Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          h3CCETj+EI35j+d8gsT3voN2zYcSXQoUYM6tz+o5UHs=
Subject key identifier:   BB:8C:5C:CE:DF:84:62:7C:61:8D:62:B8:F6:A1:0F:F8:78:92:FB:3D
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       019892C7E5328ADCF5027D8CDEA2A4874203
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          1625
Signing time:             Sun 10 Aug 2025 07:00:30 +0000
Manifest this update:     Sun 10 Aug 2025 07:00:30 +0000
Manifest next update:     Mon 11 Aug 2025 07:00:30 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: 1TPh+/aBAR8OqPgZPMDUuaW49/O7HIdDPhKTk62alMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c7:e5:32:8a:dc:f5:02:7d:8c:de:a2:a4:87:42:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Aug 10 07:00:30 2025 GMT
            Not After : Aug 11 07:00:30 2025 GMT
        Subject: CN=bb8c5ccedf84627c618d62b8f6a10ff87892fb3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e3:d0:ad:90:64:a9:1f:ce:f0:ff:af:47:a7:
                    29:3f:62:4c:44:14:05:a3:e7:a4:1c:0f:40:4a:12:
                    19:b6:82:b6:ad:8e:c0:b2:09:f7:5d:ed:24:e8:b7:
                    82:b5:33:43:cd:cc:b4:84:b7:ed:92:4d:1e:6c:29:
                    9e:43:d1:9a:86:aa:94:14:88:dd:af:17:d1:b3:d3:
                    cb:a1:e0:0d:ab:51:9d:a9:6d:63:d3:51:2d:f5:29:
                    38:19:ad:b5:ea:6e:57:82:eb:1e:04:2c:81:96:7a:
                    be:3e:27:58:16:76:a8:3d:17:71:8a:a6:15:d7:cd:
                    13:78:91:eb:12:52:4e:e4:39:3f:a8:c6:b1:97:42:
                    6e:b2:1f:d8:c1:66:0b:2e:23:de:a4:1b:51:84:bd:
                    2c:8f:7f:f3:20:0e:5a:f0:44:13:b3:6b:a8:75:ff:
                    4f:28:aa:40:bd:24:63:79:39:ad:4d:2e:5d:b0:c8:
                    d8:98:d7:f3:7a:a4:79:d4:ee:1f:c2:94:3b:86:b9:
                    c0:fd:6d:a7:f1:84:fe:e0:45:83:f2:4b:2c:f6:8a:
                    25:a3:5a:85:70:74:63:6c:c5:2a:1e:6a:e3:1d:ad:
                    83:49:d1:a4:fa:05:72:12:67:f0:19:4b:dd:4c:0a:
                    25:e2:22:62:c9:4e:a5:3f:4e:6e:10:0c:69:ab:e6:
                    8b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:8C:5C:CE:DF:84:62:7C:61:8D:62:B8:F6:A1:0F:F8:78:92:FB:3D
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:c5:b5:89:30:5d:8c:72:b1:df:3a:9c:73:44:a6:21:46:9b:
         ec:b8:da:e6:b6:44:2c:65:e4:06:39:6d:8e:4c:64:74:e9:91:
         b3:0e:64:1b:37:65:1a:8c:b6:27:28:66:06:7a:e4:03:d5:09:
         c5:f0:d5:e1:a9:fe:20:d8:46:d9:d9:8c:53:49:0d:dd:e0:0e:
         02:43:7e:8f:1d:6e:62:68:4c:78:70:c4:98:28:d4:2a:75:20:
         ff:d7:ed:83:85:cf:7a:7e:0c:05:a0:e2:70:c0:32:4f:71:ff:
         ee:0b:83:d8:4c:55:89:07:52:8f:6d:52:d7:7b:c2:09:4a:59:
         10:fb:d6:4b:a3:59:63:77:d6:bc:ed:a5:c4:f8:20:4b:2e:0a:
         f1:32:17:6b:10:4d:41:7c:b4:7b:12:72:10:9c:5e:dc:d4:1b:
         2f:f8:ee:b7:3f:a8:1d:24:e4:c0:b2:55:97:fb:f1:e3:5e:12:
         20:f4:43:b1:a0:0d:5c:38:65:13:76:e7:63:96:97:c1:5c:3a:
         fa:ce:63:49:8f:ff:eb:c4:d9:1e:2a:13:44:e6:68:dc:ff:8f:
         df:88:e8:e0:c0:1d:70:27:c7:4e:6c:0b:c0:b9:24:0d:57:f3:
         ff:b7:00:af:38:49:21:52:82:e3:49:c8:6c:51:76:85:0f:ed:
         4e:2c:1e:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSx+Uyitz1An2M3qKkh0IDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwODEwMDcwMDMwWhcNMjUwODExMDcwMDMwWjAzMTEwLwYDVQQD
EyhiYjhjNWNjZWRmODQ2MjdjNjE4ZDYyYjhmNmExMGZmODc4OTJmYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuPQrZBkqR/O8P+vR6cpP2JMRBQF
o+ekHA9AShIZtoK2rY7Asgn3Xe0k6LeCtTNDzcy0hLftkk0ebCmeQ9GahqqUFIjd
rxfRs9PLoeANq1GdqW1j01Et9Sk4Ga216m5XguseBCyBlnq+PidYFnaoPRdxiqYV
180TeJHrElJO5Dk/qMaxl0Jush/YwWYLLiPepBtRhL0sj3/zIA5a8EQTs2uodf9P
KKpAvSRjeTmtTS5dsMjYmNfzeqR51O4fwpQ7hrnA/W2n8YT+4EWD8kss9oolo1qF
cHRjbMUqHmrjHa2DSdGk+gVyEmfwGUvdTAol4iJiyU6lP05uEAxpq+aL8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuMXM7fhGJ8YY1iuPahD/h4kvs9MB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcW1iTBd
jHKx3zqcc0SmIUab7Lja5rZELGXkBjltjkxkdOmRsw5kGzdlGoy2JyhmBnrkA9UJ
xfDV4an+INhG2dmMU0kN3eAOAkN+jx1uYmhMeHDEmCjUKnUg/9ftg4XPen4MBaDi
cMAyT3H/7guD2ExViQdSj21S13vCCUpZEPvWS6NZY3fWvO2lxPggSy4K8TIXaxBN
QXy0exJyEJxe3NQbL/jutz+oHSTkwLJVl/vx414SIPRDsaANXDhlE3bnY5aXwVw6
+s5jSY//68TZHioTROZo3P+P34jo4MAdcCfHTmwLwLkkDVfz/7cArzhJIVKC40nI
bFF2hQ/tTiwezA==
-----END CERTIFICATE-----