Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          8CXuQzahKVAd6sZYxC47JS3vY2MXxKj2MpVTGLjnQ2s=
Subject key identifier:   2C:63:E6:7E:8E:9A:24:55:01:00:7B:B4:48:47:CF:F2:E5:7B:8C:DD
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       01989F037A478D9E93D77D780861AAA88E42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          04AC
Signing time:             Tue 12 Aug 2025 16:01:01 +0000
Manifest this update:     Tue 12 Aug 2025 16:01:01 +0000
Manifest next update:     Wed 13 Aug 2025 16:01:01 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: IRvxzHYCTfcVFqH3ktNsi/5T9WFaH+Ig0yjgczWpvAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:03:7a:47:8d:9e:93:d7:7d:78:08:61:aa:a8:8e:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Aug 12 16:01:01 2025 GMT
            Not After : Aug 13 16:01:01 2025 GMT
        Subject: CN=2c63e67e8e9a245501007bb44847cff2e57b8cdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:be:c8:42:a7:1c:67:6c:d5:ef:62:b3:f6:bc:
                    5d:b1:ab:2f:10:3b:a6:f1:1a:0c:45:55:2c:bd:b4:
                    36:f7:c1:08:1d:53:18:9d:15:7a:ba:fe:f8:53:41:
                    6a:c1:d7:dd:7b:73:64:26:19:96:57:db:55:b7:cd:
                    e0:a8:9a:c9:ce:9c:55:59:f1:0e:de:a3:98:d3:9a:
                    13:64:d4:29:16:0e:fa:cd:f0:01:02:f6:ef:ac:d4:
                    17:77:db:6b:80:f1:37:17:6d:f1:48:a8:f9:c8:95:
                    b9:5e:73:51:56:aa:0d:aa:3b:d6:ec:a0:0c:c0:13:
                    e5:e7:1a:a1:13:61:f7:ce:05:e2:22:61:b5:8e:21:
                    67:62:29:d1:0a:81:e6:2d:69:8b:13:61:dd:13:47:
                    6f:1b:7c:b7:13:35:5a:74:dc:04:ad:12:94:7c:4e:
                    fb:c7:fe:39:a2:3c:72:32:4f:bc:95:80:50:d3:41:
                    e6:cb:54:23:81:5d:c4:00:a0:e4:24:bb:76:43:1a:
                    62:96:12:bd:9f:5b:13:d3:d2:63:4c:c2:e5:07:38:
                    5b:6b:3f:80:b8:76:80:3f:bb:a0:1b:4a:37:d6:9d:
                    3d:7f:b9:9d:10:9b:07:91:64:16:9f:1f:1a:af:15:
                    fd:cc:86:f3:97:a3:94:dd:87:99:45:0e:9e:30:61:
                    4b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:63:E6:7E:8E:9A:24:55:01:00:7B:B4:48:47:CF:F2:E5:7B:8C:DD
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:25:c0:a5:36:de:22:7d:d1:53:81:da:8e:72:cd:6e:1c:62:
         69:6a:fa:90:51:dd:14:ad:4b:77:98:12:d3:54:f1:1e:29:8a:
         48:c8:cc:d9:26:a8:69:8c:ad:42:e1:91:a6:91:3c:88:fb:40:
         92:87:f6:b4:d5:e0:b3:bc:81:09:bd:4d:0b:2f:db:1c:22:77:
         6b:5a:2f:9d:c5:30:87:a9:9d:7b:4f:d3:6d:01:e2:92:a7:75:
         c3:27:f5:5b:d5:e0:31:00:93:3b:b1:e3:27:a1:9f:04:be:cf:
         04:9c:8a:e3:7f:e9:3b:91:f5:ca:fb:f0:18:66:c5:45:25:f6:
         f2:37:dc:9d:a2:93:99:aa:fe:c8:04:2c:75:7d:dc:52:ca:69:
         93:2d:c5:91:6c:e2:3b:36:67:e5:a4:6b:42:df:33:bb:83:5f:
         86:6b:65:e6:59:8f:eb:b3:73:87:b0:be:c8:b7:ec:a2:d8:7d:
         55:7b:f8:7d:57:44:c7:30:4a:ab:3b:44:ca:26:c8:9b:f7:e7:
         0e:87:ef:86:ab:66:83:98:d0:57:34:70:6f:45:6b:f7:bb:4d:
         79:10:64:09:7b:6a:87:15:27:64:0d:6b:27:26:3d:60:00:4a:
         bc:c3:4d:f5:0a:de:6f:c3:7c:d8:62:9f:7a:41:a0:11:de:f2:
         71:96:d4:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifA3pHjZ6T1314CGGqqI5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwODEyMTYwMTAxWhcNMjUwODEzMTYwMTAxWjAzMTEwLwYDVQQD
EygyYzYzZTY3ZThlOWEyNDU1MDEwMDdiYjQ0ODQ3Y2ZmMmU1N2I4Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb7IQqccZ2zV72Kz9rxdsasvEDum
8RoMRVUsvbQ298EIHVMYnRV6uv74U0Fqwdfde3NkJhmWV9tVt83gqJrJzpxVWfEO
3qOY05oTZNQpFg76zfABAvbvrNQXd9trgPE3F23xSKj5yJW5XnNRVqoNqjvW7KAM
wBPl5xqhE2H3zgXiImG1jiFnYinRCoHmLWmLE2HdE0dvG3y3EzVadNwErRKUfE77
x/45ojxyMk+8lYBQ00Hmy1QjgV3EAKDkJLt2QxpilhK9n1sT09JjTMLlBzhbaz+A
uHaAP7ugG0o31p09f7mdEJsHkWQWnx8arxX9zIbzl6OU3YeZRQ6eMGFL+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxj5n6OmiRVAQB7tEhHz/Lle4zdMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgSXApTbe
In3RU4HajnLNbhxiaWr6kFHdFK1Ld5gS01TxHimKSMjM2SaoaYytQuGRppE8iPtA
kof2tNXgs7yBCb1NCy/bHCJ3a1ovncUwh6mde0/TbQHikqd1wyf1W9XgMQCTO7Hj
J6GfBL7PBJyK43/pO5H1yvvwGGbFRSX28jfcnaKTmar+yAQsdX3cUsppky3FkWzi
OzZn5aRrQt8zu4Nfhmtl5lmP67Nzh7C+yLfsoth9VXv4fVdExzBKqztEyibIm/fn
Dofvhqtmg5jQVzRwb0Vr97tNeRBkCXtqhxUnZA1rJyY9YABKvMNN9Qreb8N82GKf
ekGgEd7ycZbUWg==
-----END CERTIFICATE-----