Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
File:                     PE71UtfFcTYTTntE1pfLAs3n2H0.mft (raw, json)
Hash identifier:          OyUsstTuBnzjvChCZ9o4JuzkQFFcDwBhkA9YeZbIFfs=
Subject key identifier:   26:2F:C9:7C:8E:E7:C4:79:50:35:B1:E4:20:31:A0:14:77:73:FE:8F
Authority key identifier: 3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D
Certificate issuer:       /CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d
Certificate serial:       0197684E835E60EF27C5845DE429AB6AC0AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
Manifest number:          09F1
Signing time:             Fri 13 Jun 2025 08:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 08:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 08:01:05 +0000
Files and hashes:         1: PE71UtfFcTYTTntE1pfLAs3n2H0.crl (hash: XsLFC+pdFwC1MQIIi3faYhFDNbmj8GNoloOL1sxVZTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 08:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:83:5e:60:ef:27:c5:84:5d:e4:29:ab:6a:c0:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d
        Validity
            Not Before: Jun 13 08:01:05 2025 GMT
            Not After : Jun 14 08:01:05 2025 GMT
        Subject: CN=262fc97c8ee7c4795035b1e42031a0147773fe8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a6:71:b8:f1:1c:36:99:82:5d:cd:82:c3:ec:
                    9c:1a:3a:c2:a0:39:23:57:54:0d:1d:6d:c2:b1:33:
                    f7:0b:01:d2:11:4f:d6:e0:62:a3:d5:63:6e:f9:1c:
                    46:03:e8:47:11:39:7a:69:b4:a5:d6:1e:7a:d2:b8:
                    e4:ca:6b:b8:9f:a5:a6:26:e7:78:a5:a0:90:67:cd:
                    5a:fc:86:6f:37:d9:f0:58:a6:41:4a:b7:86:64:b2:
                    13:81:e1:07:99:eb:2e:a3:dc:c6:eb:b5:24:35:78:
                    74:9e:36:72:4f:a2:fe:ed:66:39:e7:51:eb:21:8a:
                    07:31:9b:16:ac:9d:ed:4e:b6:d6:4f:b7:64:de:38:
                    43:ae:0e:33:9e:e3:69:8a:2d:96:2b:f6:3b:2b:06:
                    2b:98:d1:b4:49:44:8c:ff:88:12:34:b2:65:4b:51:
                    dd:50:3c:b4:31:15:59:6d:d0:58:61:e9:02:15:02:
                    69:ee:71:4c:18:c4:53:68:b7:b0:d6:12:6e:68:fc:
                    56:35:11:b3:07:99:4e:61:7b:e6:0f:8e:54:69:31:
                    a7:07:02:6d:54:49:bb:87:0f:8d:2c:63:fe:01:43:
                    f5:e4:98:d7:2f:1c:d6:81:d3:92:e8:40:31:97:f0:
                    d4:53:a9:e3:a0:0a:4e:fa:7f:b1:38:ac:34:69:40:
                    d0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:2F:C9:7C:8E:E7:C4:79:50:35:B1:E4:20:31:A0:14:77:73:FE:8F
            X509v3 Authority Key Identifier:
                keyid:3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e5:9d:99:1a:2f:61:a6:ec:7c:53:6c:6f:46:38:c4:41:e7:ad:
         e0:58:32:ac:78:00:b6:27:3f:3b:aa:e7:c9:1f:19:78:30:f2:
         f8:d7:8a:fb:af:22:09:ec:d4:f9:58:37:c7:e8:80:f8:db:63:
         ac:fd:8c:b5:39:90:77:d4:e4:b4:eb:c2:49:d7:69:18:38:24:
         ec:f4:ec:44:ec:dc:03:4e:82:ff:ab:f5:01:cc:09:95:a8:62:
         c1:92:28:12:da:17:39:a5:cb:18:f8:f8:85:c8:66:f8:78:0b:
         51:a6:87:9e:fb:dd:9b:4e:51:55:d3:8c:3e:85:ad:c8:d1:a1:
         6d:9b:40:d4:fd:16:93:9f:4a:68:5f:44:2d:e4:84:63:ea:52:
         1d:02:42:1f:90:4c:cc:fb:fa:fe:55:e1:2b:7a:8f:46:2e:69:
         6b:9d:2d:fb:e4:0b:7c:ce:60:c1:df:28:52:b0:0e:47:b0:5e:
         a1:a2:23:c8:ce:7a:49:7c:50:9e:41:46:2b:a8:e8:14:d3:90:
         51:6b:f5:26:2f:fe:f9:72:d8:fb:c8:82:f2:90:74:ba:d0:38:
         f9:bc:c4:c6:75:ad:6a:a5:5c:45:22:64:35:c5:29:3d:90:d3:
         aa:d0:40:98:bd:66:10:a0:2d:58:41:13:67:87:23:e9:86:61:
         5d:89:fe:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoToNeYO8nxYRd5CmrasCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVmNTUyZDdjNTcxMzYxMzRlN2I0NGQ2OTdjYjAyY2Rl
N2Q4N2QwHhcNMjUwNjEzMDgwMTA1WhcNMjUwNjE0MDgwMTA1WjAzMTEwLwYDVQQD
EygyNjJmYzk3YzhlZTdjNDc5NTAzNWIxZTQyMDMxYTAxNDc3NzNmZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6ZxuPEcNpmCXc2Cw+ycGjrCoDkj
V1QNHW3CsTP3CwHSEU/W4GKj1WNu+RxGA+hHETl6abSl1h560rjkymu4n6WmJud4
paCQZ81a/IZvN9nwWKZBSreGZLITgeEHmesuo9zG67UkNXh0njZyT6L+7WY551Hr
IYoHMZsWrJ3tTrbWT7dk3jhDrg4znuNpii2WK/Y7KwYrmNG0SUSM/4gSNLJlS1Hd
UDy0MRVZbdBYYekCFQJp7nFMGMRTaLew1hJuaPxWNRGzB5lOYXvmD45UaTGnBwJt
VEm7hw+NLGP+AUP15JjXLxzWgdOS6EAxl/DUU6njoApO+n+xOKw0aUDQZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYvyXyO58R5UDWx5CAxoBR3c/6PMB8GA1UdIwQY
MBaAFDxO9VLXxXE2E057RNaXywLN59h9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDct
MTE0NDFlMTZhMTM3LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDctMTE0NDFlMTZhMTM3
LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5Z2ZGi9h
pux8U2xvRjjEQeet4FgyrHgAtic/O6rnyR8ZeDDy+NeK+68iCezU+Vg3x+iA+Ntj
rP2MtTmQd9TktOvCSddpGDgk7PTsROzcA06C/6v1AcwJlahiwZIoEtoXOaXLGPj4
hchm+HgLUaaHnvvdm05RVdOMPoWtyNGhbZtA1P0Wk59KaF9ELeSEY+pSHQJCH5BM
zPv6/lXhK3qPRi5pa50t++QLfM5gwd8oUrAOR7BeoaIjyM56SXxQnkFGK6joFNOQ
UWv1Ji/++XLY+8iC8pB0utA4+bzExnWtaqVcRSJkNcUpPZDTqtBAmL1mEKAtWEET
Z4cj6YZhXYn+gQ==
-----END CERTIFICATE-----