ED10370597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
Manifest number:          112D
Signing time:             Wed 14 May 2025 09:00:13 +0000
Manifest this update:     Wed 14 May 2025 09:00:13 +0000
Manifest next update:     Thu 15 May 2025 09:00:13 +0000
Files and hashes:         1: PqlK-DEYyT_-izYnXtU0mU1not0.crl (hash: ao7lAcQz1bX/fGNxMM5ErL5TaCzLUltFyr7FpqD3fC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:05:de:76:8d:05:3f:b2:79:56:73:ed:10:37:05:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
        Validity
            Not Before: May 14 09:00:13 2025 GMT
            Not After : May 15 09:00:13 2025 GMT
        Subject: CN=547d8aad359e5aebaefcde8a81ddcd10c5e4f443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:97:9b:bf:ad:ff:5f:38:d3:d7:99:c6:03:d7:
                    35:60:82:f7:6e:71:19:25:8f:c4:5f:3b:aa:ac:58:
                    0e:cd:1d:8d:94:03:a8:d9:fb:f5:25:2c:a1:34:44:
                    d6:26:a9:a8:db:fe:a2:a6:cd:7c:58:ee:fa:a4:9b:
                    71:63:a7:78:f7:93:1a:3d:df:34:33:e9:ff:f0:4e:
                    14:58:32:1b:5c:a6:03:b1:e9:64:3b:0a:02:19:52:
                    48:6b:ec:05:d1:ab:95:44:d2:39:9a:25:6c:4b:99:
                    f2:a6:8c:aa:0d:ad:b0:b4:cb:d2:eb:bc:90:ce:4b:
                    58:70:23:9d:11:c3:02:74:bf:e2:b0:c9:50:9f:48:
                    f4:c3:29:1d:e5:b2:7c:6e:14:ea:83:f7:7d:43:48:
                    0e:88:10:7b:f3:c0:7a:0f:a2:db:56:a0:0c:63:71:
                    9f:7b:a5:fb:92:92:02:76:90:ae:fb:4c:ea:f3:fc:
                    c1:8e:61:43:1e:f5:e5:00:e0:57:88:f8:e1:d5:b5:
                    49:4a:4d:00:38:3a:7e:79:0d:14:0f:d0:07:f2:87:
                    a3:a9:d8:00:fc:97:66:b2:e7:d6:1e:2a:14:2b:f4:
                    11:e4:bd:2c:3f:5a:84:34:a1:28:44:f8:8a:4b:25:
                    01:f5:c4:cd:59:99:26:75:cf:9b:49:77:d5:7b:ac:
                    90:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:7D:8A:AD:35:9E:5A:EB:AE:FC:DE:8A:81:DD:CD:10:C5:E4:F4:43
            X509v3 Authority Key Identifier:
                keyid:3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:99:ee:fd:67:11:fd:48:54:6f:2a:c3:79:ef:eb:a8:32:24:
         ae:02:88:3b:41:4a:22:46:a8:8c:c7:d5:6c:f0:65:4c:0b:76:
         1e:17:09:85:00:d9:f8:59:87:2e:9e:98:29:77:f8:a2:5c:73:
         90:61:c9:3d:2f:b5:83:e6:d4:c4:c4:61:0e:06:dc:72:4f:b2:
         f9:48:7d:19:9b:f9:9a:02:28:b0:d6:17:a1:09:15:d2:21:13:
         b4:65:25:cb:49:1a:56:ab:3d:26:e3:a7:f0:4f:a3:9b:59:5e:
         33:c5:92:bc:c8:e9:16:2f:03:a5:a5:b2:8a:b1:21:b0:d2:49:
         a4:54:3f:8f:fb:09:9f:b9:40:34:5f:4d:f9:7a:2c:5e:6c:e8:
         ba:4a:d9:d6:85:77:2f:8e:2c:06:60:1f:3f:4d:1c:fb:53:70:
         80:69:a3:00:2b:30:8e:eb:30:3f:b5:40:7c:6b:d4:8a:37:2f:
         8e:74:ca:c4:2b:c4:a8:fa:20:93:e3:6e:3d:45:08:5a:01:c3:
         e4:90:4f:93:b3:b4:22:ac:72:92:ae:df:18:37:9f:c9:08:18:
         3e:35:70:38:59:29:41:4a:61:6d:f4:6d:0e:34:62:4b:1c:50:
         02:ad:59:36:db:e6:92:12:a5:c3:a4:f4:69:d9:44:85:78:73:
         e2:0a:d6:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbOBd52jQU/snlWc+0QNwWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTk0YWY4MzExOGM5M2ZmZThiMzYyNzVlZDUzNDk5NGQ2
N2EyZGQwHhcNMjUwNTE0MDkwMDEzWhcNMjUwNTE1MDkwMDEzWjAzMTEwLwYDVQQD
Eyg1NDdkOGFhZDM1OWU1YWViYWVmY2RlOGE4MWRkY2QxMGM1ZTRmNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Jebv63/XzjT15nGA9c1YIL3bnEZ
JY/EXzuqrFgOzR2NlAOo2fv1JSyhNETWJqmo2/6ips18WO76pJtxY6d495MaPd80
M+n/8E4UWDIbXKYDselkOwoCGVJIa+wF0auVRNI5miVsS5nypoyqDa2wtMvS67yQ
zktYcCOdEcMCdL/isMlQn0j0wykd5bJ8bhTqg/d9Q0gOiBB788B6D6LbVqAMY3Gf
e6X7kpICdpCu+0zq8/zBjmFDHvXlAOBXiPjh1bVJSk0AODp+eQ0UD9AH8oejqdgA
/JdmsufWHioUK/QR5L0sP1qENKEoRPiKSyUB9cTNWZkmdc+bSXfVe6yQmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFR9iq01nlrrrvzeioHdzRDF5PRDMB8GA1UdIwQY
MBaAFD6pSvgxGMk//os2J17VNJlNZ6LdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEt
Mjk1N2FmYjE0Nzk0LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEtMjk1N2FmYjE0Nzk0
LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZnu/WcR
/UhUbyrDee/rqDIkrgKIO0FKIkaojMfVbPBlTAt2HhcJhQDZ+FmHLp6YKXf4olxz
kGHJPS+1g+bUxMRhDgbcck+y+Uh9GZv5mgIosNYXoQkV0iETtGUly0kaVqs9JuOn
8E+jm1leM8WSvMjpFi8DpaWyirEhsNJJpFQ/j/sJn7lANF9N+XosXmzoukrZ1oV3
L44sBmAfP00c+1NwgGmjACswjuswP7VAfGvUijcvjnTKxCvEqPogk+NuPUUIWgHD
5JBPk7O0Iqxykq7fGDefyQgYPjVwOFkpQUphbfRtDjRiSxxQAq1ZNtvmkhKlw6T0
adlEhXhz4grWUA==
-----END CERTIFICATE-----