Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File:                     PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier:          w12vmg3bMrlb6UJjcVNMMh0CoFwTrXEqpYiVLpold+o=
Subject key identifier:   9F:12:43:58:28:50:33:C6:02:77:DC:9C:4F:11:8E:CC:39:38:B0:BC
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer:       /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial:       019679442690868E1C02767640108D60D256
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number:          150D
Signing time:             Sun 27 Apr 2025 22:00:31 +0000
Manifest this update:     Sun 27 Apr 2025 22:00:31 +0000
Manifest next update:     Mon 28 Apr 2025 22:00:31 +0000
Files and hashes:         1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: DSNpUg1bXmVxRGmXUgoXL2sW1iLHuHNnyzj8SjQC9tE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:44:26:90:86:8e:1c:02:76:76:40:10:8d:60:d2:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
        Validity
            Not Before: Apr 27 22:00:31 2025 GMT
            Not After : Apr 28 22:00:31 2025 GMT
        Subject: CN=9f124358285033c60277dc9c4f118ecc3938b0bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:97:c1:57:97:bb:45:65:d7:f1:22:e4:b7:f4:
                    ab:b4:e7:4d:3d:9e:61:0c:ce:e6:ea:ae:3c:54:36:
                    4a:7c:8b:67:01:5f:5b:35:6d:06:f2:03:18:ed:09:
                    47:32:a7:4c:b2:33:f3:6e:70:a5:c0:d6:4b:9e:72:
                    ee:88:bc:ba:6a:b8:e5:a1:c1:b1:14:a3:41:a1:da:
                    9b:8d:44:27:3b:a5:92:9a:93:5b:f2:57:85:02:35:
                    cb:18:a1:b1:3d:e7:17:0c:ce:fa:4a:80:0b:5d:c2:
                    c8:c4:33:f5:14:95:fb:3d:07:1a:e0:6c:8b:b2:67:
                    a2:d1:f5:e0:ce:10:1e:1b:2c:02:d7:bd:29:84:f3:
                    7f:5b:3f:98:c4:2a:57:75:64:9c:ab:81:09:46:47:
                    76:66:e3:64:6c:aa:73:f5:e3:e4:6f:01:09:8e:07:
                    3d:57:68:ad:dd:6c:3d:92:69:28:5c:8a:a7:eb:01:
                    25:5f:d9:53:66:8b:18:40:ac:d0:b7:a2:40:1e:d7:
                    0d:bb:82:89:c4:24:2e:b8:8d:e7:58:2b:8f:0c:f6:
                    76:b4:dc:0d:1d:cd:54:d1:f5:09:1c:57:db:57:8c:
                    b9:2b:c1:2e:47:22:2a:e5:f3:9c:f4:65:6c:01:75:
                    36:fe:b1:5f:1f:ea:82:b2:53:a6:f5:1a:ac:f1:4b:
                    99:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:12:43:58:28:50:33:C6:02:77:DC:9C:4F:11:8E:CC:39:38:B0:BC
            X509v3 Authority Key Identifier:
                keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d0:2b:65:70:73:73:6e:09:a7:a8:29:dd:53:23:5b:96:f0:
         29:4c:5d:e5:f3:5c:80:ff:44:0a:77:00:03:f9:0c:a3:52:e2:
         6c:69:4e:15:f1:97:36:36:ee:ec:0a:02:7c:0b:a9:7e:b3:6d:
         89:e8:7f:18:07:15:8e:70:b0:9a:37:4b:cd:1e:e5:29:bb:a6:
         32:76:1a:0d:2c:1c:68:f8:65:e2:d4:a5:ac:32:78:09:75:78:
         a5:30:7e:50:d5:5c:bc:8a:a3:57:38:a3:54:f3:4e:70:c8:0c:
         80:b4:48:5b:45:df:ee:72:1d:47:33:2d:62:73:7a:8f:77:76:
         30:00:70:c4:55:67:29:d1:92:d3:b5:64:7b:d9:4e:4d:ba:4e:
         10:0f:49:c9:8f:ce:5c:f2:e8:a7:5a:50:24:19:9c:7f:85:00:
         b9:f6:e9:0c:58:6f:0b:b4:f1:46:db:98:f0:8e:00:82:2f:d5:
         d3:2e:c3:c2:fb:ec:08:de:3f:1c:98:79:dc:4d:2f:31:68:52:
         41:1b:6a:c1:95:d5:7a:c7:12:c7:d6:9c:03:d8:b8:e7:c0:f7:
         28:a5:2b:f5:1d:2b:cc:55:a3:d8:89:e9:31:4b:f0:95:90:29:
         b1:26:fd:75:af:aa:79:95:66:e9:44:75:fd:3e:64:df:ff:ea:
         b0:30:d3:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5RCaQho4cAnZ2QBCNYNJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwNDI3MjIwMDMxWhcNMjUwNDI4MjIwMDMxWjAzMTEwLwYDVQQD
Eyg5ZjEyNDM1ODI4NTAzM2M2MDI3N2RjOWM0ZjExOGVjYzM5MzhiMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5fBV5e7RWXX8SLkt/SrtOdNPZ5h
DM7m6q48VDZKfItnAV9bNW0G8gMY7QlHMqdMsjPzbnClwNZLnnLuiLy6arjlocGx
FKNBodqbjUQnO6WSmpNb8leFAjXLGKGxPecXDM76SoALXcLIxDP1FJX7PQca4GyL
smei0fXgzhAeGywC170phPN/Wz+YxCpXdWScq4EJRkd2ZuNkbKpz9ePkbwEJjgc9
V2it3Ww9kmkoXIqn6wElX9lTZosYQKzQt6JAHtcNu4KJxCQuuI3nWCuPDPZ2tNwN
Hc1U0fUJHFfbV4y5K8EuRyIq5fOc9GVsAXU2/rFfH+qCslOm9Rqs8UuZeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8SQ1goUDPGAnfcnE8Rjsw5OLC8MB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtArZXBz
c24Jp6gp3VMjW5bwKUxd5fNcgP9ECncAA/kMo1LibGlOFfGXNjbu7AoCfAupfrNt
ieh/GAcVjnCwmjdLzR7lKbumMnYaDSwcaPhl4tSlrDJ4CXV4pTB+UNVcvIqjVzij
VPNOcMgMgLRIW0Xf7nIdRzMtYnN6j3d2MABwxFVnKdGS07Vke9lOTbpOEA9JyY/O
XPLop1pQJBmcf4UAufbpDFhvC7TxRtuY8I4Agi/V0y7DwvvsCN4/HJh53E0vMWhS
QRtqwZXVescSx9acA9i458D3KKUr9R0rzFWj2InpMUvwlZApsSb9da+qeZVm6UR1
/T5k3//qsDDTtA==
-----END CERTIFICATE-----