Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          PZKVKCrmsMz571mklHRfMgDps6e8mhRhVQ8I/77YFHU=
Subject key identifier:   99:DE:B8:8A:45:09:04:02:91:A8:DB:5E:80:CF:BD:9A:47:03:2E:86
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019A4EF5AD36286F2870E6EF4858F2F3030B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0A3F
Signing time:             Tue 04 Nov 2025 13:01:54 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:54 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:54 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: iXoTzCXO6iDQoPdSshGM6qknVF3UNia5Qz5L199/q0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:ad:36:28:6f:28:70:e6:ef:48:58:f2:f3:03:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Nov  4 13:01:54 2025 GMT
            Not After : Nov  5 13:01:54 2025 GMT
        Subject: CN=99deb88a4509040291a8db5e80cfbd9a47032e86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:43:ea:75:dd:2e:7b:84:e3:26:73:5e:8e:0f:
                    ad:08:ec:37:04:9a:eb:fe:4f:0a:5c:e1:ac:cb:f2:
                    2d:21:75:0b:0a:23:b0:0b:0f:af:c0:b0:b5:9e:e4:
                    a9:67:9e:43:56:45:f1:ac:01:e6:4a:43:da:d8:9c:
                    da:4a:d8:04:fe:31:ec:2e:b1:70:ce:c5:d3:1b:1e:
                    c2:5b:40:49:f4:e9:a1:70:f4:d1:b2:ae:16:c7:51:
                    5f:77:5f:39:f6:c9:4a:1f:35:c8:d7:2d:a0:2c:ed:
                    73:d1:9f:f7:71:31:ee:16:29:7b:52:75:95:ba:e8:
                    0c:5c:da:58:aa:6f:57:55:83:67:22:62:a2:5c:d1:
                    24:9d:00:33:44:61:5f:66:da:52:e5:2b:a7:a1:c3:
                    f8:eb:7d:bd:37:fe:1e:56:d4:36:e4:0b:81:b3:49:
                    f3:00:d3:fd:37:8d:96:ca:9c:cf:50:a7:be:10:99:
                    16:29:08:91:07:20:87:d7:37:34:3c:65:d5:44:54:
                    db:b0:ac:2d:a4:ca:e2:47:a8:a1:ac:b5:cc:e5:d2:
                    0e:dd:36:d6:f7:a5:b7:51:94:0b:3d:b5:73:17:04:
                    d4:40:82:05:99:52:37:59:6d:53:39:6c:ee:62:7b:
                    2c:91:4a:03:79:f1:44:90:ab:61:b2:37:fa:1e:aa:
                    24:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:DE:B8:8A:45:09:04:02:91:A8:DB:5E:80:CF:BD:9A:47:03:2E:86
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:9c:70:4c:24:99:71:83:15:db:9d:2b:7c:8c:7d:e8:63:d7:
         c4:12:02:b2:53:be:65:34:d3:7b:c6:c4:90:58:70:bf:3b:ed:
         27:a8:63:01:dd:3d:18:4a:24:bc:32:46:7a:2e:b0:08:96:2e:
         ca:bb:ac:11:9d:f6:6f:34:16:a0:4b:f8:69:c8:ee:1f:7f:bf:
         f5:3b:c4:70:3a:84:29:9a:2f:c5:a3:4d:00:3a:a5:19:50:74:
         c5:01:75:66:17:2e:27:ef:da:35:3c:c9:f2:e4:04:e7:a0:36:
         1d:4e:45:3a:ef:3a:eb:72:74:57:d0:56:11:a3:27:fd:21:4c:
         6a:87:ba:04:3a:0d:0c:a6:1c:58:8f:8f:40:f9:e9:18:38:6a:
         eb:12:15:48:54:eb:76:f1:6f:3a:96:28:41:5f:32:4b:08:ae:
         89:ff:e6:3b:fd:cc:6c:7f:5e:35:78:15:c8:c4:d2:c2:c6:c4:
         ea:c1:d3:31:b4:13:dd:f8:91:84:fb:a5:63:47:08:1b:ae:84:
         ef:dd:d2:de:4f:9f:48:ff:a7:bd:9d:b2:ec:c9:97:cd:31:e2:
         05:b5:79:79:41:80:c3:30:65:e0:79:e3:9a:f3:8d:05:16:b3:
         bf:98:85:84:f7:9f:82:b7:ec:45:59:0c:85:c7:f3:1c:52:fa:
         e4:96:62:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9a02KG8ocObvSFjy8wMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUxMTA0MTMwMTU0WhcNMjUxMTA1MTMwMTU0WjAzMTEwLwYDVQQD
Eyg5OWRlYjg4YTQ1MDkwNDAyOTFhOGRiNWU4MGNmYmQ5YTQ3MDMyZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0Pqdd0ue4TjJnNejg+tCOw3BJrr
/k8KXOGsy/ItIXULCiOwCw+vwLC1nuSpZ55DVkXxrAHmSkPa2JzaStgE/jHsLrFw
zsXTGx7CW0BJ9OmhcPTRsq4Wx1Ffd1859slKHzXI1y2gLO1z0Z/3cTHuFil7UnWV
uugMXNpYqm9XVYNnImKiXNEknQAzRGFfZtpS5SunocP46329N/4eVtQ25AuBs0nz
ANP9N42WypzPUKe+EJkWKQiRByCH1zc0PGXVRFTbsKwtpMriR6ihrLXM5dIO3TbW
96W3UZQLPbVzFwTUQIIFmVI3WW1TOWzuYnsskUoDefFEkKthsjf6HqokOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJneuIpFCQQCkajbXoDPvZpHAy6GMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZxwTCSZ
cYMV250rfIx96GPXxBICslO+ZTTTe8bEkFhwvzvtJ6hjAd09GEokvDJGei6wCJYu
yrusEZ32bzQWoEv4acjuH3+/9TvEcDqEKZovxaNNADqlGVB0xQF1ZhcuJ+/aNTzJ
8uQE56A2HU5FOu8663J0V9BWEaMn/SFMaoe6BDoNDKYcWI+PQPnpGDhq6xIVSFTr
dvFvOpYoQV8ySwiuif/mO/3MbH9eNXgVyMTSwsbE6sHTMbQT3fiRhPulY0cIG66E
793S3k+fSP+nvZ2y7MmXzTHiBbV5eUGAwzBl4HnjmvONBRazv5iFhPefgrfsRVkM
hcfzHFL65JZiog==
-----END CERTIFICATE-----