Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          U4RmSIqMIe/v7qiz9vDaxFVYLwLL3mOXQbta7ENUxcU=
Subject key identifier:   1A:2F:8E:83:75:B3:65:3C:20:7C:A7:5C:90:3F:8A:8A:3D:57:2C:BA
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       0198D705E68852CA6FB118937C1950200A67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          0317
Signing time:             Sat 23 Aug 2025 13:02:24 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:24 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:24 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: vkoOO6muTVVan9ETG2YzGS2EuZ+zAPPoesBWE9KgRfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:e6:88:52:ca:6f:b1:18:93:7c:19:50:20:0a:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Aug 23 13:02:24 2025 GMT
            Not After : Aug 24 13:02:24 2025 GMT
        Subject: CN=1a2f8e8375b3653c207ca75c903f8a8a3d572cba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:03:4b:eb:29:3b:f3:4b:98:b6:09:ec:e3:bd:
                    30:7a:fa:76:b6:2c:62:8f:63:cd:c8:73:6c:6b:34:
                    da:52:80:db:3a:e3:99:33:78:0d:ee:5e:af:70:c9:
                    68:bf:44:ab:1b:e7:59:ee:f6:0d:a8:8a:67:4f:e8:
                    97:8f:6d:95:6f:97:94:bb:30:85:43:6e:d3:03:4b:
                    7d:3b:df:68:2a:08:13:ef:e1:65:fd:f6:8f:68:7c:
                    a8:9f:36:08:46:d5:b3:7a:04:be:9f:4d:37:5a:0b:
                    63:10:8f:2e:b2:9b:b7:0c:d2:29:54:6e:d9:76:4d:
                    7f:0e:c8:5c:4e:09:b1:eb:3e:ba:82:d8:94:eb:98:
                    29:df:16:d2:c8:9c:2d:d7:71:be:53:eb:da:6d:53:
                    ea:3c:32:db:73:0d:13:ed:b2:23:61:47:ec:af:61:
                    40:00:c7:95:b3:e8:f4:0d:52:64:11:71:c0:2d:d4:
                    51:e0:74:57:07:03:7f:bd:50:a7:ea:7d:78:8e:73:
                    aa:ed:47:8a:cf:90:09:42:10:47:1a:9a:be:a9:59:
                    33:1b:9c:a3:20:6a:3b:43:f6:6b:fd:41:be:86:68:
                    c7:eb:e5:24:3c:71:ec:e4:98:08:85:b0:eb:fb:a1:
                    49:4b:0b:e4:60:4f:ca:ac:3d:94:ed:f5:40:ef:95:
                    70:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:2F:8E:83:75:B3:65:3C:20:7C:A7:5C:90:3F:8A:8A:3D:57:2C:BA
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:bf:f7:e7:a7:3f:8b:f8:01:1a:44:c1:80:44:af:a7:d9:41:
         a6:46:70:3a:ba:cf:9e:cf:51:06:8e:1e:c1:84:72:f0:0b:a8:
         72:ef:d2:d0:1b:b7:11:54:b2:9a:11:3f:31:08:f6:1e:a3:19:
         75:dd:37:e1:1d:b2:16:26:04:ae:71:f1:67:ae:63:d3:83:9b:
         8e:58:2f:79:42:b9:fb:e0:56:5c:cb:63:0b:29:27:e1:c8:c6:
         fa:2d:55:78:ab:ef:6d:12:b2:7e:33:12:4b:0a:d9:89:bc:25:
         af:39:27:76:cc:7f:2c:34:5c:c5:81:96:33:f2:71:5a:28:15:
         6a:1e:3b:05:8b:06:01:30:9a:00:ab:3c:a2:1b:b2:27:91:b9:
         8e:66:f6:ff:20:c3:05:fa:14:51:93:77:5e:83:10:5f:af:ca:
         46:44:b3:3f:17:a9:64:68:4c:a2:67:e5:fb:61:70:a8:f5:15:
         5d:e9:75:57:db:a1:55:e7:07:89:db:c6:d8:fd:e1:74:06:4a:
         b0:91:f4:1e:fc:fc:0a:83:a6:d6:2a:01:e0:51:00:c8:dd:4a:
         72:a8:30:69:95:23:c3:c4:dc:f4:3e:bc:dc:39:f6:8d:35:36:
         e2:8e:dd:a5:f7:2e:7b:9c:f7:ca:95:7b:cb:4d:61:04:15:a3:
         38:80:1b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBeaIUspvsRiTfBlQIApnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwODIzMTMwMjI0WhcNMjUwODI0MTMwMjI0WjAzMTEwLwYDVQQD
EygxYTJmOGU4Mzc1YjM2NTNjMjA3Y2E3NWM5MDNmOGE4YTNkNTcyY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgNL6yk780uYtgns470wevp2tixi
j2PNyHNsazTaUoDbOuOZM3gN7l6vcMlov0SrG+dZ7vYNqIpnT+iXj22Vb5eUuzCF
Q27TA0t9O99oKggT7+Fl/faPaHyonzYIRtWzegS+n003WgtjEI8uspu3DNIpVG7Z
dk1/DshcTgmx6z66gtiU65gp3xbSyJwt13G+U+vabVPqPDLbcw0T7bIjYUfsr2FA
AMeVs+j0DVJkEXHALdRR4HRXBwN/vVCn6n14jnOq7UeKz5AJQhBHGpq+qVkzG5yj
IGo7Q/Zr/UG+hmjH6+UkPHHs5JgIhbDr+6FJSwvkYE/KrD2U7fVA75VwOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBovjoN1s2U8IHynXJA/ioo9Vyy6MB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV7/356c/
i/gBGkTBgESvp9lBpkZwOrrPns9RBo4ewYRy8Auocu/S0Bu3EVSymhE/MQj2HqMZ
dd034R2yFiYErnHxZ65j04ObjlgveUK5++BWXMtjCykn4cjG+i1VeKvvbRKyfjMS
SwrZibwlrzkndsx/LDRcxYGWM/JxWigVah47BYsGATCaAKs8ohuyJ5G5jmb2/yDD
BfoUUZN3XoMQX6/KRkSzPxepZGhMomfl+2FwqPUVXel1V9uhVecHidvG2P3hdAZK
sJH0Hvz8CoOm1ioB4FEAyN1KcqgwaZUjw8Tc9D683Dn2jTU24o7dpfcue5z3ypV7
y01hBBWjOIAbgA==
-----END CERTIFICATE-----