Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
File:                     PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json)
Hash identifier:          vSwSgRe/Msji+yozPLnlXaF2MuvNFWRo4UFHa7Na+QU=
Subject key identifier:   40:9E:88:B3:0C:E3:D3:32:FF:FE:7D:BD:B3:89:73:DD:18:C6:94:6C
Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
Certificate issuer:       /CN=3c41ea44178a702c507000023d14a9f9c47260e6
Certificate serial:       01988166DA25B500D2C666D942F7A2A5ED27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
Manifest number:          1022
Signing time:             Wed 06 Aug 2025 22:00:57 +0000
Manifest this update:     Wed 06 Aug 2025 22:00:57 +0000
Manifest next update:     Thu 07 Aug 2025 22:00:57 +0000
Files and hashes:         1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: KVZbl6EqGYjftz6Xxdr5UFTaCCLoJ+vY3jsmBCW1jTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:66:da:25:b5:00:d2:c6:66:d9:42:f7:a2:a5:ed:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6
        Validity
            Not Before: Aug  6 22:00:57 2025 GMT
            Not After : Aug  7 22:00:57 2025 GMT
        Subject: CN=409e88b30ce3d332fffe7dbdb38973dd18c6946c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ae:9a:98:f2:84:9a:a9:90:ad:44:c9:ff:06:
                    1a:2c:69:94:09:82:a5:fa:c8:66:51:2d:df:32:d4:
                    ef:53:55:a1:87:ae:12:52:9b:57:c7:80:da:9f:99:
                    72:4e:f8:73:f8:f3:5c:99:10:37:ea:30:b2:42:cb:
                    2c:ef:19:3f:71:34:a2:31:c5:18:e8:78:0b:9a:ad:
                    d1:b1:e1:a2:78:02:19:bf:15:09:f8:38:e9:b9:51:
                    a9:0b:77:3f:e4:12:66:cd:ad:9e:3a:cf:e1:bf:4c:
                    85:17:6a:c5:bb:1a:fe:4a:52:5a:c6:26:f0:9c:65:
                    e8:a7:6d:61:90:d0:24:d5:e3:b1:26:61:a0:a3:5f:
                    55:93:80:0d:84:6b:1c:ab:66:08:19:7e:2d:ff:d9:
                    08:12:58:23:f3:13:fe:14:27:9e:53:ac:77:1e:bb:
                    ff:61:d3:d5:6b:c4:af:fd:91:5a:17:3d:43:0a:ef:
                    d9:20:90:03:c8:1b:8f:91:db:ea:8d:a6:70:0b:9f:
                    fc:a9:9f:6e:bc:b7:23:f6:33:b7:ef:d9:0e:fa:aa:
                    1e:b3:b7:05:ba:a2:4f:a9:4c:2e:b7:3f:0a:63:5c:
                    89:9c:b3:10:ee:d3:f1:63:2e:9e:03:6a:d5:5a:e4:
                    67:24:9f:37:40:c1:30:5c:b8:60:f1:05:86:ae:ed:
                    41:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:9E:88:B3:0C:E3:D3:32:FF:FE:7D:BD:B3:89:73:DD:18:C6:94:6C
            X509v3 Authority Key Identifier:
                keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:9f:ba:5d:6b:cb:a5:cb:8e:01:a0:58:a7:d4:bf:0c:a2:e0:
         46:81:3b:63:af:63:50:b8:47:5b:2b:fb:4c:79:46:c1:02:15:
         06:d2:95:d5:2a:bc:55:92:a4:5c:39:6a:a4:0e:bb:af:a0:03:
         52:ea:ad:00:20:c7:86:0c:36:3f:d5:41:50:85:69:d8:8b:c8:
         cc:ea:dd:98:b7:f5:dd:f3:87:1b:6d:db:55:8b:78:0a:97:5b:
         63:05:d8:a0:9b:d2:5b:2c:f7:85:52:2b:b9:a7:ba:b5:2e:a0:
         8c:ee:23:bc:75:f0:c5:7f:ba:9c:e0:40:0a:1e:55:f2:c0:af:
         f2:89:8c:38:71:f6:f9:9b:e3:e6:26:99:6f:72:65:f5:2d:cd:
         2c:da:5f:85:9b:78:a9:e6:4a:54:4d:00:90:54:7e:7f:9f:ba:
         ad:45:90:63:a6:4a:9b:b8:da:23:4f:4e:8a:33:00:9d:9b:39:
         3a:36:d5:47:77:73:62:18:5c:42:e5:00:40:9d:48:f5:4a:e3:
         08:ca:99:a5:58:1e:c3:84:30:35:d3:4e:3c:6e:2c:2f:35:56:
         fb:ec:ea:8f:30:b4:39:11:6a:5e:84:2b:3f:c4:28:d5:79:79:
         3c:5b:5f:f7:ab:67:40:70:dc:fd:19:38:35:67:c2:b6:b1:b0:
         63:66:5a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZtoltQDSxmbZQveipe0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3
MjYwZTYwHhcNMjUwODA2MjIwMDU3WhcNMjUwODA3MjIwMDU3WjAzMTEwLwYDVQQD
Eyg0MDllODhiMzBjZTNkMzMyZmZmZTdkYmRiMzg5NzNkZDE4YzY5NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa6amPKEmqmQrUTJ/wYaLGmUCYKl
+shmUS3fMtTvU1Whh64SUptXx4Dan5lyTvhz+PNcmRA36jCyQsss7xk/cTSiMcUY
6HgLmq3RseGieAIZvxUJ+DjpuVGpC3c/5BJmza2eOs/hv0yFF2rFuxr+SlJaxibw
nGXop21hkNAk1eOxJmGgo19Vk4ANhGscq2YIGX4t/9kIElgj8xP+FCeeU6x3Hrv/
YdPVa8Sv/ZFaFz1DCu/ZIJADyBuPkdvqjaZwC5/8qZ9uvLcj9jO379kO+qoes7cF
uqJPqUwutz8KY1yJnLMQ7tPxYy6eA2rVWuRnJJ83QMEwXLhg8QWGru1BYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECeiLMM49My//59vbOJc90YxpRsMB8GA1UdIwQY
MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt
NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy
LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIJ+6XWvL
pcuOAaBYp9S/DKLgRoE7Y69jULhHWyv7THlGwQIVBtKV1Sq8VZKkXDlqpA67r6AD
UuqtACDHhgw2P9VBUIVp2IvIzOrdmLf13fOHG23bVYt4CpdbYwXYoJvSWyz3hVIr
uae6tS6gjO4jvHXwxX+6nOBACh5V8sCv8omMOHH2+Zvj5iaZb3Jl9S3NLNpfhZt4
qeZKVE0AkFR+f5+6rUWQY6ZKm7jaI09OijMAnZs5OjbVR3dzYhhcQuUAQJ1I9Urj
CMqZpVgew4QwNdNOPG4sLzVW++zqjzC0ORFqXoQrP8Qo1Xl5PFtf96tnQHDc/Rk4
NWfCtrGwY2ZaIw==
-----END CERTIFICATE-----