Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          9+7GOokY6UwjjdsSRprDJXVyEMsyV8ClBoxLeudh8zY=
Subject key identifier:   90:B5:F2:30:5A:0E:0A:EE:A9:B7:54:A0:80:38:8C:75:06:EF:32:11
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019A4D06C1F4DF4DEE4E840BA4A0D56F111B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          1282
Signing time:             Tue 04 Nov 2025 04:01:19 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:19 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:19 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: pLtgVT3kku3yXD3jniR4X/5jeAX6EYKDSfjiF8dixWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:c1:f4:df:4d:ee:4e:84:0b:a4:a0:d5:6f:11:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Nov  4 04:01:19 2025 GMT
            Not After : Nov  5 04:01:19 2025 GMT
        Subject: CN=90b5f2305a0e0aeea9b754a080388c7506ef3211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4b:38:db:b7:42:6a:7b:66:cb:57:e5:3a:4d:
                    9d:06:a2:28:e4:31:6f:b6:47:54:97:ed:9e:ab:88:
                    13:16:3b:1c:dd:cb:d0:7e:db:eb:99:9e:38:64:c7:
                    fc:71:9f:b2:33:1c:49:59:e7:98:18:a7:a7:c0:75:
                    4f:74:d9:c0:a7:3f:6e:bd:ce:72:65:86:02:60:cc:
                    91:34:d5:05:ce:81:de:6d:64:cb:6a:84:77:11:40:
                    bf:04:61:60:fc:68:71:fb:31:8f:d7:5e:e1:70:c5:
                    b2:99:15:09:74:34:17:f1:9e:b7:26:95:dc:b7:a2:
                    ff:9e:b7:35:e3:ce:f8:1e:b6:a7:0c:8a:14:9b:84:
                    58:9f:00:10:f5:e7:c4:cf:63:b4:0c:17:b6:17:d4:
                    20:ae:3e:55:b7:d6:d2:f4:01:8e:db:7e:d9:f3:c7:
                    f1:ff:8b:d0:fd:62:6f:79:15:35:71:e9:ab:9e:63:
                    54:fd:b4:b4:01:ef:4d:b9:79:36:10:87:db:3e:8a:
                    0e:a1:3a:b4:5c:dd:12:70:9b:1b:e7:fa:55:d4:68:
                    66:d3:e6:52:d0:00:4b:a8:bf:25:e1:f7:8c:35:55:
                    2f:e7:18:c9:56:8c:d2:99:63:13:2b:b7:4e:bc:f0:
                    f0:19:ea:49:4d:1d:06:5b:93:f9:f6:72:a7:82:34:
                    69:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:B5:F2:30:5A:0E:0A:EE:A9:B7:54:A0:80:38:8C:75:06:EF:32:11
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:34:e9:ab:2e:40:3b:e7:e5:6f:de:33:90:56:af:4a:a2:92:
         a1:9c:c1:17:26:18:bd:97:ac:d3:b8:73:d9:16:4a:91:03:91:
         15:f2:6e:8c:39:1a:5b:28:17:8f:53:ec:5b:fd:0d:c8:bb:d3:
         a7:32:5c:9b:be:84:8a:ba:b7:9f:ed:78:58:8b:a1:32:58:c6:
         7f:49:8d:c0:f4:61:2a:f0:63:42:ea:0d:ab:ba:36:df:e9:f1:
         1f:24:e2:2b:87:95:e0:99:0a:91:f9:4c:47:2b:cf:56:90:31:
         ed:68:7d:1e:ed:42:d0:a7:37:5d:45:52:16:59:72:45:31:9a:
         96:89:15:69:21:d0:fd:de:67:b7:27:b4:24:19:a7:95:f1:ca:
         78:28:2c:51:ae:fa:52:c1:f2:f6:3e:82:01:77:fe:28:9f:12:
         f6:65:03:1b:6d:79:ec:45:01:e4:fc:78:e6:fa:87:ff:2c:2d:
         e5:12:5d:cf:7e:db:75:97:ac:b4:e8:6d:e2:2f:d3:f7:87:7b:
         47:16:48:c3:e2:0e:7a:f7:35:a7:1e:fe:a5:38:6d:63:bd:0b:
         26:25:56:52:6b:4e:fb:60:d2:43:06:2e:92:d7:19:ca:c7:0b:
         19:9b:31:12:ea:0a:96:d0:83:31:e0:d1:a3:44:92:f2:07:f3:
         20:c3:ba:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBsH0303uToQLpKDVbxEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUxMTA0MDQwMTE5WhcNMjUxMTA1MDQwMTE5WjAzMTEwLwYDVQQD
Eyg5MGI1ZjIzMDVhMGUwYWVlYTliNzU0YTA4MDM4OGM3NTA2ZWYzMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0s427dCantmy1flOk2dBqIo5DFv
tkdUl+2eq4gTFjsc3cvQftvrmZ44ZMf8cZ+yMxxJWeeYGKenwHVPdNnApz9uvc5y
ZYYCYMyRNNUFzoHebWTLaoR3EUC/BGFg/Ghx+zGP117hcMWymRUJdDQX8Z63JpXc
t6L/nrc14874HranDIoUm4RYnwAQ9efEz2O0DBe2F9Qgrj5Vt9bS9AGO237Z88fx
/4vQ/WJveRU1cemrnmNU/bS0Ae9NuXk2EIfbPooOoTq0XN0ScJsb5/pV1Ghm0+ZS
0ABLqL8l4feMNVUv5xjJVozSmWMTK7dOvPDwGepJTR0GW5P59nKngjRpZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJC18jBaDgruqbdUoIA4jHUG7zIRMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFjTpqy5A
O+flb94zkFavSqKSoZzBFyYYvZes07hz2RZKkQORFfJujDkaWygXj1PsW/0NyLvT
pzJcm76Eirq3n+14WIuhMljGf0mNwPRhKvBjQuoNq7o23+nxHyTiK4eV4JkKkflM
RyvPVpAx7Wh9Hu1C0Kc3XUVSFllyRTGalokVaSHQ/d5ntye0JBmnlfHKeCgsUa76
UsHy9j6CAXf+KJ8S9mUDG2157EUB5Px45vqH/ywt5RJdz37bdZestOht4i/T94d7
RxZIw+IOevc1px7+pThtY70LJiVWUmtO+2DSQwYuktcZyscLGZsxEuoKltCDMeDR
o0SS8gfzIMO6cQ==
-----END CERTIFICATE-----