Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          +CjOFUKKXTsx+A4o1RHgJinuFZFeEnbYakLY+YH+d4E=
Subject key identifier:   91:C3:6B:07:81:9F:5F:5B:DC:A2:84:8B:B5:B8:D7:42:40:CF:D0:18
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       019873E1D01547D348C702EF259A406FCF16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0A10
Signing time:             Mon 04 Aug 2025 07:00:35 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:35 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:35 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: v7Rr3X7A6WBpt1Y2aKi3bKvfa22HlrRWQKnUtLyVSpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:d0:15:47:d3:48:c7:02:ef:25:9a:40:6f:cf:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Aug  4 07:00:35 2025 GMT
            Not After : Aug  5 07:00:35 2025 GMT
        Subject: CN=91c36b07819f5f5bdca2848bb5b8d74240cfd018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1b:2e:39:3b:50:7c:f8:4b:2f:65:42:55:a1:
                    00:eb:34:73:f2:07:10:00:83:c2:26:78:39:c2:60:
                    b8:a9:97:fc:df:9e:2a:c2:64:80:a4:83:c7:2c:8d:
                    ad:37:5b:22:d1:31:e3:3d:85:f6:53:c5:c2:65:bc:
                    7c:26:4c:70:46:b5:58:5f:b8:83:46:75:52:3d:8c:
                    c8:7f:6a:43:03:13:c5:43:0f:8f:25:6e:f1:2a:6e:
                    ef:df:d5:09:ac:18:33:9d:3b:44:ae:a4:f0:a8:93:
                    7a:d0:b5:38:3c:69:65:7c:f2:0f:a4:d0:81:bc:75:
                    12:0e:31:b1:4b:9f:50:e5:d8:e5:96:56:c9:36:98:
                    f3:87:06:75:ae:68:23:ce:b4:29:48:cc:09:86:98:
                    ee:75:40:da:43:a5:05:2c:3d:cf:bc:08:8f:63:f3:
                    2e:50:22:d3:2d:46:2e:4c:0b:b1:9a:e3:24:b9:d1:
                    b1:58:e8:c1:c6:77:04:ba:e4:52:3c:4e:2e:2d:e8:
                    80:7a:9d:2e:cc:8b:93:02:5d:7f:8f:ea:eb:21:1a:
                    61:cf:43:a2:5a:28:59:c9:6d:39:55:60:92:c8:71:
                    42:73:6b:cd:d4:1f:1c:2e:12:61:b8:d2:bc:9e:a5:
                    88:e9:10:da:1e:c6:8b:20:cd:33:9f:d6:c9:a0:64:
                    f9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:C3:6B:07:81:9F:5F:5B:DC:A2:84:8B:B5:B8:D7:42:40:CF:D0:18
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:99:ad:fe:3b:79:bb:bd:af:80:20:f0:e2:57:7a:a0:ae:66:
         23:11:c1:b4:d9:99:7b:0a:1c:9a:80:e7:16:25:5c:c0:11:02:
         3f:c0:33:e0:38:82:ef:5a:d3:8a:90:b7:ac:6b:0b:9d:a5:d8:
         46:8e:ef:6b:c5:2e:23:0f:8c:8f:82:70:37:2d:68:64:32:39:
         35:9d:6e:cd:7b:85:2a:3c:eb:8c:2d:c0:65:a1:20:2f:28:a8:
         37:62:b1:ea:c4:e1:54:12:05:32:43:b6:09:ca:ac:8b:a7:34:
         f6:74:0d:8e:30:3d:34:d7:b0:5c:1f:95:3e:12:34:bd:e1:78:
         f8:07:1c:1a:07:4b:7a:51:91:18:15:7a:da:92:32:5b:39:b7:
         a9:0e:94:07:eb:9d:ce:b1:5e:13:b7:8e:ce:d9:5f:db:3a:be:
         f4:b0:46:07:0a:39:36:fb:c7:d7:9c:de:f2:2b:a9:ed:c7:d8:
         db:d9:ea:f0:44:85:7c:25:1f:ee:35:39:e1:bf:06:54:7d:84:
         32:94:d1:c1:2d:3c:ef:09:3a:09:f5:38:6d:91:b4:7f:d6:cf:
         78:09:c3:e9:c1:9d:42:22:74:32:f5:0e:02:a2:60:14:01:a9:
         0d:b7:31:70:b5:a8:a7:15:e2:57:28:cb:91:92:e1:5f:0f:48:
         3b:0b:60:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4dAVR9NIxwLvJZpAb88WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjUwODA0MDcwMDM1WhcNMjUwODA1MDcwMDM1WjAzMTEwLwYDVQQD
Eyg5MWMzNmIwNzgxOWY1ZjViZGNhMjg0OGJiNWI4ZDc0MjQwY2ZkMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxsuOTtQfPhLL2VCVaEA6zRz8gcQ
AIPCJng5wmC4qZf8354qwmSApIPHLI2tN1si0THjPYX2U8XCZbx8JkxwRrVYX7iD
RnVSPYzIf2pDAxPFQw+PJW7xKm7v39UJrBgznTtErqTwqJN60LU4PGllfPIPpNCB
vHUSDjGxS59Q5djlllbJNpjzhwZ1rmgjzrQpSMwJhpjudUDaQ6UFLD3PvAiPY/Mu
UCLTLUYuTAuxmuMkudGxWOjBxncEuuRSPE4uLeiAep0uzIuTAl1/j+rrIRphz0Oi
WihZyW05VWCSyHFCc2vN1B8cLhJhuNK8nqWI6RDaHsaLIM0zn9bJoGT5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHDaweBn19b3KKEi7W410JAz9AYMB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp5mt/jt5
u72vgCDw4ld6oK5mIxHBtNmZewocmoDnFiVcwBECP8Az4DiC71rTipC3rGsLnaXY
Ro7va8UuIw+Mj4JwNy1oZDI5NZ1uzXuFKjzrjC3AZaEgLyioN2Kx6sThVBIFMkO2
Ccqsi6c09nQNjjA9NNewXB+VPhI0veF4+AccGgdLelGRGBV62pIyWzm3qQ6UB+ud
zrFeE7eOztlf2zq+9LBGBwo5NvvH15ze8iup7cfY29nq8ESFfCUf7jU54b8GVH2E
MpTRwS087wk6CfU4bZG0f9bPeAnD6cGdQiJ0MvUOAqJgFAGpDbcxcLWopxXiVyjL
kZLhXw9IOwtgWQ==
-----END CERTIFICATE-----