Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          n5Tiy+O6GMmDXpgB9W80U6rBNP0a2KNrHHFuC3pnMtM=
Subject key identifier:   DF:47:56:3A:B3:60:01:B4:90:CD:7A:81:44:F3:C6:CE:40:67:52:57
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       01976A060EED1B064DC34DAE6684D736CBB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          050B
Signing time:             Fri 13 Jun 2025 16:01:11 +0000
Manifest this update:     Fri 13 Jun 2025 16:01:11 +0000
Manifest next update:     Sat 14 Jun 2025 16:01:11 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: Ij90pZY/VFwzQQw8AIrM9I+dq1M1kCoTSOlWDJpi58w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:06:0e:ed:1b:06:4d:c3:4d:ae:66:84:d7:36:cb:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Jun 13 16:01:11 2025 GMT
            Not After : Jun 14 16:01:11 2025 GMT
        Subject: CN=df47563ab36001b490cd7a8144f3c6ce40675257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6f:f1:bc:2c:89:97:d3:15:41:07:06:76:fe:
                    3c:00:34:5f:15:5a:66:6c:c8:40:c3:74:3f:48:e8:
                    36:f5:7e:fc:c5:31:c9:81:d0:61:37:4c:94:93:32:
                    33:66:aa:41:0f:ce:02:7e:56:ef:9d:64:47:d7:da:
                    e9:bd:10:8c:d7:e9:c7:6a:db:a3:c4:60:aa:7d:6d:
                    94:b3:0e:fd:b2:61:e2:78:15:95:be:86:42:86:54:
                    63:04:6d:f1:31:fc:ce:2b:5b:79:86:83:0e:b4:d3:
                    4b:e0:73:24:2a:93:41:7d:b6:72:92:44:1a:83:d7:
                    96:c6:98:60:d2:04:81:6f:0f:41:27:9e:6a:c2:0a:
                    0a:c7:d1:c1:95:98:29:43:c8:34:68:91:83:7d:dc:
                    16:1a:69:17:61:73:6a:ce:1a:87:bc:06:48:8d:60:
                    39:66:cc:04:dd:65:7a:8d:a9:7f:0f:98:f5:36:a0:
                    be:9c:2d:5e:2b:e6:2b:73:c6:c0:da:ab:60:ea:0e:
                    27:0d:a8:66:31:f5:10:5f:c8:64:dd:78:7c:2f:1b:
                    91:84:b8:f9:e3:8e:0b:66:15:76:82:da:46:13:53:
                    2c:2f:aa:e1:9d:4a:e9:52:f6:27:95:49:8d:13:ed:
                    73:89:a0:95:d0:c4:0a:9c:3a:05:26:19:b0:54:50:
                    7f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:47:56:3A:B3:60:01:B4:90:CD:7A:81:44:F3:C6:CE:40:67:52:57
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:76:50:a6:10:a8:8b:ea:e0:a7:ee:42:1a:e5:34:6d:c7:8c:
         96:fd:39:bb:3a:1b:44:ff:27:2c:49:a4:2f:5b:57:38:00:88:
         b5:00:7d:2c:ef:88:f8:60:22:88:12:9c:b6:4b:2a:e5:2a:b0:
         11:f0:b3:16:0a:6b:db:d4:42:6c:a3:40:d0:e3:dc:d4:f0:25:
         1f:c9:7a:ae:4a:34:c8:d4:cd:ed:0f:1d:bd:3b:fe:6b:2e:12:
         c5:08:80:6f:cd:30:bb:3c:c0:f1:cd:88:e0:26:df:01:c8:b9:
         73:fe:2c:b6:cc:8f:ac:90:6a:72:ad:40:b8:15:c7:c4:e1:d7:
         27:e4:80:fe:83:d4:f1:7d:45:3d:98:2e:1d:5d:d9:ee:b0:77:
         48:18:5b:4b:19:f0:68:32:27:99:c7:a0:e5:37:01:4d:59:48:
         bd:61:26:15:1b:1e:55:1b:8f:e7:d6:56:e0:15:5f:00:e4:e3:
         35:66:fa:86:9e:a1:eb:c5:81:9c:af:cf:68:b2:dd:73:e2:c1:
         46:43:14:59:d7:7d:44:3a:69:38:7f:69:af:ca:7a:6f:bc:51:
         fe:90:eb:3a:4d:49:5b:1e:1d:b3:37:2d:96:53:77:5e:b0:05:
         5a:0b:a1:76:7d:3a:86:37:12:d8:eb:72:c7:61:40:af:60:ce:
         97:a3:84:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBg7tGwZNw02uZoTXNsu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUwNjEzMTYwMTExWhcNMjUwNjE0MTYwMTExWjAzMTEwLwYDVQQD
EyhkZjQ3NTYzYWIzNjAwMWI0OTBjZDdhODE0NGYzYzZjZTQwNjc1MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW/xvCyJl9MVQQcGdv48ADRfFVpm
bMhAw3Q/SOg29X78xTHJgdBhN0yUkzIzZqpBD84CflbvnWRH19rpvRCM1+nHatuj
xGCqfW2Usw79smHieBWVvoZChlRjBG3xMfzOK1t5hoMOtNNL4HMkKpNBfbZykkQa
g9eWxphg0gSBbw9BJ55qwgoKx9HBlZgpQ8g0aJGDfdwWGmkXYXNqzhqHvAZIjWA5
ZswE3WV6jal/D5j1NqC+nC1eK+Yrc8bA2qtg6g4nDahmMfUQX8hk3Xh8LxuRhLj5
444LZhV2gtpGE1MsL6rhnUrpUvYnlUmNE+1ziaCV0MQKnDoFJhmwVFB/4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9HVjqzYAG0kM16gUTzxs5AZ1JXMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3ZQphCo
i+rgp+5CGuU0bceMlv05uzobRP8nLEmkL1tXOACItQB9LO+I+GAiiBKctksq5Sqw
EfCzFgpr29RCbKNA0OPc1PAlH8l6rko0yNTN7Q8dvTv+ay4SxQiAb80wuzzA8c2I
4CbfAci5c/4stsyPrJBqcq1AuBXHxOHXJ+SA/oPU8X1FPZguHV3Z7rB3SBhbSxnw
aDInmceg5TcBTVlIvWEmFRseVRuP59ZW4BVfAOTjNWb6hp6h68WBnK/PaLLdc+LB
RkMUWdd9RDppOH9pr8p6b7xR/pDrOk1JWx4dszctllN3XrAFWguhdn06hjcS2Oty
x2FAr2DOl6OEGA==
-----END CERTIFICATE-----