Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          DQ99AswVHaQTvYXgwFQ4XTexKC8BRBBwgJIzCcmMDb0=
Subject key identifier:   3A:B9:0C:4F:49:1D:60:ED:ED:AA:8F:99:F4:D7:D9:9D:20:07:6F:A6
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       019A4DAB1BD4D326FD004C159548DEF9451F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          058B
Signing time:             Tue 04 Nov 2025 07:00:50 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:50 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:50 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: aILKwU/+XiZjizDU2BR5+++HmFCYBBwHHxSyuC1bDbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:ab:1b:d4:d3:26:fd:00:4c:15:95:48:de:f9:45:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Nov  4 07:00:50 2025 GMT
            Not After : Nov  5 07:00:50 2025 GMT
        Subject: CN=3ab90c4f491d60ededaa8f99f4d7d99d20076fa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:36:45:db:73:33:f6:4e:e9:ed:4f:19:4d:20:
                    16:05:30:76:7a:ee:d5:fb:24:38:54:40:60:3c:ca:
                    a4:c0:fa:4b:86:97:2f:14:7a:00:cc:0a:01:5a:96:
                    d9:40:6a:40:e7:95:99:b5:7a:dc:e8:f6:34:d0:52:
                    66:8a:7e:2d:45:70:cb:c7:26:cb:c4:8b:b4:51:09:
                    f0:9b:17:b1:da:70:4d:aa:67:c4:cf:c9:26:24:f7:
                    19:08:44:64:fc:e7:ac:b3:7e:97:19:97:0b:c1:cb:
                    cb:f1:7d:71:08:c0:42:d7:42:84:ed:d7:4f:f9:56:
                    4a:58:bd:eb:30:97:d0:f0:c6:22:5d:21:6b:31:79:
                    5a:a6:c4:8a:0f:e2:ac:82:22:4c:1d:77:b2:c9:97:
                    3d:a5:5b:d4:e4:db:61:2f:77:81:f2:97:66:c2:77:
                    46:43:37:1d:b0:1d:3d:3b:b2:2c:3e:42:08:8d:e8:
                    30:39:b4:24:ac:19:b9:cb:9b:23:8e:32:ec:b0:a1:
                    df:04:95:bf:f1:63:52:38:57:c0:37:a5:c1:73:40:
                    b5:75:36:a0:40:c6:36:f1:1c:08:0b:18:4b:fa:7f:
                    9e:72:05:b6:f1:ce:28:83:9f:f0:e9:53:31:a0:fe:
                    a8:07:6f:a1:2b:0f:ee:38:42:37:7f:19:6a:77:23:
                    f3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B9:0C:4F:49:1D:60:ED:ED:AA:8F:99:F4:D7:D9:9D:20:07:6F:A6
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:68:5a:26:f3:14:bb:1c:19:dd:aa:fb:c1:e8:c1:68:18:a8:
         5d:26:85:7c:d4:ea:03:55:63:ed:33:7c:d9:d5:ad:9c:dc:e1:
         5b:b5:0e:d6:b6:2c:a2:21:67:12:fb:02:0e:be:28:7e:4d:56:
         b8:97:37:92:d6:b3:8d:5a:20:91:73:31:97:14:37:dc:5a:f1:
         ad:a9:e1:74:06:ae:b7:12:c3:9e:bd:b4:69:98:a7:04:05:5d:
         56:c5:f0:99:ba:26:cd:52:e7:c6:b4:b7:52:f1:ba:2c:78:66:
         5b:28:49:cd:41:1e:90:1b:69:a5:39:ed:d3:fa:1b:a3:01:d3:
         56:bb:62:a2:90:75:68:45:91:33:8c:39:75:30:d1:7b:30:8e:
         e7:63:be:d8:e9:ce:78:69:40:ac:0e:e1:32:c3:04:45:92:de:
         f5:41:8b:d3:a5:30:32:52:66:2c:1e:23:53:6d:2e:b4:87:9c:
         d5:8b:1b:f8:8d:b7:de:57:eb:eb:36:4f:35:4d:5b:c1:db:52:
         74:60:18:db:49:fe:13:8b:c3:00:e7:a6:42:30:a8:2f:2b:e2:
         43:f0:a3:c8:9e:f0:fb:73:e6:b6:72:0e:aa:2d:4b:d5:f8:f0:
         48:5f:48:26:66:b3:fd:c1:d3:c0:2c:57:3a:2b:bf:6f:f2:66:
         0b:cd:84:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqxvU0yb9AEwVlUje+UUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUxMTA0MDcwMDUwWhcNMjUxMTA1MDcwMDUwWjAzMTEwLwYDVQQD
EygzYWI5MGM0ZjQ5MWQ2MGVkZWRhYThmOTlmNGQ3ZDk5ZDIwMDc2ZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjZF23Mz9k7p7U8ZTSAWBTB2eu7V
+yQ4VEBgPMqkwPpLhpcvFHoAzAoBWpbZQGpA55WZtXrc6PY00FJmin4tRXDLxybL
xIu0UQnwmxex2nBNqmfEz8kmJPcZCERk/Oess36XGZcLwcvL8X1xCMBC10KE7ddP
+VZKWL3rMJfQ8MYiXSFrMXlapsSKD+KsgiJMHXeyyZc9pVvU5NthL3eB8pdmwndG
QzcdsB09O7IsPkIIjegwObQkrBm5y5sjjjLssKHfBJW/8WNSOFfAN6XBc0C1dTag
QMY28RwICxhL+n+ecgW28c4og5/w6VMxoP6oB2+hKw/uOEI3fxlqdyPz1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDq5DE9JHWDt7aqPmfTX2Z0gB2+mMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ2haJvMU
uxwZ3ar7wejBaBioXSaFfNTqA1Vj7TN82dWtnNzhW7UO1rYsoiFnEvsCDr4ofk1W
uJc3ktazjVogkXMxlxQ33FrxranhdAautxLDnr20aZinBAVdVsXwmbomzVLnxrS3
UvG6LHhmWyhJzUEekBtppTnt0/obowHTVrtiopB1aEWRM4w5dTDRezCO52O+2OnO
eGlArA7hMsMERZLe9UGL06UwMlJmLB4jU20utIec1Ysb+I233lfr6zZPNU1bwdtS
dGAY20n+E4vDAOemQjCoLyviQ/CjyJ7w+3PmtnIOqi1L1fjwSF9IJmaz/cHTwCxX
Oiu/b/JmC82EXg==
-----END CERTIFICATE-----