Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          ZFvbG9LXavxTa5QgwpkwjBfLyXk6cKTn9tlcVfEiBp4=
Subject key identifier:   88:68:C4:9E:8B:F7:DF:3B:BB:EC:33:00:3A:96:42:8A:6A:7A:7C:FD
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       0197B9A1B1A23099EDD24E6DB79B67FF5CC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          02E0
Signing time:             Sun 29 Jun 2025 03:01:11 +0000
Manifest this update:     Sun 29 Jun 2025 03:01:11 +0000
Manifest next update:     Mon 30 Jun 2025 03:01:11 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: Z68TghHeigwTJrCUA2IpS+mqbZUpOQVjTFTBG99gIVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:a1:b1:a2:30:99:ed:d2:4e:6d:b7:9b:67:ff:5c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Jun 29 03:01:11 2025 GMT
            Not After : Jun 30 03:01:11 2025 GMT
        Subject: CN=8868c49e8bf7df3bbbec33003a96428a6a7a7cfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:68:4b:61:78:af:69:ef:0a:3d:7d:b0:33:7b:
                    e5:71:a5:e8:31:57:65:17:42:69:14:cc:c0:2a:39:
                    14:a7:2b:ff:9e:58:00:4d:ae:86:d6:f6:39:0d:4c:
                    e9:d3:a9:73:ec:ee:43:81:79:f3:06:78:77:69:0d:
                    6a:77:01:9e:10:73:17:45:df:ec:3c:bc:a5:4e:ab:
                    21:aa:ef:84:ec:d3:eb:ef:76:8a:50:a6:48:2f:2d:
                    34:43:e3:e6:98:41:17:d6:48:3b:4f:72:fb:38:a8:
                    83:aa:d3:19:f2:a4:6d:d2:7a:a0:79:42:db:f7:37:
                    5a:b7:c7:07:58:4a:56:47:01:0f:82:c8:df:39:74:
                    88:bb:6d:63:ee:05:e6:32:b4:49:67:3b:17:ab:3b:
                    a0:a1:5c:a8:3c:e3:92:05:79:56:aa:c5:9b:27:cb:
                    35:dc:55:8d:85:d2:65:5a:1a:da:6c:49:2f:f1:80:
                    ee:39:86:7b:4d:f3:64:53:05:0c:34:81:1a:3a:54:
                    2a:91:e3:6d:3f:d8:7c:8a:19:43:20:db:a9:e4:68:
                    fb:c5:ac:00:06:b9:2c:8c:f5:f3:7b:bf:d6:44:98:
                    37:25:6a:e8:f6:1d:34:17:d0:f5:a1:c6:1c:13:d8:
                    de:67:23:ba:36:52:ec:7c:5e:52:d4:47:9a:51:68:
                    f7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:68:C4:9E:8B:F7:DF:3B:BB:EC:33:00:3A:96:42:8A:6A:7A:7C:FD
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:06:a4:af:ee:62:8f:57:7b:86:85:6c:aa:12:67:a6:25:b7:
         cb:b0:08:2d:11:3f:aa:29:72:72:4a:87:08:5c:d4:a4:c4:28:
         ba:15:eb:55:d7:c3:df:3f:ab:fb:c6:58:77:92:d3:1d:2c:6b:
         76:1b:45:a0:eb:97:b7:78:8f:03:fb:cd:5b:27:3a:d1:f7:4d:
         a0:6e:d6:cd:0a:66:65:10:50:e1:22:0f:8a:50:f5:af:b5:13:
         8c:52:67:f2:81:62:4c:71:85:f4:46:c0:6e:72:7e:d0:73:5a:
         be:04:a5:01:ac:8c:be:eb:8f:7f:e5:fb:d4:e5:c0:5a:f7:12:
         fa:b3:ec:1b:7f:75:71:7d:5b:4c:e5:51:42:86:dc:d2:56:ff:
         4d:f9:7b:4f:73:9f:90:84:39:9c:14:ab:84:32:63:23:e6:a3:
         22:b3:09:0c:f4:78:e3:fd:1c:54:f1:d3:37:ce:d5:ec:7e:a9:
         25:f4:13:ed:79:ce:d9:4f:e2:4f:17:aa:50:e8:de:d3:b3:8e:
         2c:ef:91:93:5e:0f:1f:e9:f8:b1:6b:c5:53:e0:14:80:7b:e0:
         e0:23:c1:97:67:be:e3:bb:56:c3:06:8e:cb:81:bc:40:b8:10:
         10:ac:47:ec:21:6b:51:05:ff:2a:0d:c6:20:ee:16:2b:41:1d:
         ab:57:f7:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5obGiMJnt0k5tt5tn/1zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUwNjI5MDMwMTExWhcNMjUwNjMwMDMwMTExWjAzMTEwLwYDVQQD
Eyg4ODY4YzQ5ZThiZjdkZjNiYmJlYzMzMDAzYTk2NDI4YTZhN2E3Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WhLYXivae8KPX2wM3vlcaXoMVdl
F0JpFMzAKjkUpyv/nlgATa6G1vY5DUzp06lz7O5DgXnzBnh3aQ1qdwGeEHMXRd/s
PLylTqshqu+E7NPr73aKUKZILy00Q+PmmEEX1kg7T3L7OKiDqtMZ8qRt0nqgeULb
9zdat8cHWEpWRwEPgsjfOXSIu21j7gXmMrRJZzsXqzugoVyoPOOSBXlWqsWbJ8s1
3FWNhdJlWhrabEkv8YDuOYZ7TfNkUwUMNIEaOlQqkeNtP9h8ihlDINup5Gj7xawA
BrksjPXze7/WRJg3JWro9h00F9D1ocYcE9jeZyO6NlLsfF5S1EeaUWj3iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhoxJ6L9987u+wzADqWQopqenz9MB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwakr+5i
j1d7hoVsqhJnpiW3y7AILRE/qilyckqHCFzUpMQouhXrVdfD3z+r+8ZYd5LTHSxr
dhtFoOuXt3iPA/vNWyc60fdNoG7WzQpmZRBQ4SIPilD1r7UTjFJn8oFiTHGF9EbA
bnJ+0HNavgSlAayMvuuPf+X71OXAWvcS+rPsG391cX1bTOVRQobc0lb/Tfl7T3Of
kIQ5nBSrhDJjI+ajIrMJDPR44/0cVPHTN87V7H6pJfQT7XnO2U/iTxeqUOje07OO
LO+Rk14PH+n4sWvFU+AUgHvg4CPBl2e+47tWwwaOy4G8QLgQEKxH7CFrUQX/Kg3G
IO4WK0Edq1f3fg==
-----END CERTIFICATE-----