Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          9tRSFdZTT3++OOqX9TuVSVaXzOzB0opjljpJma5WoPA=
Subject key identifier:   FE:C2:C1:23:A0:A6:CF:44:5E:C4:12:73:E6:2A:F6:FD:93:14:06:36
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       0196D2BECB927D1AD8986F7A4518F19C1D08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0871
Signing time:             Thu 15 May 2025 07:00:41 +0000
Manifest this update:     Thu 15 May 2025 07:00:41 +0000
Manifest next update:     Fri 16 May 2025 07:00:41 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: aIZnhFZdKsY6sj9Ggk6aV1mDfVwoYxug+NjSkBkOv4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d2:be:cb:92:7d:1a:d8:98:6f:7a:45:18:f1:9c:1d:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: May 15 07:00:41 2025 GMT
            Not After : May 16 07:00:41 2025 GMT
        Subject: CN=fec2c123a0a6cf445ec41273e62af6fd93140636
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2f:f1:c6:e1:b4:98:9b:d3:18:09:f0:30:40:
                    15:ed:ce:69:40:bf:40:a7:75:a7:b1:87:6b:a0:db:
                    d3:b7:48:7d:a3:a0:1f:11:76:0e:ee:8b:98:69:b4:
                    08:ae:33:ee:67:d2:e0:78:9d:12:74:b9:0d:e6:43:
                    da:df:19:69:23:98:4a:71:fd:ac:28:9c:e8:2a:cc:
                    74:8c:0f:20:83:93:19:60:66:b9:a6:10:be:63:4d:
                    7f:db:be:11:e4:33:0e:e4:92:eb:2e:f0:d2:ef:aa:
                    da:23:27:85:c0:46:35:5d:3c:9d:61:bf:15:9a:bc:
                    22:9e:bf:82:04:01:fd:41:c1:84:e8:8e:f3:a5:26:
                    ec:e1:9f:d9:8d:d7:bb:20:87:76:6d:ad:35:df:60:
                    1d:f1:4b:24:d0:ce:69:94:17:fd:9b:c2:62:a3:43:
                    d2:3d:75:96:00:c8:d4:f3:9c:c6:8f:a1:cf:9e:a2:
                    79:e6:fa:81:a4:c0:a4:80:e2:98:1e:72:3e:0a:4e:
                    99:c2:1a:6a:63:d0:01:82:f4:da:d8:7e:7e:89:d5:
                    01:32:07:64:a4:59:db:14:39:e4:43:11:47:97:4c:
                    53:4e:3f:e6:25:bb:1e:bd:fa:33:9c:41:e4:37:1b:
                    a9:22:ea:7c:79:3c:33:93:c0:25:c5:2e:d4:51:13:
                    c5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C2:C1:23:A0:A6:CF:44:5E:C4:12:73:E6:2A:F6:FD:93:14:06:36
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:62:0e:0b:97:b6:f6:4d:f6:20:19:87:df:14:22:7b:84:c2:
         b8:dc:50:c1:80:4c:9f:63:6f:ba:c9:17:d0:79:b2:03:0f:ec:
         f6:fb:fe:ed:d8:4a:1e:56:eb:6c:eb:15:dc:94:bd:6d:42:e9:
         fd:cf:d1:9e:1d:0e:52:93:c5:da:64:03:a3:38:d0:6a:09:f3:
         2e:1d:17:49:c2:3d:e4:8c:11:f4:ef:2f:d6:8a:9b:6e:cf:1c:
         3d:47:30:d8:ec:29:cd:f6:88:2c:27:ef:41:e2:3c:13:6a:3d:
         92:31:99:06:31:15:7a:4d:c2:3d:7d:ce:f9:fc:34:3f:9d:cf:
         71:73:30:8e:82:f6:61:1d:97:33:b7:9b:98:f6:92:0b:55:87:
         2d:ed:55:8f:6c:8d:61:60:0a:96:bc:c8:be:9b:90:84:68:dc:
         c2:ce:ec:fb:c1:f4:98:b1:af:e0:dd:56:fd:87:2f:42:2e:72:
         a8:98:56:49:2d:40:c7:8b:a5:b3:98:6d:f4:dc:09:31:13:5a:
         24:2a:65:51:cf:1c:34:19:e1:ff:f4:3a:56:04:b9:d3:3a:01:
         b4:d0:f6:34:e5:13:16:b5:c5:94:fa:d0:a5:54:35:42:aa:90:
         9e:3c:95:a6:4e:31:9f:95:8d:f9:ff:3a:46:98:3e:94:65:6c:
         37:8f:57:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbSvsuSfRrYmG96RRjxnB0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwNTE1MDcwMDQxWhcNMjUwNTE2MDcwMDQxWjAzMTEwLwYDVQQD
EyhmZWMyYzEyM2EwYTZjZjQ0NWVjNDEyNzNlNjJhZjZmZDkzMTQwNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS/xxuG0mJvTGAnwMEAV7c5pQL9A
p3WnsYdroNvTt0h9o6AfEXYO7ouYabQIrjPuZ9LgeJ0SdLkN5kPa3xlpI5hKcf2s
KJzoKsx0jA8gg5MZYGa5phC+Y01/274R5DMO5JLrLvDS76raIyeFwEY1XTydYb8V
mrwinr+CBAH9QcGE6I7zpSbs4Z/Zjde7IId2ba0132Ad8Usk0M5plBf9m8Jio0PS
PXWWAMjU85zGj6HPnqJ55vqBpMCkgOKYHnI+Ck6ZwhpqY9ABgvTa2H5+idUBMgdk
pFnbFDnkQxFHl0xTTj/mJbsevfoznEHkNxupIup8eTwzk8AlxS7UURPFewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7CwSOgps9EXsQSc+Yq9v2TFAY2MB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1WIOC5e2
9k32IBmH3xQie4TCuNxQwYBMn2NvuskX0HmyAw/s9vv+7dhKHlbrbOsV3JS9bULp
/c/Rnh0OUpPF2mQDozjQagnzLh0XScI95IwR9O8v1oqbbs8cPUcw2OwpzfaILCfv
QeI8E2o9kjGZBjEVek3CPX3O+fw0P53PcXMwjoL2YR2XM7ebmPaSC1WHLe1Vj2yN
YWAKlrzIvpuQhGjcws7s+8H0mLGv4N1W/YcvQi5yqJhWSS1Ax4uls5ht9NwJMRNa
JCplUc8cNBnh//Q6VgS50zoBtND2NOUTFrXFlPrQpVQ1QqqQnjyVpk4xn5WN+f86
Rpg+lGVsN49Xpg==
-----END CERTIFICATE-----