Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          imnQFSeda2rvwmpgAXdO+KWd+CcEyevyhj9+bG9Pcf0=
Subject key identifier:   FC:8C:EA:53:E5:19:4E:6B:E0:1B:11:B8:81:FC:39:D4:47:DF:DD:23
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       01969E9AA94791790C7160EBCB4CB241B3C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          104F
Signing time:             Mon 05 May 2025 04:00:58 +0000
Manifest this update:     Mon 05 May 2025 04:00:58 +0000
Manifest next update:     Tue 06 May 2025 04:00:58 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: 5UjV4SreWIIOY7EZin4pqNO+x+Y8uHXE2JRhVF7bEvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:a9:47:91:79:0c:71:60:eb:cb:4c:b2:41:b3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: May  5 04:00:58 2025 GMT
            Not After : May  6 04:00:58 2025 GMT
        Subject: CN=fc8cea53e5194e6be01b11b881fc39d447dfdd23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:bc:c9:79:2a:98:3d:6f:e7:5f:f2:54:23:7a:
                    8f:67:b5:74:10:72:e7:8b:ad:27:f7:95:af:7a:4f:
                    4c:46:bf:f5:00:1d:72:5e:2c:64:77:91:54:dd:82:
                    8a:c9:39:8f:06:43:d5:4b:c7:3f:d0:ed:f0:fa:1c:
                    64:ab:34:98:b3:e9:cd:c7:6e:8d:f4:c0:c1:e8:e6:
                    34:53:ed:17:47:eb:33:d2:5f:7f:28:d0:c7:ea:ca:
                    3a:50:6a:d7:1a:02:8d:7f:74:2e:7b:92:c2:97:e2:
                    96:3c:08:ae:53:3c:e9:38:ac:36:74:9a:ff:9c:e4:
                    33:ad:9c:0b:15:61:1f:95:1a:79:d4:e6:e7:9f:c8:
                    d6:59:d9:ff:1f:0f:52:24:06:e2:b7:47:2f:b7:75:
                    22:40:19:b6:bc:bf:52:52:96:9c:ff:45:ca:53:09:
                    1f:33:13:8b:7f:c7:1c:e2:c8:54:14:64:29:81:1f:
                    c4:be:ab:ea:c1:a8:0c:4d:a0:a5:9e:88:52:68:e1:
                    a5:1a:54:81:25:af:1c:05:82:f7:87:24:9a:4e:9e:
                    71:81:ab:3d:5e:32:01:c2:77:82:69:b9:43:e3:78:
                    ae:dc:07:2d:cf:c0:bf:d7:a5:83:8d:c3:20:db:87:
                    3c:07:4e:38:27:7f:ef:38:4e:bf:a7:12:88:72:f6:
                    de:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:8C:EA:53:E5:19:4E:6B:E0:1B:11:B8:81:FC:39:D4:47:DF:DD:23
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:83:fb:52:c1:ea:0e:74:23:c3:c8:80:f7:f8:3f:41:5e:83:
         eb:e7:a2:37:03:ac:0f:83:11:a5:aa:b0:c6:99:c4:8f:00:35:
         42:40:fb:c6:83:65:62:76:95:04:30:3a:c4:80:d8:15:8e:73:
         1c:aa:89:90:84:70:72:48:06:a0:54:45:48:e6:c3:25:41:1e:
         03:2d:20:67:9e:6d:f3:7f:51:0e:03:d9:cc:57:eb:12:ab:c9:
         6b:50:5d:e1:dc:82:00:94:ad:9e:9b:31:2d:7d:2f:51:0f:cf:
         5f:42:a7:53:21:de:41:86:8f:dd:cb:c0:05:c9:1d:4f:75:06:
         02:35:2f:dd:e1:18:44:57:e1:9f:db:99:52:c0:35:b4:e0:0d:
         89:4d:7a:b5:24:93:31:46:bd:4f:92:11:22:c7:ce:6a:f5:a2:
         1d:da:dd:85:f8:41:b4:ea:bf:a2:74:01:f8:b6:9f:54:66:13:
         92:7a:23:77:ff:30:c3:9a:f1:a6:c1:2b:c1:94:aa:5f:46:61:
         29:0f:9a:43:a0:75:38:5a:40:ba:25:80:d6:c2:da:45:80:ac:
         b9:2d:57:09:d6:a6:04:bf:6b:b8:e2:c5:f5:66:1d:6d:76:cb:
         6d:ec:a5:0d:2a:b3:f3:92:c2:89:f8:ee:bf:7d:c8:f9:a7:29:
         18:13:e8:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemqlHkXkMcWDry0yyQbPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjUwNTA1MDQwMDU4WhcNMjUwNTA2MDQwMDU4WjAzMTEwLwYDVQQD
EyhmYzhjZWE1M2U1MTk0ZTZiZTAxYjExYjg4MWZjMzlkNDQ3ZGZkZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17zJeSqYPW/nX/JUI3qPZ7V0EHLn
i60n95Wvek9MRr/1AB1yXixkd5FU3YKKyTmPBkPVS8c/0O3w+hxkqzSYs+nNx26N
9MDB6OY0U+0XR+sz0l9/KNDH6so6UGrXGgKNf3Que5LCl+KWPAiuUzzpOKw2dJr/
nOQzrZwLFWEflRp51Obnn8jWWdn/Hw9SJAbit0cvt3UiQBm2vL9SUpac/0XKUwkf
MxOLf8cc4shUFGQpgR/EvqvqwagMTaClnohSaOGlGlSBJa8cBYL3hySaTp5xgas9
XjIBwneCablD43iu3Actz8C/16WDjcMg24c8B044J3/vOE6/pxKIcvbe1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyM6lPlGU5r4BsRuIH8OdRH390jMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdoP7UsHq
DnQjw8iA9/g/QV6D6+eiNwOsD4MRpaqwxpnEjwA1QkD7xoNlYnaVBDA6xIDYFY5z
HKqJkIRwckgGoFRFSObDJUEeAy0gZ55t839RDgPZzFfrEqvJa1Bd4dyCAJStnpsx
LX0vUQ/PX0KnUyHeQYaP3cvABckdT3UGAjUv3eEYRFfhn9uZUsA1tOANiU16tSST
MUa9T5IRIsfOavWiHdrdhfhBtOq/onQB+LafVGYTknojd/8ww5rxpsErwZSqX0Zh
KQ+aQ6B1OFpAuiWA1sLaRYCsuS1XCdamBL9ruOLF9WYdbXbLbeylDSqz85LCifju
v33I+acpGBPojQ==
-----END CERTIFICATE-----