Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          hsJS/DdZs/XEZPLxC7ARprRCCVLRy/aUI0aANBWm32A=
Subject key identifier:   FF:66:C9:57:3E:8F:F4:A9:1C:8B:B9:E1:D2:9A:CF:75:12:7D:C2:07
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       01976D3DACAA55C98ABB829897DB74D26CDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          08C1
Signing time:             Sat 14 Jun 2025 07:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:47 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: IckkVjHWo8wBsFwlAabPXAa0bTDhBa3oTuJZVjR+kI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:ac:aa:55:c9:8a:bb:82:98:97:db:74:d2:6c:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Jun 14 07:00:47 2025 GMT
            Not After : Jun 15 07:00:47 2025 GMT
        Subject: CN=ff66c9573e8ff4a91c8bb9e1d29acf75127dc207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:cb:a7:9b:db:fa:ac:d3:98:61:5e:d9:5a:e0:
                    85:19:f9:aa:05:fa:8d:08:82:17:a9:16:f5:92:2f:
                    35:3b:b0:32:52:bb:5a:7d:b2:c5:8b:9f:55:aa:fc:
                    56:d3:57:1e:ca:c2:b0:b6:80:02:20:11:20:59:51:
                    62:82:80:60:a0:b1:f1:26:b6:91:21:ac:8f:7c:79:
                    f4:cc:c6:f8:83:c9:66:60:35:72:a7:28:e6:70:f2:
                    40:8c:87:e6:7e:7d:bf:cb:3e:33:0b:c3:b8:56:dc:
                    32:a5:91:a9:44:42:6a:bc:82:99:59:d7:a6:99:36:
                    06:cd:0d:ad:94:a5:b1:4b:5d:89:70:d9:77:2a:43:
                    50:f5:23:ae:de:31:d1:80:7d:67:e6:4a:af:1f:9a:
                    ec:b8:a6:66:3d:27:03:e5:a3:5d:63:c5:39:ac:83:
                    79:82:97:da:30:82:cb:0e:8f:3e:cd:ac:26:f3:9c:
                    aa:d3:3a:d3:e3:91:1f:04:d7:1a:32:9f:c5:5b:ce:
                    ab:30:25:9a:6a:28:ed:34:5a:68:e3:0f:7b:b0:75:
                    b7:2a:97:af:d2:c0:ad:c7:26:1f:da:d5:b6:a8:10:
                    c8:53:da:3d:54:65:7d:48:33:0f:27:57:70:0f:04:
                    8b:41:f1:cf:c6:fa:c4:a9:a3:fd:94:87:62:28:40:
                    a0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:66:C9:57:3E:8F:F4:A9:1C:8B:B9:E1:D2:9A:CF:75:12:7D:C2:07
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:00:83:61:85:6b:74:7c:69:cb:74:0e:15:33:84:14:14:a6:
         87:3e:e0:91:66:2f:f7:91:94:e9:97:a1:10:42:12:5e:8a:f0:
         7d:c0:fa:49:55:77:32:0a:71:0e:36:04:53:6a:64:fe:54:1a:
         b7:d5:22:72:2b:74:73:45:ce:4d:ed:e8:f7:9b:3a:81:88:38:
         da:a3:d0:7e:c6:96:4f:da:5b:ac:7c:ef:27:e9:19:c8:11:bf:
         43:d4:c4:76:09:3c:21:c3:91:73:5d:c7:a6:18:77:9f:90:88:
         c5:4f:5f:34:4d:f8:37:65:60:dd:ae:15:34:07:5b:4f:ea:07:
         3f:ad:d3:40:b9:db:ad:d1:75:78:29:cc:e2:74:f1:91:30:7f:
         03:2b:68:de:75:70:d2:29:a2:d9:db:76:ae:bc:c3:db:5c:bd:
         64:7c:b5:2a:5e:e9:5d:de:58:32:3e:a0:de:1a:f6:84:64:84:
         86:3e:6f:83:fd:09:8e:61:15:8f:bf:dd:49:98:55:41:4c:aa:
         3d:9c:78:eb:2a:fe:ea:18:96:79:dc:cc:6a:fe:84:45:de:eb:
         57:a5:09:bc:08:7f:c3:a4:da:88:e4:e2:ea:57:c1:1a:58:f1:
         af:ea:3f:ba:eb:c0:2b:47:4b:2b:f0:1f:a3:96:10:79:31:de:
         b1:8c:ec:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPayqVcmKu4KYl9t00mzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwNjE0MDcwMDQ3WhcNMjUwNjE1MDcwMDQ3WjAzMTEwLwYDVQQD
EyhmZjY2Yzk1NzNlOGZmNGE5MWM4YmI5ZTFkMjlhY2Y3NTEyN2RjMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cunm9v6rNOYYV7ZWuCFGfmqBfqN
CIIXqRb1ki81O7AyUrtafbLFi59VqvxW01ceysKwtoACIBEgWVFigoBgoLHxJraR
IayPfHn0zMb4g8lmYDVypyjmcPJAjIfmfn2/yz4zC8O4VtwypZGpREJqvIKZWdem
mTYGzQ2tlKWxS12JcNl3KkNQ9SOu3jHRgH1n5kqvH5rsuKZmPScD5aNdY8U5rIN5
gpfaMILLDo8+zawm85yq0zrT45EfBNcaMp/FW86rMCWaaijtNFpo4w97sHW3Kpev
0sCtxyYf2tW2qBDIU9o9VGV9SDMPJ1dwDwSLQfHPxvrEqaP9lIdiKECgkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9myVc+j/SpHIu54dKaz3USfcIHMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQCDYYVr
dHxpy3QOFTOEFBSmhz7gkWYv95GU6ZehEEISXorwfcD6SVV3MgpxDjYEU2pk/lQa
t9Uicit0c0XOTe3o95s6gYg42qPQfsaWT9pbrHzvJ+kZyBG/Q9TEdgk8IcORc13H
phh3n5CIxU9fNE34N2Vg3a4VNAdbT+oHP63TQLnbrdF1eCnM4nTxkTB/Ayto3nVw
0imi2dt2rrzD21y9ZHy1Kl7pXd5YMj6g3hr2hGSEhj5vg/0JjmEVj7/dSZhVQUyq
PZx46yr+6hiWedzMav6ERd7rV6UJvAh/w6TaiOTi6lfBGljxr+o/uuvAK0dLK/Af
o5YQeTHesYzsDA==
-----END CERTIFICATE-----