Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          jY4nrsL1b8/vZt5m7BhQ1ptblM6V5NPPp7kWgOYNwgI=
Subject key identifier:   D7:CD:D5:04:4C:42:72:BC:B1:E6:1B:9F:FE:80:A1:4B:D9:B3:6D:EA
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       0198D660F146A5713B85DF0F1F87C914D705
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          097C
Signing time:             Sat 23 Aug 2025 10:02:14 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:14 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:14 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: 6a6ExKs3hBRbgsjVEWSmVNNjKyCAEYzE98w163SeHNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:f1:46:a5:71:3b:85:df:0f:1f:87:c9:14:d7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Aug 23 10:02:14 2025 GMT
            Not After : Aug 24 10:02:14 2025 GMT
        Subject: CN=d7cdd5044c4272bcb1e61b9ffe80a14bd9b36dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bb:30:67:e3:6a:3d:a2:6b:8d:b4:38:b8:72:
                    24:db:63:f2:2b:2b:ad:06:a4:ca:fd:e3:52:78:ff:
                    41:cb:7d:55:3f:ab:e0:c8:3f:d4:bd:24:c6:4e:a2:
                    bb:2b:6b:fc:0e:fd:79:52:0b:b9:5d:ac:70:d0:88:
                    e8:71:03:f0:89:73:5a:bc:e6:17:fa:f2:cf:65:3b:
                    4b:e6:bb:e1:1d:65:9e:5b:c1:2a:8c:81:ad:57:d9:
                    42:82:55:6a:50:f0:7f:53:43:cd:de:d4:75:45:90:
                    2e:e2:92:44:f6:d0:2b:82:cb:77:51:c2:fa:74:a9:
                    c2:7e:3d:9f:04:b3:9c:f0:b3:5e:a8:95:24:7d:0f:
                    7e:df:51:a3:95:7d:d8:54:ad:58:6e:3a:5c:f8:a4:
                    b2:82:b0:d4:43:f2:c7:63:24:9d:9b:41:cb:5a:3a:
                    eb:4a:2d:8a:3d:e2:a1:ac:8a:c2:8f:6e:a2:ac:fc:
                    5a:1b:2e:69:27:ff:26:3e:2e:52:23:e8:ae:02:e6:
                    ac:f3:b8:7a:49:7c:ae:76:b9:34:f3:6a:cf:44:f9:
                    8c:26:62:89:68:95:15:d0:9a:bf:6f:3b:9b:04:65:
                    8a:27:ee:2d:17:12:f9:4e:d4:14:bc:7b:4e:e0:ce:
                    a2:dc:43:80:9a:61:f8:c9:05:e6:65:7c:87:0c:42:
                    49:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:CD:D5:04:4C:42:72:BC:B1:E6:1B:9F:FE:80:A1:4B:D9:B3:6D:EA
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:02:d6:52:41:8f:61:5a:16:de:9f:90:5a:d6:33:da:6b:31:
         0a:2f:39:e2:02:e4:37:14:c0:81:f3:1c:50:64:9e:21:fb:9d:
         66:ce:07:2c:e1:78:a5:b9:ac:0d:51:d4:fd:21:00:0f:21:b7:
         18:3b:b3:6b:44:e4:87:0d:a2:5b:a7:b8:01:01:1a:89:8d:31:
         c5:ea:00:98:e9:68:c6:28:ba:af:c1:dd:0f:ad:60:df:6c:4b:
         f4:7d:5b:1d:60:8b:f8:86:c4:9a:01:fb:f6:b4:aa:0f:9c:4a:
         70:22:d3:78:d6:3b:bf:32:37:87:36:3a:a5:1c:35:ad:da:e8:
         6f:b3:96:e0:7b:61:1c:5a:4b:a6:9d:3f:80:b5:b5:fd:92:66:
         2c:8d:8a:4f:6e:40:de:a6:60:60:c9:fd:41:26:e5:7e:0f:e4:
         e3:f9:04:b3:a1:08:ee:74:d3:db:16:2b:dd:ed:07:41:85:81:
         a7:ca:03:59:92:7f:b3:29:c9:d6:94:fb:58:48:85:2d:26:fe:
         0e:6d:75:e3:af:f2:48:70:5f:5a:f0:81:55:33:57:a7:c6:44:
         51:52:74:74:25:64:04:80:1a:25:15:29:66:d3:f3:8d:8b:42:
         29:cb:4d:0a:cb:05:f4:c9:ea:ce:c3:f7:b7:7d:5f:57:4f:1f:
         c7:fe:52:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYPFGpXE7hd8PH4fJFNcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwODIzMTAwMjE0WhcNMjUwODI0MTAwMjE0WjAzMTEwLwYDVQQD
EyhkN2NkZDUwNDRjNDI3MmJjYjFlNjFiOWZmZTgwYTE0YmQ5YjM2ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurswZ+NqPaJrjbQ4uHIk22PyKyut
BqTK/eNSeP9By31VP6vgyD/UvSTGTqK7K2v8Dv15Ugu5Xaxw0IjocQPwiXNavOYX
+vLPZTtL5rvhHWWeW8EqjIGtV9lCglVqUPB/U0PN3tR1RZAu4pJE9tArgst3UcL6
dKnCfj2fBLOc8LNeqJUkfQ9+31GjlX3YVK1Ybjpc+KSygrDUQ/LHYySdm0HLWjrr
Si2KPeKhrIrCj26irPxaGy5pJ/8mPi5SI+iuAuas87h6SXyudrk082rPRPmMJmKJ
aJUV0Jq/bzubBGWKJ+4tFxL5TtQUvHtO4M6i3EOAmmH4yQXmZXyHDEJJLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfN1QRMQnK8seYbn/6AoUvZs23qMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVALWUkGP
YVoW3p+QWtYz2msxCi854gLkNxTAgfMcUGSeIfudZs4HLOF4pbmsDVHU/SEADyG3
GDuza0Tkhw2iW6e4AQEaiY0xxeoAmOloxii6r8HdD61g32xL9H1bHWCL+IbEmgH7
9rSqD5xKcCLTeNY7vzI3hzY6pRw1rdrob7OW4HthHFpLpp0/gLW1/ZJmLI2KT25A
3qZgYMn9QSblfg/k4/kEs6EI7nTT2xYr3e0HQYWBp8oDWZJ/synJ1pT7WEiFLSb+
Dm1146/ySHBfWvCBVTNXp8ZEUVJ0dCVkBIAaJRUpZtPzjYtCKctNCssF9MnqzsP3
t31fV08fx/5SYw==
-----END CERTIFICATE-----