Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
File:                     PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json)
Hash identifier:          xsWdY9d8f3e54borBIgzCDKEgkPibY1WvPFHGqPowkM=
Subject key identifier:   87:6D:CF:D8:3D:6F:45:F9:C9:73:1D:4D:49:71:4B:8C:DE:BD:90:80
Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
Certificate issuer:       /CN=3d43340fad246465de8e614d039563a699657d8d
Certificate serial:       01988B0EB7748F8F829B3477EA3BC46E1789
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
Manifest number:          B3
Signing time:             Fri 08 Aug 2025 19:00:54 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:54 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:54 +0000
Files and hashes:         1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: 2kdtSi9ZQUJ406X7ZIJXBCN8cuIS2q6wtHg8MlCz/AY=)
                          2: wtKFjn0luOKNhpCBH0YWKLpKHKU.roa (hash: Z6YfBfkr08FSM8yJ/BnA5aNSDpKZqhovD8OdV3xTXpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:b7:74:8f:8f:82:9b:34:77:ea:3b:c4:6e:17:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d43340fad246465de8e614d039563a699657d8d
        Validity
            Not Before: Aug  8 19:00:54 2025 GMT
            Not After : Aug  9 19:00:54 2025 GMT
        Subject: CN=876dcfd83d6f45f9c9731d4d49714b8cdebd9080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:5b:e6:94:97:d5:a1:2a:f7:57:4e:5c:8c:58:
                    59:1e:35:9d:01:d4:f2:c4:c2:36:92:a8:a2:fd:19:
                    bd:85:85:9d:40:a4:5c:b6:56:9d:a9:e1:a2:c8:9e:
                    4a:a3:c8:38:14:87:2d:4c:07:30:77:92:c4:75:98:
                    ef:1d:3b:8d:17:5e:e3:47:20:dd:b2:21:4c:d7:84:
                    ff:24:c7:e2:f4:bb:99:36:06:1d:7c:63:0b:0f:c7:
                    ab:97:63:22:0b:19:14:9e:91:c9:8c:39:ec:4e:ad:
                    16:df:a9:3e:46:77:af:bd:3e:51:3b:bb:8a:3a:1b:
                    60:b3:84:6f:31:b3:7d:99:8f:3d:b7:43:61:92:65:
                    93:44:b5:61:95:6f:89:42:de:5b:54:fe:bb:df:c8:
                    a4:8e:11:1d:5e:1e:5e:2c:5d:84:67:fb:28:b8:ac:
                    bc:d4:00:51:48:ad:19:fd:12:59:b0:19:74:3f:52:
                    fb:15:7e:b9:44:61:ad:f8:39:a5:67:5c:74:17:97:
                    b5:34:4d:af:e1:fd:75:96:4a:af:a1:22:7e:2c:3a:
                    e2:e6:24:ce:65:f3:32:b8:d1:93:bc:5b:c5:b5:e4:
                    1a:55:d9:81:4d:69:85:71:e3:dd:58:f3:7a:c3:29:
                    66:cd:8b:fa:af:fc:41:28:19:3c:b8:1b:b6:61:68:
                    cc:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6D:CF:D8:3D:6F:45:F9:C9:73:1D:4D:49:71:4B:8C:DE:BD:90:80
            X509v3 Authority Key Identifier:
                keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:0c:dc:6c:a1:79:78:1c:5d:ce:f9:c6:a9:4f:7c:35:f2:5b:
         9c:fd:f3:8d:6a:e1:a1:f1:d7:56:ff:bc:38:8f:77:82:86:dd:
         52:d4:54:67:29:10:7d:01:16:31:04:a1:a4:41:ea:60:0e:ff:
         ed:c5:b8:b1:da:d2:f7:93:64:3e:1a:ac:9b:8e:88:9b:5b:70:
         57:92:68:6e:20:b0:ca:00:88:87:d2:2a:e2:76:40:bc:6a:53:
         4a:8c:62:b2:63:d8:f7:99:1e:d3:1d:e1:db:db:34:85:95:c7:
         32:25:21:4b:56:0b:dd:2c:e9:14:b1:8e:7c:91:55:f2:2d:9a:
         bc:a6:98:5b:0e:ad:c1:60:41:99:2a:16:a9:35:ad:46:07:a1:
         b6:a5:64:d8:5d:81:13:ef:21:84:e9:d7:29:c2:88:4c:26:17:
         4f:67:50:de:e3:d0:a7:92:d6:1f:1e:74:7b:4d:0f:80:c8:84:
         df:8f:17:70:0d:ce:73:e6:47:bc:86:e7:90:e4:96:1d:6f:fe:
         cf:ec:f6:1a:c5:41:fa:21:0f:8c:d7:62:2a:53:21:e7:08:4e:
         d2:53:e8:4a:61:da:34:c2:1c:c2:e0:9d:26:8a:4d:c7:53:0d:
         78:a8:d4:90:ab:d1:8f:d5:e5:b5:7a:ee:4c:f6:19:d6:b2:04:
         fb:d2:9d:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDrd0j4+CmzR36jvEbheJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2
NTdkOGQwHhcNMjUwODA4MTkwMDU0WhcNMjUwODA5MTkwMDU0WjAzMTEwLwYDVQQD
Eyg4NzZkY2ZkODNkNmY0NWY5Yzk3MzFkNGQ0OTcxNGI4Y2RlYmQ5MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31vmlJfVoSr3V05cjFhZHjWdAdTy
xMI2kqii/Rm9hYWdQKRctladqeGiyJ5Ko8g4FIctTAcwd5LEdZjvHTuNF17jRyDd
siFM14T/JMfi9LuZNgYdfGMLD8erl2MiCxkUnpHJjDnsTq0W36k+RnevvT5RO7uK
Ohtgs4RvMbN9mY89t0NhkmWTRLVhlW+JQt5bVP6738ikjhEdXh5eLF2EZ/souKy8
1ABRSK0Z/RJZsBl0P1L7FX65RGGt+DmlZ1x0F5e1NE2v4f11lkqvoSJ+LDri5iTO
ZfMyuNGTvFvFteQaVdmBTWmFcePdWPN6wylmzYv6r/xBKBk8uBu2YWjMQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdtz9g9b0X5yXMdTUlxS4zevZCAMB8GA1UdIwQY
MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt
YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx
LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANAzcbKF5
eBxdzvnGqU98NfJbnP3zjWrhofHXVv+8OI93gobdUtRUZykQfQEWMQShpEHqYA7/
7cW4sdrS95NkPhqsm46Im1twV5JobiCwygCIh9Iq4nZAvGpTSoxismPY95ke0x3h
29s0hZXHMiUhS1YL3SzpFLGOfJFV8i2avKaYWw6twWBBmSoWqTWtRgehtqVk2F2B
E+8hhOnXKcKITCYXT2dQ3uPQp5LWHx50e00PgMiE348XcA3Oc+ZHvIbnkOSWHW/+
z+z2GsVB+iEPjNdiKlMh5whO0lPoSmHaNMIcwuCdJopNx1MNeKjUkKvRj9XltXru
TPYZ1rIE+9KdvA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:59 2025 by rpki-client