Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          fwjOWwHdLZPsjp4PL0v1dT8b7r+ZUGmd4/QHc7CkVos=
Subject key identifier:   57:FF:99:84:EA:A2:63:AC:47:E4:82:93:B9:A4:70:5F:BE:5C:2B:26
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0198936D50F655ED3ECE2A72E443DD9DB189
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          10AA
Signing time:             Sun 10 Aug 2025 10:01:11 +0000
Manifest this update:     Sun 10 Aug 2025 10:01:11 +0000
Manifest next update:     Mon 11 Aug 2025 10:01:11 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: SBdp69PcAP9a2383ujj7XTLZOY0ugd3XG693JITsY+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:6d:50:f6:55:ed:3e:ce:2a:72:e4:43:dd:9d:b1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Aug 10 10:01:11 2025 GMT
            Not After : Aug 11 10:01:11 2025 GMT
        Subject: CN=57ff9984eaa263ac47e48293b9a4705fbe5c2b26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cf:68:b3:3f:61:a6:ca:98:ab:05:28:a4:80:
                    52:4f:7a:43:7e:45:9e:5a:a0:bf:2f:95:c7:45:e2:
                    ab:d2:07:54:a1:c4:97:b1:b2:50:53:ae:b5:c2:d8:
                    e7:06:c9:3a:dc:cc:9b:a1:66:69:c9:14:69:e1:6d:
                    88:a0:13:b4:86:8c:65:55:2a:15:6e:4e:70:b9:3e:
                    e6:ff:e7:27:f3:cd:87:70:b6:87:29:96:09:10:3b:
                    0b:9a:58:36:7d:f6:84:6f:c6:d3:c9:58:68:43:77:
                    8d:22:2b:4a:f8:58:25:c8:58:92:9f:06:0f:62:64:
                    1a:50:9b:5c:19:7c:0d:18:7d:4c:09:b7:73:a6:1e:
                    9f:dc:8e:91:ef:a4:b5:4b:32:14:79:7b:c3:54:58:
                    0b:4a:1b:4a:3a:9a:2a:7b:2b:62:0b:26:bf:cb:29:
                    6f:f0:c5:7e:3d:a3:e4:f6:a4:24:f3:02:21:25:5f:
                    60:4d:4d:ce:62:91:b9:1c:d7:84:91:54:8e:29:20:
                    00:b6:9b:60:e6:e4:e4:4a:fc:1c:ac:5a:d2:a3:21:
                    c0:78:c5:f3:73:6a:2d:ac:8c:e0:5d:0b:32:aa:8b:
                    f9:25:7f:40:46:ef:fb:18:8e:34:11:8c:c8:8e:fc:
                    cb:1d:44:41:6a:77:85:df:b6:c5:97:90:3e:7a:77:
                    bd:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:FF:99:84:EA:A2:63:AC:47:E4:82:93:B9:A4:70:5F:BE:5C:2B:26
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:eb:4f:4a:a2:cd:58:a9:cc:d7:ae:36:ac:17:e9:45:fa:94:
         01:f9:e7:5e:be:6e:23:3f:cf:3a:77:5c:fe:fb:1e:23:10:ea:
         b2:90:e0:98:97:65:16:b3:60:a7:94:72:1c:a6:79:d0:1d:f5:
         c1:ef:56:c4:1e:2b:17:01:39:9e:6c:32:5c:da:e0:97:85:b3:
         a1:f0:88:ed:ba:fa:3a:22:58:41:42:e1:6c:26:bb:1c:60:57:
         32:95:69:97:99:85:f6:c6:67:c1:12:86:04:cd:58:f6:f2:02:
         cd:da:52:27:c2:7a:38:0c:a5:6f:66:61:31:72:88:87:d8:28:
         32:b7:fc:3b:a3:a1:19:5e:63:5e:16:fc:30:c7:3e:ec:73:c4:
         8b:2c:f9:4e:16:f7:11:71:34:dd:d8:6a:08:63:49:94:82:8b:
         8b:80:9a:42:e7:50:63:74:7a:d1:83:77:52:51:1a:ea:d8:3c:
         23:d4:d4:5d:9e:c8:3a:00:fa:62:c1:b7:7f:94:57:b9:76:e9:
         69:f9:7b:a9:92:3b:23:1c:33:5e:81:59:e9:6f:12:93:26:b9:
         a9:6f:dd:c7:bb:ae:d1:1a:31:bb:f6:e3:35:30:c5:b5:69:90:
         6b:fb:f4:01:89:d1:bc:d0:7d:a7:a1:d2:b3:7e:0d:01:c5:87:
         36:1e:c6:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTbVD2Ve0+zipy5EPdnbGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwODEwMTAwMTExWhcNMjUwODExMTAwMTExWjAzMTEwLwYDVQQD
Eyg1N2ZmOTk4NGVhYTI2M2FjNDdlNDgyOTNiOWE0NzA1ZmJlNWMyYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs9osz9hpsqYqwUopIBST3pDfkWe
WqC/L5XHReKr0gdUocSXsbJQU661wtjnBsk63MyboWZpyRRp4W2IoBO0hoxlVSoV
bk5wuT7m/+cn882HcLaHKZYJEDsLmlg2ffaEb8bTyVhoQ3eNIitK+FglyFiSnwYP
YmQaUJtcGXwNGH1MCbdzph6f3I6R76S1SzIUeXvDVFgLShtKOpoqeytiCya/yylv
8MV+PaPk9qQk8wIhJV9gTU3OYpG5HNeEkVSOKSAAtptg5uTkSvwcrFrSoyHAeMXz
c2otrIzgXQsyqov5JX9ARu/7GI40EYzIjvzLHURBaneF37bFl5A+ene9eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFf/mYTqomOsR+SCk7mkcF++XCsmMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgutPSqLN
WKnM1642rBfpRfqUAfnnXr5uIz/POndc/vseIxDqspDgmJdlFrNgp5RyHKZ50B31
we9WxB4rFwE5nmwyXNrgl4WzofCI7br6OiJYQULhbCa7HGBXMpVpl5mF9sZnwRKG
BM1Y9vICzdpSJ8J6OAylb2ZhMXKIh9goMrf8O6OhGV5jXhb8MMc+7HPEiyz5Thb3
EXE03dhqCGNJlIKLi4CaQudQY3R60YN3UlEa6tg8I9TUXZ7IOgD6YsG3f5RXuXbp
afl7qZI7IxwzXoFZ6W8Skya5qW/dx7uu0Roxu/bjNTDFtWmQa/v0AYnRvNB9p6HS
s34NAcWHNh7G2w==
-----END CERTIFICATE-----