Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          l2oFIUTJtRYJnwgjRZsqO6v5okp5dqdHj3BZR71QBEM=
Subject key identifier:   E8:13:01:9B:41:C2:B6:F6:00:EC:B6:D4:A2:30:C3:D0:BD:74:16:BE
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       019A5375D6209B1F3E7CDFFB70C1EFD78A2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          068D
Signing time:             Wed 05 Nov 2025 10:00:22 +0000
Manifest this update:     Wed 05 Nov 2025 10:00:22 +0000
Manifest next update:     Thu 06 Nov 2025 10:00:22 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: NF4gswKJ8sRmQCjc7g84LyaIsOEMPOb6riefnRS7yw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:75:d6:20:9b:1f:3e:7c:df:fb:70:c1:ef:d7:8a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Nov  5 10:00:22 2025 GMT
            Not After : Nov  6 10:00:22 2025 GMT
        Subject: CN=e813019b41c2b6f600ecb6d4a230c3d0bd7416be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1c:e6:6d:f6:d7:38:90:f6:4e:ac:a8:c8:b3:
                    71:f4:de:0f:a6:8b:e5:a5:13:aa:89:d3:23:2f:ab:
                    97:7b:81:ec:b5:ba:da:30:68:69:6a:0a:29:6a:45:
                    5c:2b:c9:f4:fd:00:6c:f6:f4:97:3e:d3:69:9d:d7:
                    6d:89:ea:5a:92:c5:c5:bd:31:d1:32:a8:4c:fe:eb:
                    d7:28:11:3f:5b:27:e2:dc:dc:2a:7e:24:57:b7:f0:
                    98:4d:7e:ee:d1:12:a7:aa:3b:3a:74:b4:a5:cb:6f:
                    69:80:19:f8:4b:d9:b2:48:3d:1e:f5:64:13:79:03:
                    ba:18:d3:97:fe:f4:15:a6:d1:89:f7:74:00:4c:95:
                    07:1c:6c:cf:fc:79:c2:62:1d:ba:48:f6:cd:6c:8d:
                    5a:5b:87:e6:77:32:a8:29:7a:d5:87:18:ae:29:f1:
                    c1:f1:dd:f9:29:4b:4d:7e:5f:80:91:e2:7f:ac:74:
                    7a:fb:37:da:5f:96:6a:ad:95:2c:4c:e3:67:75:0e:
                    21:62:2f:07:56:a7:40:54:cb:37:9d:c8:80:40:98:
                    cb:c1:60:05:8f:54:64:d1:05:4c:e5:57:4a:03:51:
                    65:3c:13:31:5b:43:69:2e:c4:bc:e3:d9:0e:59:ca:
                    0f:6a:c0:d5:35:1d:97:5a:88:b7:80:de:3a:c7:c8:
                    9b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:13:01:9B:41:C2:B6:F6:00:EC:B6:D4:A2:30:C3:D0:BD:74:16:BE
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f9:b4:0f:bf:ec:bc:22:05:5b:94:1c:1c:3f:9a:67:93:b1:
         6f:d5:0a:67:6d:1c:d6:a9:4b:8c:e7:a4:11:6c:fd:1e:66:40:
         a2:f1:18:38:ee:ed:6d:02:ac:82:f0:7f:7a:1f:90:d5:54:47:
         18:f3:b0:ba:0b:2a:da:51:06:19:dc:86:14:06:87:8d:ab:5e:
         56:4f:0c:4d:54:b9:85:6d:49:a0:a4:10:63:4d:77:b9:c7:a1:
         65:24:5d:91:23:07:6c:23:df:33:ad:f4:c5:11:03:41:ea:35:
         bd:43:a3:cd:c3:fb:fe:1d:c6:15:27:fb:f1:84:5a:50:c8:87:
         c3:18:ac:ea:35:19:4f:67:e1:93:98:1b:fa:42:4c:8c:ea:01:
         e7:e8:29:46:1b:98:5c:bb:f9:c0:64:5a:6a:bd:ff:7f:b0:15:
         f8:d3:94:5f:d4:4a:67:53:db:75:c3:82:ed:8f:86:09:02:4b:
         a6:56:84:99:49:35:35:fc:60:ad:5c:ce:0b:7b:34:35:17:6e:
         63:fe:2d:9d:78:02:74:56:16:16:e5:4a:ca:91:cb:29:89:27:
         48:e6:80:00:88:3c:58:61:ed:85:72:cf:e7:71:86:c7:d2:66:
         30:9f:7f:af:92:54:f6:de:2f:a4:06:bb:24:0e:df:e0:26:65:
         25:7a:53:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTddYgmx8+fN/7cMHv14ouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUxMTA1MTAwMDIyWhcNMjUxMTA2MTAwMDIyWjAzMTEwLwYDVQQD
EyhlODEzMDE5YjQxYzJiNmY2MDBlY2I2ZDRhMjMwYzNkMGJkNzQxNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhzmbfbXOJD2TqyoyLNx9N4Ppovl
pROqidMjL6uXe4HstbraMGhpagopakVcK8n0/QBs9vSXPtNpnddtiepaksXFvTHR
MqhM/uvXKBE/Wyfi3NwqfiRXt/CYTX7u0RKnqjs6dLSly29pgBn4S9mySD0e9WQT
eQO6GNOX/vQVptGJ93QATJUHHGzP/HnCYh26SPbNbI1aW4fmdzKoKXrVhxiuKfHB
8d35KUtNfl+AkeJ/rHR6+zfaX5ZqrZUsTONndQ4hYi8HVqdAVMs3nciAQJjLwWAF
j1Rk0QVM5VdKA1FlPBMxW0NpLsS849kOWcoPasDVNR2XWoi3gN46x8ibxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgTAZtBwrb2AOy21KIww9C9dBa+MB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/m0D7/s
vCIFW5QcHD+aZ5Oxb9UKZ20c1qlLjOekEWz9HmZAovEYOO7tbQKsgvB/eh+Q1VRH
GPOwugsq2lEGGdyGFAaHjateVk8MTVS5hW1JoKQQY013ucehZSRdkSMHbCPfM630
xREDQeo1vUOjzcP7/h3GFSf78YRaUMiHwxis6jUZT2fhk5gb+kJMjOoB5+gpRhuY
XLv5wGRaar3/f7AV+NOUX9RKZ1PbdcOC7Y+GCQJLplaEmUk1NfxgrVzOC3s0NRdu
Y/4tnXgCdFYWFuVKypHLKYknSOaAAIg8WGHthXLP53GGx9JmMJ9/r5JU9t4vpAa7
JA7f4CZlJXpTJw==
-----END CERTIFICATE-----