Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          6a8WPq+DxCb3EbUZfG9FJTMfftp/3fqVadq4Yzpr9gU=
Subject key identifier:   60:F2:8B:5C:6F:E7:10:4A:3D:BF:14:73:C7:C8:21:72:01:BB:E2:22
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       0197B7456B0DB0C5309611EAAA6B1DA6A1BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          0282
Signing time:             Sat 28 Jun 2025 16:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:09 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: CBiMqB0UYs+xz6OwsVck8YOETaf1eogB+Y7/cBBBK+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:6b:0d:b0:c5:30:96:11:ea:aa:6b:1d:a6:a1:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Jun 28 16:01:09 2025 GMT
            Not After : Jun 29 16:01:09 2025 GMT
        Subject: CN=60f28b5c6fe7104a3dbf1473c7c8217201bbe222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b3:d5:e1:1a:cb:83:39:d4:c9:e9:48:fe:51:
                    61:5f:ca:75:fa:5d:d3:96:a1:15:52:d4:7d:f3:6b:
                    b4:65:72:e9:4b:a7:20:1b:59:f9:91:f3:c2:f6:92:
                    8c:e9:f7:7b:e6:76:aa:da:bb:5b:3c:f7:1b:14:90:
                    8f:97:71:82:bd:f3:13:83:fd:61:26:76:b5:7d:ba:
                    32:72:fa:f8:ed:37:fd:f8:e4:f7:aa:26:6b:a3:95:
                    da:9e:37:7e:e1:18:85:07:c2:dc:82:e4:3c:4b:c2:
                    3b:06:77:bc:d0:d9:10:3d:cd:f1:ee:da:23:a6:84:
                    c2:d8:e9:85:5e:ea:e3:7e:5f:4c:4f:ee:99:64:dd:
                    f1:c0:13:e9:01:40:48:b0:cc:7f:4f:8d:30:6d:0c:
                    b5:cc:13:0c:f9:1c:d9:e9:0e:ee:eb:9e:88:d9:e2:
                    5b:36:57:01:3a:60:c3:6e:08:7e:19:4c:1c:7b:64:
                    66:17:08:f5:86:1f:a9:8e:37:e0:42:29:b9:49:b5:
                    64:e5:85:27:12:e0:09:73:26:f9:2d:d5:37:d2:38:
                    12:67:83:48:a0:81:bd:96:46:ce:45:47:95:99:95:
                    28:57:6e:40:c3:16:71:ca:c5:55:be:73:71:f8:36:
                    73:f6:2e:5a:e0:1a:b9:c3:a0:c6:50:13:5b:bb:0a:
                    a4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:F2:8B:5C:6F:E7:10:4A:3D:BF:14:73:C7:C8:21:72:01:BB:E2:22
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:1b:66:dd:d6:12:29:8e:c2:b8:f0:cf:35:0c:ad:a9:e6:6c:
         fd:75:55:3e:2a:21:06:fd:62:1b:fc:05:3b:67:c4:0c:c1:10:
         de:fc:cb:d4:a3:b1:d4:17:f3:d0:45:9f:d2:b4:0e:b0:92:75:
         be:0d:65:84:8c:f9:f4:4d:c0:3f:28:d2:5a:94:d8:3c:63:a9:
         53:07:5e:f2:80:88:a0:28:75:59:f8:18:2b:40:19:5b:65:32:
         12:7b:b5:f0:64:c5:bd:40:f0:10:b0:9f:48:ad:9e:d0:21:f6:
         d8:73:0c:2b:29:85:c6:98:63:bd:ac:43:c8:45:f8:4f:26:cf:
         d4:2c:47:bf:4b:c0:c5:31:1d:75:6c:7d:ce:ac:e1:22:a0:9a:
         44:25:89:3d:7c:e9:61:3e:c9:32:a0:f7:ba:96:78:76:79:a5:
         34:06:b7:bf:a0:11:b0:ce:8e:5d:59:05:4a:71:87:5f:6f:1c:
         79:83:75:0c:90:9e:75:c3:a4:a4:e8:34:1f:ed:34:c9:2f:8b:
         7b:7b:4a:ef:fd:a4:07:9d:fa:90:22:cd:fd:ec:f6:ae:31:be:
         fe:b3:fa:bf:3a:42:c5:1a:4a:8c:d6:a0:b8:8e:a4:c5:45:6d:
         7d:a7:96:a5:d9:3f:56:1b:0b:2b:c4:b0:f2:11:bb:18:f4:b2:
         e6:80:ab:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RWsNsMUwlhHqqmsdpqG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwNjI4MTYwMTA5WhcNMjUwNjI5MTYwMTA5WjAzMTEwLwYDVQQD
Eyg2MGYyOGI1YzZmZTcxMDRhM2RiZjE0NzNjN2M4MjE3MjAxYmJlMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7PV4RrLgznUyelI/lFhX8p1+l3T
lqEVUtR982u0ZXLpS6cgG1n5kfPC9pKM6fd75naq2rtbPPcbFJCPl3GCvfMTg/1h
Jna1fboycvr47Tf9+OT3qiZro5Xanjd+4RiFB8LcguQ8S8I7Bne80NkQPc3x7toj
poTC2OmFXurjfl9MT+6ZZN3xwBPpAUBIsMx/T40wbQy1zBMM+RzZ6Q7u656I2eJb
NlcBOmDDbgh+GUwce2RmFwj1hh+pjjfgQim5SbVk5YUnEuAJcyb5LdU30jgSZ4NI
oIG9lkbORUeVmZUoV25AwxZxysVVvnNx+DZz9i5a4Bq5w6DGUBNbuwqkhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDyi1xv5xBKPb8Uc8fIIXIBu+IiMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhtm3dYS
KY7CuPDPNQytqeZs/XVVPiohBv1iG/wFO2fEDMEQ3vzL1KOx1Bfz0EWf0rQOsJJ1
vg1lhIz59E3APyjSWpTYPGOpUwde8oCIoCh1WfgYK0AZW2UyEnu18GTFvUDwELCf
SK2e0CH22HMMKymFxphjvaxDyEX4TybP1CxHv0vAxTEddWx9zqzhIqCaRCWJPXzp
YT7JMqD3upZ4dnmlNAa3v6ARsM6OXVkFSnGHX28ceYN1DJCedcOkpOg0H+00yS+L
e3tK7/2kB536kCLN/ez2rjG+/rP6vzpCxRpKjNaguI6kxUVtfaeWpdk/VhsLK8Sw
8hG7GPSy5oCr3w==
-----END CERTIFICATE-----