Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          1izg1u7is6w0KG38oHRUuUPcNbrzUsxsVlDSk+r+MBY=
Subject key identifier:   81:9A:24:B5:EC:E5:2C:C8:E0:4D:89:7F:98:9E:0D:35:13:6B:82:06
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       01976FD0E0CDC88D8B1B62383963EDE9BADB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          1013
Signing time:             Sat 14 Jun 2025 19:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:49 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: +yNn5dm+eQOkICDPhgA8DLIwL7lPm6cc5e2FmJGHE1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:e0:cd:c8:8d:8b:1b:62:38:39:63:ed:e9:ba:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Jun 14 19:00:49 2025 GMT
            Not After : Jun 15 19:00:49 2025 GMT
        Subject: CN=819a24b5ece52cc8e04d897f989e0d35136b8206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6b:a8:62:85:d6:e5:4f:f2:68:d4:fd:b5:1f:
                    5c:d5:bd:51:30:f2:1a:98:ca:52:4a:c8:f4:00:b2:
                    b7:fe:b9:28:65:6b:4f:c7:31:1f:a1:bc:c5:f0:9e:
                    f5:35:1c:11:de:1b:0b:d1:3f:83:97:0f:9f:5f:c5:
                    02:08:c0:74:f5:2d:19:90:45:eb:3e:e5:b6:69:75:
                    a7:5f:9e:ed:0f:41:d1:ad:df:96:27:27:b9:84:5d:
                    19:53:17:d2:f0:96:c7:ba:15:2a:e6:6e:9b:00:9e:
                    7d:8f:51:1a:c5:57:e3:a2:26:0c:2b:6c:0f:47:b7:
                    66:31:bc:5b:b5:90:bb:70:1c:7d:c1:b6:c6:c6:e6:
                    e3:ce:60:af:c6:e3:3f:d5:ae:83:a0:95:5e:c5:53:
                    73:ec:4f:1d:be:18:29:0e:37:a0:52:95:f4:fb:d7:
                    1c:43:78:39:eb:35:f0:91:f4:1f:4c:6f:dc:63:db:
                    56:b2:da:a4:a7:8c:89:e0:3d:dc:c7:c2:4c:c8:b2:
                    65:aa:fb:c5:58:4d:2d:15:f7:cd:a9:93:2e:3d:a6:
                    da:ab:78:db:a0:c2:be:f7:1e:b7:82:68:13:31:c9:
                    c5:ab:b8:a0:85:77:0f:a9:2b:5d:b9:14:81:9c:3f:
                    c4:30:7f:3f:f3:3f:9c:f2:a2:82:7a:d4:8c:23:15:
                    02:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:9A:24:B5:EC:E5:2C:C8:E0:4D:89:7F:98:9E:0D:35:13:6B:82:06
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:87:2b:4f:cf:4f:69:12:c5:c3:84:67:ce:83:6d:18:8a:27:
         3f:e2:22:9c:2a:ba:df:31:7d:cb:e4:18:e6:4b:f6:cc:b4:44:
         d7:84:9f:4d:f6:ef:1a:1a:57:4f:cd:d4:71:3b:f5:6d:9f:80:
         10:5b:51:b6:b4:28:84:7c:ea:50:41:a9:12:15:3b:8e:68:fc:
         b7:ad:be:6c:f8:72:09:37:8b:5b:e6:c0:e6:7e:03:95:76:4e:
         98:21:7f:74:98:2a:a7:b1:15:45:ed:4a:0b:c7:68:8f:cb:77:
         fd:fc:25:84:f6:e7:4c:3d:76:13:89:f9:7c:b3:7d:ee:b8:84:
         16:82:21:91:f7:db:c4:e3:1f:bb:70:19:f8:80:60:42:8a:e4:
         8a:ae:78:20:89:59:0d:29:42:fc:41:58:49:33:cb:42:23:5b:
         c0:cf:7b:0f:59:b0:6f:7a:59:9d:66:80:6a:70:8a:30:34:ff:
         ba:3c:69:cd:3e:72:64:2a:9f:4f:8b:57:bf:50:ba:24:98:3a:
         8a:14:85:40:e4:09:c8:64:3e:14:5f:a1:61:e9:35:06:3b:38:
         7e:77:29:4b:f6:ba:3e:1d:b7:89:97:16:70:c4:db:2c:93:13:
         8b:87:07:36:de:b1:5a:0b:c0:91:fe:ab:3c:7d:46:cc:c8:7d:
         df:c0:f3:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0ODNyI2LG2I4OWPt6brbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwNjE0MTkwMDQ5WhcNMjUwNjE1MTkwMDQ5WjAzMTEwLwYDVQQD
Eyg4MTlhMjRiNWVjZTUyY2M4ZTA0ZDg5N2Y5ODllMGQzNTEzNmI4MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12uoYoXW5U/yaNT9tR9c1b1RMPIa
mMpSSsj0ALK3/rkoZWtPxzEfobzF8J71NRwR3hsL0T+Dlw+fX8UCCMB09S0ZkEXr
PuW2aXWnX57tD0HRrd+WJye5hF0ZUxfS8JbHuhUq5m6bAJ59j1EaxVfjoiYMK2wP
R7dmMbxbtZC7cBx9wbbGxubjzmCvxuM/1a6DoJVexVNz7E8dvhgpDjegUpX0+9cc
Q3g56zXwkfQfTG/cY9tWstqkp4yJ4D3cx8JMyLJlqvvFWE0tFffNqZMuPabaq3jb
oMK+9x63gmgTMcnFq7ighXcPqStduRSBnD/EMH8/8z+c8qKCetSMIxUCqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGaJLXs5SzI4E2Jf5ieDTUTa4IGMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIcrT89P
aRLFw4RnzoNtGIonP+IinCq63zF9y+QY5kv2zLRE14SfTfbvGhpXT83UcTv1bZ+A
EFtRtrQohHzqUEGpEhU7jmj8t62+bPhyCTeLW+bA5n4DlXZOmCF/dJgqp7EVRe1K
C8doj8t3/fwlhPbnTD12E4n5fLN97riEFoIhkffbxOMfu3AZ+IBgQorkiq54IIlZ
DSlC/EFYSTPLQiNbwM97D1mwb3pZnWaAanCKMDT/ujxpzT5yZCqfT4tXv1C6JJg6
ihSFQOQJyGQ+FF+hYek1Bjs4fncpS/a6Ph23iZcWcMTbLJMTi4cHNt6xWgvAkf6r
PH1GzMh938DzkQ==
-----END CERTIFICATE-----