Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          Qq7f/r6wOU1PYWOHABxyyJ5Qwr/2I1iw4DlHPr0peqc=
Subject key identifier:   F9:44:2E:27:CC:0B:7E:7D:7A:DD:2A:1D:27:19:56:74:8F:53:D8:0A
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       01968A009B0DD9F3748E6B0405B463055340
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          0398
Signing time:             Thu 01 May 2025 04:00:17 +0000
Manifest this update:     Thu 01 May 2025 04:00:17 +0000
Manifest next update:     Fri 02 May 2025 04:00:17 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: rfbBQopA36asbtI6kMQgiOUZKEFMZ7dNNoFtfELXkLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:00:9b:0d:d9:f3:74:8e:6b:04:05:b4:63:05:53:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: May  1 04:00:17 2025 GMT
            Not After : May  2 04:00:17 2025 GMT
        Subject: CN=f9442e27cc0b7e7d7add2a1d271956748f53d80a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:66:a1:96:b9:ba:2e:3a:7c:66:ed:7b:8d:22:
                    63:0f:48:fc:4c:c7:2c:81:0e:35:50:08:13:0a:60:
                    8f:60:8d:d9:08:e7:d7:07:94:62:b9:2f:12:21:b7:
                    23:73:2f:cc:69:69:d9:9f:72:5c:03:3f:af:75:22:
                    38:8a:d8:0e:b9:0b:fd:2b:98:17:65:c4:e0:3e:29:
                    07:82:4b:e7:c3:47:a3:72:ac:3f:1f:5c:06:58:6b:
                    91:8b:7f:7d:2a:b1:a1:bd:ac:e5:79:bb:81:99:9d:
                    c3:79:4a:ac:21:40:79:c0:93:d6:85:34:ec:a0:1d:
                    15:9e:88:52:b1:68:a6:22:c8:b7:b8:8d:c3:a4:7a:
                    81:90:07:b6:a4:6d:47:69:15:a2:e4:e3:ca:7e:1e:
                    49:23:10:54:49:72:3f:7c:cb:aa:91:45:a6:44:15:
                    e5:35:0d:81:ba:4f:9c:c6:e7:82:62:4b:01:45:12:
                    47:58:f2:a1:2e:9b:70:f4:a4:72:fa:58:38:36:3a:
                    aa:76:24:25:29:a3:ad:ef:c9:cc:31:27:44:c7:90:
                    c6:e0:2d:16:8c:d6:8b:8d:40:b1:2d:c3:4b:92:ee:
                    c4:f8:7b:97:77:0f:f8:af:16:58:ff:df:1c:f0:b0:
                    0f:9d:70:e1:ae:b1:1d:aa:bf:f9:a4:00:f3:f3:2a:
                    f1:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:44:2E:27:CC:0B:7E:7D:7A:DD:2A:1D:27:19:56:74:8F:53:D8:0A
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:ab:d9:ac:ad:9f:e4:9a:1c:ed:24:d8:e2:0d:fb:21:8e:0d:
         55:bc:df:bf:3a:e7:a0:4e:90:81:e0:7f:2f:1d:ee:e6:f8:62:
         ec:55:7e:84:dc:27:b6:e6:e6:cf:33:a0:73:e5:ba:9b:09:96:
         c4:93:5e:90:bb:dd:e3:bd:cc:af:24:64:01:de:db:f7:e3:45:
         fa:09:33:b0:e7:20:7e:47:6c:7a:b2:74:7b:a5:57:52:ea:66:
         d3:41:bf:38:82:5e:26:88:6c:17:cb:0d:3b:cb:a4:e0:93:1e:
         7c:bb:5a:70:9e:0e:cf:22:0f:ba:77:16:c6:7a:06:e4:14:a2:
         be:d4:34:b7:d5:88:3d:c9:4f:53:78:94:c6:0b:a4:78:06:0b:
         4e:b4:2c:d8:ef:83:b4:ab:d2:cf:b4:43:1e:b3:97:18:a0:18:
         25:2f:c5:8f:86:a6:08:a6:4c:10:fb:d6:db:cc:00:54:0e:c7:
         7e:af:77:f6:17:a1:6e:e5:be:6b:c6:f1:c1:74:bd:72:12:7a:
         60:40:b5:14:5f:76:d4:5f:59:23:03:0d:b2:da:ae:17:8e:4a:
         1e:51:64:87:8b:4e:0b:d7:3b:fd:20:5b:2c:96:94:d3:cd:41:
         28:5e:f9:d1:be:bf:04:30:8a:5e:b0:a8:8a:af:d3:23:5e:9d:
         80:cd:61:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKAJsN2fN0jmsEBbRjBVNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwNTAxMDQwMDE3WhcNMjUwNTAyMDQwMDE3WjAzMTEwLwYDVQQD
EyhmOTQ0MmUyN2NjMGI3ZTdkN2FkZDJhMWQyNzE5NTY3NDhmNTNkODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ahlrm6Ljp8Zu17jSJjD0j8TMcs
gQ41UAgTCmCPYI3ZCOfXB5RiuS8SIbcjcy/MaWnZn3JcAz+vdSI4itgOuQv9K5gX
ZcTgPikHgkvnw0ejcqw/H1wGWGuRi399KrGhvazlebuBmZ3DeUqsIUB5wJPWhTTs
oB0VnohSsWimIsi3uI3DpHqBkAe2pG1HaRWi5OPKfh5JIxBUSXI/fMuqkUWmRBXl
NQ2Buk+cxueCYksBRRJHWPKhLptw9KRy+lg4NjqqdiQlKaOt78nMMSdEx5DG4C0W
jNaLjUCxLcNLku7E+HuXdw/4rxZY/98c8LAPnXDhrrEdqr/5pADz8yrx3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlELifMC359et0qHScZVnSPU9gKMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv6vZrK2f
5Joc7STY4g37IY4NVbzfvzrnoE6QgeB/Lx3u5vhi7FV+hNwntubmzzOgc+W6mwmW
xJNekLvd473MryRkAd7b9+NF+gkzsOcgfkdserJ0e6VXUupm00G/OIJeJohsF8sN
O8uk4JMefLtacJ4OzyIPuncWxnoG5BSivtQ0t9WIPclPU3iUxgukeAYLTrQs2O+D
tKvSz7RDHrOXGKAYJS/Fj4amCKZMEPvW28wAVA7Hfq939hehbuW+a8bxwXS9chJ6
YEC1FF921F9ZIwMNstquF45KHlFkh4tOC9c7/SBbLJaU081BKF750b6/BDCKXrCo
iq/TI16dgM1htA==
-----END CERTIFICATE-----