Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          QmXGo2iLUp3VtCBUISzen/8vrhozZbI3NoHinG4awzU=
Subject key identifier:   48:3B:1A:EB:9F:07:78:52:D1:F5:D7:8A:EE:62:FD:DF:2A:4C:B5:FB
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       01976961181318FFEE2F16A72C475D07DFEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          0F00
Signing time:             Fri 13 Jun 2025 13:01:00 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:00 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:00 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: 8ynYpKbqKw3HgzlwA1IlYGixBKMWQGyo1ejzP8nttjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:18:13:18:ff:ee:2f:16:a7:2c:47:5d:07:df:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Jun 13 13:01:00 2025 GMT
            Not After : Jun 14 13:01:00 2025 GMT
        Subject: CN=483b1aeb9f077852d1f5d78aee62fddf2a4cb5fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f2:2b:46:dd:76:7d:29:e2:70:84:31:0a:0c:
                    86:cf:77:7e:44:e1:57:5a:e7:84:4c:f1:e4:43:21:
                    10:3c:31:79:42:dc:fe:53:34:4f:0e:32:68:8e:b6:
                    b6:50:8b:d8:cd:3d:e6:d1:4e:6e:a7:d3:8a:74:7a:
                    0d:6e:f8:eb:87:4e:cc:27:97:9d:65:fb:2a:bb:ec:
                    6c:57:8b:02:ad:a7:ab:60:58:9b:8b:b5:53:81:11:
                    4a:21:9e:4f:86:a9:73:a2:96:20:8c:d3:35:da:bc:
                    ae:d7:f4:b8:e5:c2:78:58:10:38:de:44:39:1f:b6:
                    a9:4d:dc:5d:52:89:07:59:42:c7:d1:6f:93:39:3e:
                    a2:1d:52:c5:6f:5c:93:40:ee:b1:4e:de:97:aa:0b:
                    37:ee:dd:3a:c0:c2:01:45:13:19:f5:07:89:c3:db:
                    fc:02:13:b0:4b:9f:1f:51:d2:80:13:06:ad:f7:50:
                    a0:0e:1d:5a:83:0c:e2:64:a5:29:94:8f:86:5c:cb:
                    78:85:ac:a0:41:cc:a4:ee:65:f2:c5:91:19:c5:5f:
                    68:b8:0c:5a:67:ca:0c:7b:ea:63:f4:e6:c0:53:da:
                    b8:37:06:73:51:3b:2c:d4:2d:95:bb:70:7b:a4:d6:
                    cd:f4:08:ff:47:dc:62:55:91:9f:a7:26:95:4b:36:
                    ec:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:3B:1A:EB:9F:07:78:52:D1:F5:D7:8A:EE:62:FD:DF:2A:4C:B5:FB
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:11:f3:a0:dd:f8:67:cb:ae:70:13:91:d5:b9:cf:ce:f0:12:
         65:57:ad:56:96:53:ad:14:e0:87:8b:7e:47:94:30:58:eb:99:
         60:8d:41:83:8d:58:9f:b0:ce:32:7b:a2:05:b0:97:4a:b6:39:
         3c:92:40:48:91:7e:9a:0d:83:e7:0c:7b:88:ef:23:79:0e:a6:
         93:2c:86:e3:aa:84:f5:ed:a4:30:db:66:e5:ef:3b:2e:41:94:
         6d:7d:19:70:6e:f6:b3:3d:0c:9b:c1:e4:6f:df:50:1c:78:89:
         e5:77:58:cc:1c:4a:5b:33:d2:d1:21:84:55:3a:0d:7c:9d:2f:
         f6:e3:05:9b:ce:fb:6a:96:9b:9f:07:68:f4:b7:62:fb:36:c8:
         ff:93:65:09:70:28:06:3f:71:3a:94:de:b1:6e:18:eb:6e:28:
         eb:81:0e:4e:f6:ef:29:c0:bb:2b:a3:10:b5:af:44:c1:e9:eb:
         b9:68:9e:9a:cb:75:6c:8c:4e:16:90:91:15:63:56:0f:d9:c7:
         de:88:52:29:4d:c8:08:db:7a:d9:1f:3b:07:d4:36:a2:f3:61:
         93:12:64:ed:65:e5:49:7e:47:95:ec:23:1e:0e:44:55:7d:d1:
         fa:54:45:95:77:95:d8:bc:a7:d9:8a:b2:a1:29:21:80:9b:e1:
         aa:cb:78:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYRgTGP/uLxanLEddB9/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjUwNjEzMTMwMTAwWhcNMjUwNjE0MTMwMTAwWjAzMTEwLwYDVQQD
Eyg0ODNiMWFlYjlmMDc3ODUyZDFmNWQ3OGFlZTYyZmRkZjJhNGNiNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfIrRt12fSnicIQxCgyGz3d+ROFX
WueETPHkQyEQPDF5Qtz+UzRPDjJojra2UIvYzT3m0U5up9OKdHoNbvjrh07MJ5ed
Zfsqu+xsV4sCraerYFibi7VTgRFKIZ5PhqlzopYgjNM12ryu1/S45cJ4WBA43kQ5
H7apTdxdUokHWULH0W+TOT6iHVLFb1yTQO6xTt6Xqgs37t06wMIBRRMZ9QeJw9v8
AhOwS58fUdKAEwat91CgDh1agwziZKUplI+GXMt4haygQcyk7mXyxZEZxV9ouAxa
Z8oMe+pj9ObAU9q4NwZzUTss1C2Vu3B7pNbN9Aj/R9xiVZGfpyaVSzbs0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEg7GuufB3hS0fXXiu5i/d8qTLX7MB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARxHzoN34
Z8uucBOR1bnPzvASZVetVpZTrRTgh4t+R5QwWOuZYI1Bg41Yn7DOMnuiBbCXSrY5
PJJASJF+mg2D5wx7iO8jeQ6mkyyG46qE9e2kMNtm5e87LkGUbX0ZcG72sz0Mm8Hk
b99QHHiJ5XdYzBxKWzPS0SGEVToNfJ0v9uMFm877apabnwdo9Ldi+zbI/5NlCXAo
Bj9xOpTesW4Y624o64EOTvbvKcC7K6MQta9EwenruWiemst1bIxOFpCRFWNWD9nH
3ohSKU3ICNt62R87B9Q2ovNhkxJk7WXlSX5HlewjHg5EVX3R+lRFlXeV2Lyn2Yqy
oSkhgJvhqst4Xw==
-----END CERTIFICATE-----