Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          coUbogbjjkB8KyqKNO675h09lim7qj7bfJhhzkRLetA=
Subject key identifier:   94:B5:A5:7A:B2:E0:C3:7A:69:2D:C9:A6:C5:7F:12:65:DF:DF:84:41
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       0197B77C9ED287BC8CF88ADCD9B4081F085A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          0227
Signing time:             Sat 28 Jun 2025 17:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:27 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: WFYSTv8jjKSTE72V2kOS49AwqNtnFqSR/Dl5qjCzFAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:9e:d2:87:bc:8c:f8:8a:dc:d9:b4:08:1f:08:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Jun 28 17:01:27 2025 GMT
            Not After : Jun 29 17:01:27 2025 GMT
        Subject: CN=94b5a57ab2e0c37a692dc9a6c57f1265dfdf8441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5f:16:24:88:02:ac:56:ae:22:c0:c5:21:7e:
                    40:fc:ee:03:9f:be:f3:9a:d4:22:2b:bc:0f:38:4c:
                    01:4e:14:c3:e7:d5:22:99:dd:56:81:e9:1e:ba:7d:
                    51:c3:36:9a:dc:74:8f:7e:b5:6e:8d:db:83:53:af:
                    71:84:17:4b:f9:58:16:68:bc:90:99:a3:d5:f3:54:
                    68:64:45:13:cc:87:6c:4e:8e:4e:4c:b3:78:55:cd:
                    88:04:6f:ca:a7:b2:c2:57:5e:87:b4:02:16:3d:5c:
                    e6:2c:00:56:69:0d:1d:3a:77:e4:57:16:fd:2a:73:
                    b4:77:8e:53:8a:e1:cd:dc:6c:1a:6f:03:ce:2d:15:
                    a5:32:4e:a3:a6:9c:54:da:cd:c7:74:5a:29:25:48:
                    2f:29:83:37:08:cd:00:f9:e6:ba:53:59:98:72:da:
                    db:25:d3:8f:ed:5e:81:d6:d8:73:5d:8f:5c:d0:ca:
                    81:94:93:5f:ab:36:48:21:66:e8:56:68:f6:53:d7:
                    0b:b9:c6:d3:9f:da:ab:8c:72:18:bf:e7:47:cd:58:
                    ed:5a:64:1e:17:ba:69:96:e6:1d:9f:1c:a6:a9:e8:
                    84:d0:1d:70:e8:c4:cf:ac:cc:c4:b0:3a:27:c7:50:
                    95:f1:91:40:b8:6f:30:18:3f:3c:80:7e:33:ea:1d:
                    05:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B5:A5:7A:B2:E0:C3:7A:69:2D:C9:A6:C5:7F:12:65:DF:DF:84:41
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:35:45:4e:ed:ad:22:bc:c0:be:54:4d:a4:e8:9c:76:f3:24:
         42:50:89:33:7c:e1:79:af:12:60:00:32:2a:d6:ff:67:25:4c:
         05:ce:36:c8:fd:9f:c2:d6:ef:ef:11:e9:b1:3e:3e:d1:01:37:
         f2:05:6c:e4:4d:ae:d7:60:06:dc:a0:08:52:28:2d:61:b2:4e:
         02:ca:ba:6b:84:7b:8b:39:5d:9f:be:c8:d7:9e:87:49:85:0d:
         e3:6d:b4:f0:64:9a:34:e8:b3:c8:d8:68:7d:6e:7b:ce:4f:9e:
         a2:62:c2:b4:de:7e:aa:82:16:4a:32:81:11:9e:52:3d:50:f1:
         01:e0:19:c5:0d:9a:9a:e2:9f:91:eb:e8:e9:2a:5d:ae:db:a6:
         b8:05:42:0a:4f:1a:b1:79:69:04:4a:9b:19:c1:c1:61:3d:98:
         da:f1:ea:83:46:21:94:2e:1e:f1:55:07:bb:c2:93:8a:58:e7:
         65:c4:97:fe:be:2d:0d:b2:dc:7f:2d:c5:93:02:4c:08:d9:f9:
         6f:8c:52:ed:69:c5:a5:ef:42:70:e1:15:c0:72:a1:b8:9e:17:
         02:34:fd:ba:8d:f3:6e:a0:37:18:3c:e2:f2:2c:ff:13:39:04:
         09:bd:9d:df:a2:7b:0e:19:26:72:ed:03:51:f8:06:2d:cc:a7:
         dd:01:3e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJ7Sh7yM+Irc2bQIHwhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUwNjI4MTcwMTI3WhcNMjUwNjI5MTcwMTI3WjAzMTEwLwYDVQQD
Eyg5NGI1YTU3YWIyZTBjMzdhNjkyZGM5YTZjNTdmMTI2NWRmZGY4NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF8WJIgCrFauIsDFIX5A/O4Dn77z
mtQiK7wPOEwBThTD59Uimd1Wgekeun1Rwzaa3HSPfrVujduDU69xhBdL+VgWaLyQ
maPV81RoZEUTzIdsTo5OTLN4Vc2IBG/Kp7LCV16HtAIWPVzmLABWaQ0dOnfkVxb9
KnO0d45TiuHN3GwabwPOLRWlMk6jppxU2s3HdFopJUgvKYM3CM0A+ea6U1mYctrb
JdOP7V6B1thzXY9c0MqBlJNfqzZIIWboVmj2U9cLucbTn9qrjHIYv+dHzVjtWmQe
F7ppluYdnxymqeiE0B1w6MTPrMzEsDonx1CV8ZFAuG8wGD88gH4z6h0F+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJS1pXqy4MN6aS3JpsV/EmXf34RBMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjVFTu2t
IrzAvlRNpOicdvMkQlCJM3zhea8SYAAyKtb/ZyVMBc42yP2fwtbv7xHpsT4+0QE3
8gVs5E2u12AG3KAIUigtYbJOAsq6a4R7izldn77I156HSYUN42208GSaNOizyNho
fW57zk+eomLCtN5+qoIWSjKBEZ5SPVDxAeAZxQ2amuKfkevo6SpdrtumuAVCCk8a
sXlpBEqbGcHBYT2Y2vHqg0YhlC4e8VUHu8KTiljnZcSX/r4tDbLcfy3FkwJMCNn5
b4xS7WnFpe9CcOEVwHKhuJ4XAjT9uo3zbqA3GDzi8iz/EzkECb2d36J7Dhkmcu0D
UfgGLcyn3QE+yw==
-----END CERTIFICATE-----