Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          j0Kca/v7VKBvuLj6tLf/QAC0Avs38XpN2eHHgqq+esw=
Subject key identifier:   E8:B6:C3:B6:49:8C:E3:68:C5:C0:DE:D0:6B:D6:22:C8:10:07:FA:1F
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       0198D7738C8259D7889CF35147E29C550A0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          0374
Signing time:             Sat 23 Aug 2025 15:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 15:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 15:02:10 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: h9C4AnfNgSF13FiBPS84IrEJGk7HbcGrzYvQaWeamDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:73:8c:82:59:d7:88:9c:f3:51:47:e2:9c:55:0a:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Aug 23 15:02:10 2025 GMT
            Not After : Aug 24 15:02:10 2025 GMT
        Subject: CN=e8b6c3b6498ce368c5c0ded06bd622c81007fa1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:67:eb:88:19:4c:fb:ec:75:6b:2a:7f:17:f6:
                    12:97:a7:48:24:b7:47:9a:e5:20:9a:ef:e1:6d:c8:
                    2b:2d:e8:37:18:9a:98:74:39:92:ee:00:54:ff:76:
                    59:80:2a:32:55:60:99:48:39:25:1c:59:49:e7:17:
                    8e:a9:1e:b8:ab:09:ca:8c:7c:76:a8:92:68:79:1c:
                    f5:22:91:c5:ef:f3:7c:44:c6:e3:fd:12:d0:72:25:
                    b9:b8:32:fd:f1:28:61:b9:d0:3f:13:06:61:e7:3a:
                    1d:95:d0:ec:bc:a1:1a:74:d5:7d:43:7c:52:77:23:
                    45:a9:ad:88:94:5f:27:09:06:65:51:37:6d:cb:e4:
                    d8:cb:ab:5a:c4:cb:67:05:e0:f9:f8:88:f2:ee:29:
                    6a:a4:92:c0:4a:58:ad:13:f7:1d:a7:de:95:27:5b:
                    a6:93:7c:81:c7:c6:4c:04:3e:18:7b:d6:66:6d:da:
                    cf:4a:3b:dc:d6:fc:5d:83:35:8e:a0:25:42:0f:c1:
                    02:58:82:cf:bf:7a:91:ad:c2:cd:46:b7:fc:a2:8a:
                    94:8a:6e:d7:52:d2:88:a2:3c:e3:e2:91:cb:fd:4c:
                    cf:5c:34:3e:c9:64:34:0e:10:eb:dd:73:d0:96:28:
                    83:00:2c:7a:cc:d7:1b:b0:b4:7d:e8:3d:ac:31:37:
                    0f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:B6:C3:B6:49:8C:E3:68:C5:C0:DE:D0:6B:D6:22:C8:10:07:FA:1F
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d7:0c:5e:29:fe:e7:f2:8e:94:04:51:46:53:c6:6b:38:ce:
         13:40:f2:d7:0a:fd:f4:12:6c:12:33:30:8e:0f:1a:3a:f0:63:
         57:e0:a8:56:89:75:b5:91:7d:ca:21:ab:fa:c5:8a:66:7b:7c:
         7a:c2:48:8c:c0:de:f5:d5:74:b1:12:9d:c4:7b:24:da:10:f0:
         39:6e:ed:51:18:1b:34:1b:9a:04:92:ef:0e:81:7e:bb:ba:8b:
         38:51:33:36:ad:2b:b2:b3:31:6d:27:f8:16:2b:93:61:aa:24:
         08:2a:86:d6:d8:89:eb:c3:d2:4b:e1:89:98:f0:ea:26:22:d3:
         91:49:12:02:5b:da:3f:7f:f7:09:ff:7c:4a:e9:80:20:98:15:
         f8:6f:25:ae:c5:65:1b:00:de:be:43:3b:15:38:e6:fa:1c:ab:
         bd:d6:16:3e:4c:1d:d6:2f:c6:23:68:5d:c7:1f:00:3e:c0:c7:
         2e:53:02:a1:25:37:ff:6c:ea:a5:dd:26:9d:b6:e5:ee:65:6b:
         b2:b7:21:f4:07:49:42:24:88:54:de:2b:09:21:3c:af:98:f7:
         af:b7:1e:1a:05:df:1b:32:f2:8c:f4:18:8a:c0:1b:0b:59:ea:
         a0:27:a6:92:85:27:3d:20:11:f7:37:1d:b1:ad:0f:db:ab:b0:
         b8:b7:c6:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXc4yCWdeInPNRR+KcVQoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUwODIzMTUwMjEwWhcNMjUwODI0MTUwMjEwWjAzMTEwLwYDVQQD
EyhlOGI2YzNiNjQ5OGNlMzY4YzVjMGRlZDA2YmQ2MjJjODEwMDdmYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GfriBlM++x1ayp/F/YSl6dIJLdH
muUgmu/hbcgrLeg3GJqYdDmS7gBU/3ZZgCoyVWCZSDklHFlJ5xeOqR64qwnKjHx2
qJJoeRz1IpHF7/N8RMbj/RLQciW5uDL98ShhudA/EwZh5zodldDsvKEadNV9Q3xS
dyNFqa2IlF8nCQZlUTdty+TYy6taxMtnBeD5+Ijy7ilqpJLASlitE/cdp96VJ1um
k3yBx8ZMBD4Ye9ZmbdrPSjvc1vxdgzWOoCVCD8ECWILPv3qRrcLNRrf8ooqUim7X
UtKIojzj4pHL/UzPXDQ+yWQ0DhDr3XPQliiDACx6zNcbsLR96D2sMTcPJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOi2w7ZJjONoxcDe0GvWIsgQB/ofMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtcMXin+
5/KOlARRRlPGazjOE0Dy1wr99BJsEjMwjg8aOvBjV+CoVol1tZF9yiGr+sWKZnt8
esJIjMDe9dV0sRKdxHsk2hDwOW7tURgbNBuaBJLvDoF+u7qLOFEzNq0rsrMxbSf4
FiuTYaokCCqG1tiJ68PSS+GJmPDqJiLTkUkSAlvaP3/3Cf98SumAIJgV+G8lrsVl
GwDevkM7FTjm+hyrvdYWPkwd1i/GI2hdxx8APsDHLlMCoSU3/2zqpd0mnbbl7mVr
srch9AdJQiSIVN4rCSE8r5j3r7ceGgXfGzLyjPQYisAbC1nqoCemkoUnPSAR9zcd
sa0P26uwuLfGbw==
-----END CERTIFICATE-----