Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          2IbPyBS3A4hi84R3SvLWBmnykCdoTwi+dOeSjkpmdmQ=
Subject key identifier:   5E:88:ED:56:56:9C:4F:01:47:AD:76:AF:A0:A6:C8:1A:22:39:CF:CF
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019896A709164A8820E8C6DDFF55690C98B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          15F9
Signing time:             Mon 11 Aug 2025 01:03:05 +0000
Manifest this update:     Mon 11 Aug 2025 01:03:05 +0000
Manifest next update:     Tue 12 Aug 2025 01:03:05 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: A8zH1qF6V1z0ByiEFsw72pJaWQzQV4VdRcJdmo2ar3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:03:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a7:09:16:4a:88:20:e8:c6:dd:ff:55:69:0c:98:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Aug 11 01:03:05 2025 GMT
            Not After : Aug 12 01:03:05 2025 GMT
        Subject: CN=5e88ed56569c4f0147ad76afa0a6c81a2239cfcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:72:58:ca:88:19:25:fa:b8:39:49:7d:b5:e4:
                    67:52:e7:c6:71:cf:ec:5f:a2:9f:eb:cf:58:35:04:
                    27:7d:83:b2:ca:e8:b0:33:95:8c:e1:ff:a9:e3:e7:
                    19:cd:da:cf:22:a3:4a:ee:be:4b:f6:da:4a:9f:45:
                    cc:7e:1f:cd:a3:45:fd:e6:d2:bb:14:3f:5c:e4:47:
                    0f:47:fc:92:ae:0e:ed:9c:f7:e8:17:74:fc:17:d5:
                    19:79:77:75:53:b2:16:d9:99:24:39:84:61:29:77:
                    7a:4c:63:38:16:ec:4d:0e:20:41:56:5d:14:1a:49:
                    fb:51:f1:15:38:6a:be:09:ff:42:c6:d7:c6:17:97:
                    ac:05:38:d2:4f:13:e0:c9:eb:58:dc:14:bf:a8:3a:
                    87:87:35:81:a4:f4:34:c7:c0:5a:63:7c:d0:ac:f6:
                    c1:f3:af:cd:a2:f9:b9:e4:d3:67:cf:58:75:08:54:
                    ca:48:22:d1:b4:8b:cf:89:28:dc:dc:89:d7:d4:b0:
                    9a:eb:17:50:67:db:d1:9d:ae:4a:0c:ec:77:93:8a:
                    9e:09:6b:10:a8:68:38:d9:37:77:17:d1:f2:18:af:
                    45:f9:f9:f7:17:e8:5e:f3:05:2e:61:04:c6:c4:4b:
                    66:7c:3d:eb:4b:a1:b1:6e:c3:14:fa:c9:30:ef:89:
                    ec:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:88:ED:56:56:9C:4F:01:47:AD:76:AF:A0:A6:C8:1A:22:39:CF:CF
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:dc:25:c8:02:9b:08:6f:0e:e4:58:d4:f7:e9:f4:8d:29:52:
         f0:83:73:0b:eb:fe:8a:8c:48:cc:dd:41:4a:20:51:25:35:d2:
         58:54:9c:84:b6:8c:69:56:b0:43:52:aa:e0:a1:37:02:fb:39:
         00:54:f1:d2:9b:e6:9b:00:d7:d8:bd:58:0d:b4:54:bb:a8:55:
         ef:d3:3b:ed:59:e8:81:4c:f8:13:df:f7:d1:6a:0a:80:48:27:
         0d:4a:7a:4f:0e:40:25:20:70:5b:1a:b6:ab:c7:f2:be:60:99:
         09:a1:63:dc:9e:b7:4d:f0:7b:bc:a0:60:ed:82:fa:e1:9c:50:
         a0:b5:e1:e8:fc:a7:aa:39:67:ad:a9:c1:76:73:c9:e8:8f:27:
         17:9a:9f:06:4d:8b:30:92:b1:3f:f1:88:99:c9:67:1b:ea:7b:
         ce:56:16:0d:c0:5c:81:02:4f:7f:02:38:60:15:fe:e7:c3:41:
         b5:27:33:c1:5c:8d:89:43:62:e9:30:1d:01:11:81:a0:7f:66:
         8e:aa:e1:5b:70:0b:99:23:01:f1:05:99:92:0d:b7:fe:27:15:
         d5:6c:b0:ba:87:67:fb:95:1c:5f:6b:83:29:e2:4a:e8:c4:70:
         d3:df:e3:f9:2b:80:d3:47:bc:be:c1:0b:3b:cd:34:ca:2d:9a:
         3b:2a:2c:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpwkWSogg6Mbd/1VpDJi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwODExMDEwMzA1WhcNMjUwODEyMDEwMzA1WjAzMTEwLwYDVQQD
Eyg1ZTg4ZWQ1NjU2OWM0ZjAxNDdhZDc2YWZhMGE2YzgxYTIyMzljZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnJYyogZJfq4OUl9teRnUufGcc/s
X6Kf689YNQQnfYOyyuiwM5WM4f+p4+cZzdrPIqNK7r5L9tpKn0XMfh/No0X95tK7
FD9c5EcPR/ySrg7tnPfoF3T8F9UZeXd1U7IW2ZkkOYRhKXd6TGM4FuxNDiBBVl0U
Gkn7UfEVOGq+Cf9CxtfGF5esBTjSTxPgyetY3BS/qDqHhzWBpPQ0x8BaY3zQrPbB
86/Novm55NNnz1h1CFTKSCLRtIvPiSjc3InX1LCa6xdQZ9vRna5KDOx3k4qeCWsQ
qGg42Td3F9HyGK9F+fn3F+he8wUuYQTGxEtmfD3rS6GxbsMU+skw74nsdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6I7VZWnE8BR612r6CmyBoiOc/PMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNwlyAKb
CG8O5FjU9+n0jSlS8INzC+v+ioxIzN1BSiBRJTXSWFSchLaMaVawQ1Kq4KE3Avs5
AFTx0pvmmwDX2L1YDbRUu6hV79M77VnogUz4E9/30WoKgEgnDUp6Tw5AJSBwWxq2
q8fyvmCZCaFj3J63TfB7vKBg7YL64ZxQoLXh6PynqjlnranBdnPJ6I8nF5qfBk2L
MJKxP/GImclnG+p7zlYWDcBcgQJPfwI4YBX+58NBtSczwVyNiUNi6TAdARGBoH9m
jqrhW3ALmSMB8QWZkg23/icV1Wywuodn+5UcX2uDKeJK6MRw09/j+SuA00e8vsEL
O800yi2aOyosig==
-----END CERTIFICATE-----