Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          FLaaaIoAezLa8wXB1IDsVXDtSpgk0F1pspM94Dg43Vk=
Subject key identifier:   24:08:78:4C:2D:21:17:98:B9:FD:8C:12:C0:A5:40:D8:FA:9B:1F:A7
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       01988167B84027742BE99C6CD28AA77F1E89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          03A2
Signing time:             Wed 06 Aug 2025 22:01:54 +0000
Manifest this update:     Wed 06 Aug 2025 22:01:54 +0000
Manifest next update:     Thu 07 Aug 2025 22:01:54 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: rJtju2mPMMFA+YQ/+76VwOwIdO7ak+UslglowwN2Gb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:b8:40:27:74:2b:e9:9c:6c:d2:8a:a7:7f:1e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Aug  6 22:01:54 2025 GMT
            Not After : Aug  7 22:01:54 2025 GMT
        Subject: CN=2408784c2d211798b9fd8c12c0a540d8fa9b1fa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:20:55:58:f8:94:cf:c9:be:d7:35:dd:be:9b:
                    a0:f6:84:c9:69:0c:71:ef:08:c8:f9:e3:c2:f1:c4:
                    fb:17:68:9b:fb:ea:73:4a:4b:5e:55:7d:ee:96:ae:
                    3d:21:70:bb:b5:17:1c:9d:31:f3:9b:5c:08:e3:ac:
                    ff:64:f2:5d:fa:b9:ec:ed:a7:17:6d:b9:ca:41:0d:
                    b5:17:51:9e:22:bf:4b:b4:39:ba:e3:d1:e4:17:7e:
                    aa:e6:f0:d4:8c:77:be:25:58:ce:64:8b:68:16:7b:
                    45:99:e7:54:ec:51:0a:50:6e:09:d4:68:23:27:a6:
                    78:df:72:b7:a4:4d:31:f8:65:70:49:02:42:ed:bd:
                    bf:3b:7e:ea:b8:b6:bc:ab:e8:9f:3e:21:8f:41:30:
                    c6:c3:ad:7f:be:69:98:da:d1:74:30:25:cb:b6:09:
                    ab:8a:a5:ca:6c:4f:be:20:af:9d:c0:c6:55:15:cf:
                    07:9b:4e:f6:6c:dd:9d:e3:89:2d:3a:d6:05:4f:8d:
                    a1:a4:f3:b8:54:ef:b9:15:8d:1a:92:92:7b:e5:2e:
                    13:d9:b6:e4:27:74:6e:1d:9b:0a:72:ac:c6:76:c7:
                    21:3f:80:61:21:eb:2f:13:fa:d8:a6:b8:ed:4a:87:
                    0f:51:63:19:54:84:ed:cb:31:15:55:40:61:0d:c7:
                    4c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:08:78:4C:2D:21:17:98:B9:FD:8C:12:C0:A5:40:D8:FA:9B:1F:A7
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:24:59:e9:63:e1:02:06:db:7b:de:92:3c:73:67:50:20:8b:
         3b:a7:ed:7d:eb:91:55:5b:f7:71:fc:68:89:91:b0:4f:d2:67:
         4e:39:7f:fd:1f:b7:1a:b0:49:ac:d1:db:48:13:87:b2:9e:0a:
         53:25:49:23:7f:a1:11:b8:d7:d5:40:04:7a:ed:2d:5c:63:20:
         ba:93:4e:b2:07:18:b6:43:8c:1a:58:01:c3:06:5a:da:5f:4b:
         8e:b1:b4:b5:f7:5f:24:ab:43:18:c0:bc:74:34:30:fd:d1:08:
         70:c7:0b:fe:b2:73:82:22:f3:45:9b:54:3c:48:d9:ea:2e:ac:
         4e:81:e1:36:4a:4e:e9:68:7d:ab:7c:0e:4f:6a:d2:92:4f:07:
         97:90:1e:bf:da:82:ea:b2:c2:12:7b:0d:ba:69:b1:b3:c4:c8:
         5a:bc:41:2e:99:32:b3:56:54:8e:e8:97:da:8f:d3:b3:59:4e:
         08:87:5b:85:5e:55:c9:e8:cc:7a:e7:d2:09:05:5e:5b:db:fd:
         c1:6a:2a:90:1f:5d:37:4b:d4:6b:d6:fc:a6:e7:74:18:b3:d2:
         92:65:45:99:13:d7:e4:a5:f4:7b:66:4c:fa:4d:9f:32:32:b2:
         b9:9f:a5:8c:78:cc:5e:a8:cc:08:f8:73:8d:90:a3:04:9c:28:
         0d:c7:15:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ7hAJ3Qr6Zxs0oqnfx6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUwODA2MjIwMTU0WhcNMjUwODA3MjIwMTU0WjAzMTEwLwYDVQQD
EygyNDA4Nzg0YzJkMjExNzk4YjlmZDhjMTJjMGE1NDBkOGZhOWIxZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CBVWPiUz8m+1zXdvpug9oTJaQxx
7wjI+ePC8cT7F2ib++pzSkteVX3ulq49IXC7tRccnTHzm1wI46z/ZPJd+rns7acX
bbnKQQ21F1GeIr9LtDm649HkF36q5vDUjHe+JVjOZItoFntFmedU7FEKUG4J1Ggj
J6Z433K3pE0x+GVwSQJC7b2/O37quLa8q+ifPiGPQTDGw61/vmmY2tF0MCXLtgmr
iqXKbE++IK+dwMZVFc8Hm072bN2d44ktOtYFT42hpPO4VO+5FY0akpJ75S4T2bbk
J3RuHZsKcqzGdschP4BhIesvE/rYprjtSocPUWMZVITtyzEVVUBhDcdM7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQIeEwtIReYuf2MEsClQNj6mx+nMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuyRZ6WPh
Agbbe96SPHNnUCCLO6ftfeuRVVv3cfxoiZGwT9JnTjl//R+3GrBJrNHbSBOHsp4K
UyVJI3+hEbjX1UAEeu0tXGMgupNOsgcYtkOMGlgBwwZa2l9LjrG0tfdfJKtDGMC8
dDQw/dEIcMcL/rJzgiLzRZtUPEjZ6i6sToHhNkpO6Wh9q3wOT2rSkk8Hl5Aev9qC
6rLCEnsNummxs8TIWrxBLpkys1ZUjuiX2o/Ts1lOCIdbhV5VyejMeufSCQVeW9v9
wWoqkB9dN0vUa9b8pud0GLPSkmVFmRPX5KX0e2ZM+k2fMjKyuZ+ljHjMXqjMCPhz
jZCjBJwoDccVdg==
-----END CERTIFICATE-----