Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          FqO6SG2JTp5enlAduEL9XzFXm4bWn0e00fOZqpTyWJ0=
Subject key identifier:   D6:72:80:E9:DB:81:7A:FB:91:EB:6E:99:DA:F8:73:1E:C7:43:0B:00
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019896A5E439DE73B148846D77FDE562E6E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          119F
Signing time:             Mon 11 Aug 2025 01:01:50 +0000
Manifest this update:     Mon 11 Aug 2025 01:01:50 +0000
Manifest next update:     Tue 12 Aug 2025 01:01:50 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: oqGO9OWbuhzd2hphU8vXoKA1GZNXkizSLXe3S/p7OYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a5:e4:39:de:73:b1:48:84:6d:77:fd:e5:62:e6:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Aug 11 01:01:50 2025 GMT
            Not After : Aug 12 01:01:50 2025 GMT
        Subject: CN=d67280e9db817afb91eb6e99daf8731ec7430b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a2:6f:90:ee:06:35:06:cb:3b:c2:4f:09:1e:
                    c7:29:1e:a6:44:d6:34:d2:93:36:e0:a5:76:54:93:
                    7d:6e:1f:26:f4:32:c6:0f:fd:a2:15:34:b0:35:41:
                    d4:31:18:29:2c:89:11:b8:2c:63:f9:a3:1c:48:03:
                    62:f4:20:e6:87:d6:98:db:e4:66:d9:33:75:d9:de:
                    31:9b:e2:67:a2:97:1c:df:81:76:68:57:1b:a5:35:
                    b4:4b:33:36:76:08:6d:31:a6:25:6b:ca:9f:2c:89:
                    64:c7:e8:3b:39:64:d4:73:e9:56:a1:5a:bb:e1:84:
                    35:ad:ff:02:6e:3f:70:31:b4:8b:a2:2f:3a:ba:bd:
                    f0:d2:6c:f6:c9:5d:9d:15:04:12:2e:9b:25:20:5b:
                    a5:3f:e4:49:b7:89:df:5b:7d:cb:c2:74:35:f3:06:
                    88:b9:36:78:54:2b:c8:4c:52:77:bd:09:64:b4:00:
                    fe:cb:be:0b:f9:4d:7f:a9:dd:f9:a0:7e:f5:cc:b6:
                    6d:e4:ef:d5:ed:a1:a5:ee:86:10:71:86:13:4b:04:
                    73:53:b4:89:e3:ed:08:21:7f:8a:37:17:6e:59:0f:
                    60:0e:e2:a1:33:c7:3c:d2:79:b2:3c:50:3e:3b:8b:
                    ed:38:32:63:7f:20:07:02:46:ce:07:66:b5:58:57:
                    57:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:72:80:E9:DB:81:7A:FB:91:EB:6E:99:DA:F8:73:1E:C7:43:0B:00
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:1c:9c:91:89:8c:1f:c8:48:e0:d3:07:43:17:34:47:b2:b8:
         a2:cd:19:8b:52:ba:5c:f7:ac:ad:f3:74:19:2e:f5:be:37:98:
         61:92:64:32:0d:ca:bf:74:23:65:89:ac:84:0b:95:a8:1a:a0:
         f4:31:73:f6:97:62:6c:a9:23:3a:1e:59:93:a8:ba:a6:22:ee:
         40:15:78:94:70:93:90:65:6e:14:0f:bc:95:f9:ea:4c:e8:12:
         c2:95:fa:36:76:56:b0:8d:1b:b3:41:cf:95:f8:ad:4f:54:dd:
         1a:0e:2c:cb:28:9b:bb:23:bc:ff:73:d4:25:a4:23:6c:a1:45:
         3b:0b:57:d7:c7:8c:09:b1:f9:75:ee:fc:1b:d8:49:b2:4c:ec:
         19:eb:f7:b8:49:50:75:64:85:2f:44:cb:0e:32:8f:ac:5f:e3:
         fc:b3:93:93:09:6b:6b:6c:46:6f:89:0d:23:6e:f8:59:d6:9a:
         52:fd:43:e2:95:2a:7c:4c:ad:99:3e:cc:9c:ef:f2:49:3f:92:
         48:e4:06:3b:41:f1:4d:92:d8:60:8a:93:f3:18:4f:1d:0b:c4:
         d8:5b:16:67:25:9c:78:7a:31:c4:57:49:9e:8f:94:d6:12:2a:
         12:be:8d:2b:34:8d:1a:26:38:0e:47:f4:13:57:25:01:58:ef:
         72:a4:b3:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpeQ53nOxSIRtd/3lYublMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUwODExMDEwMTUwWhcNMjUwODEyMDEwMTUwWjAzMTEwLwYDVQQD
EyhkNjcyODBlOWRiODE3YWZiOTFlYjZlOTlkYWY4NzMxZWM3NDMwYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aJvkO4GNQbLO8JPCR7HKR6mRNY0
0pM24KV2VJN9bh8m9DLGD/2iFTSwNUHUMRgpLIkRuCxj+aMcSANi9CDmh9aY2+Rm
2TN12d4xm+Jnopcc34F2aFcbpTW0SzM2dghtMaYla8qfLIlkx+g7OWTUc+lWoVq7
4YQ1rf8Cbj9wMbSLoi86ur3w0mz2yV2dFQQSLpslIFulP+RJt4nfW33LwnQ18waI
uTZ4VCvITFJ3vQlktAD+y74L+U1/qd35oH71zLZt5O/V7aGl7oYQcYYTSwRzU7SJ
4+0IIX+KNxduWQ9gDuKhM8c80nmyPFA+O4vtODJjfyAHAkbOB2a1WFdX3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZygOnbgXr7ketumdr4cx7HQwsAMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRyckYmM
H8hI4NMHQxc0R7K4os0Zi1K6XPesrfN0GS71vjeYYZJkMg3Kv3QjZYmshAuVqBqg
9DFz9pdibKkjOh5Zk6i6piLuQBV4lHCTkGVuFA+8lfnqTOgSwpX6NnZWsI0bs0HP
lfitT1TdGg4syyibuyO8/3PUJaQjbKFFOwtX18eMCbH5de78G9hJskzsGev3uElQ
dWSFL0TLDjKPrF/j/LOTkwlra2xGb4kNI274WdaaUv1D4pUqfEytmT7MnO/yST+S
SOQGO0HxTZLYYIqT8xhPHQvE2FsWZyWceHoxxFdJno+U1hIqEr6NKzSNGiY4Dkf0
E1clAVjvcqSzZg==
-----END CERTIFICATE-----