Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          ouAOKqdaiFxQSb/e1hdsQQ5BWJ4cEW24Nbz8qQkqGw0=
Subject key identifier:   23:C7:45:FD:21:1D:F6:DF:02:F5:2F:3A:70:17:7D:B7:03:59:41:64
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019897B7B2BE311CE0FBEA17FCD59EAAD8FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          0353
Signing time:             Mon 11 Aug 2025 06:00:55 +0000
Manifest this update:     Mon 11 Aug 2025 06:00:55 +0000
Manifest next update:     Tue 12 Aug 2025 06:00:55 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: SDj5K5nh6QwOy0dczgOXvTmAFwqCNKHTNnI/kQGafFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:b7:b2:be:31:1c:e0:fb:ea:17:fc:d5:9e:aa:d8:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Aug 11 06:00:55 2025 GMT
            Not After : Aug 12 06:00:55 2025 GMT
        Subject: CN=23c745fd211df6df02f52f3a70177db703594164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:28:78:3a:63:13:6a:e9:9c:0c:15:39:95:e6:
                    9f:c5:ea:10:23:7c:07:db:71:c9:fb:5f:10:f8:e7:
                    f9:9d:e5:18:a1:9d:56:4b:55:6e:b5:de:22:b3:c9:
                    70:fb:ea:ed:e9:34:a7:30:4b:e1:b7:68:f7:4d:de:
                    09:cf:ae:ab:83:9c:05:2d:5b:88:67:8d:a9:ed:a9:
                    b9:8a:50:ad:6e:46:2d:fe:f7:fc:50:7e:83:92:5f:
                    df:7c:d0:01:7a:69:8b:5f:a7:f4:13:09:89:cb:a3:
                    33:ba:3f:1f:39:10:c5:6f:1a:97:09:7f:97:12:b5:
                    e4:db:7b:b0:f9:fd:c3:f4:c1:66:cc:f8:65:79:00:
                    cf:29:56:98:91:0d:63:4e:7e:3b:ad:4d:ba:26:b9:
                    2b:36:f7:4f:c7:07:cd:53:a9:ee:c7:d5:61:e6:34:
                    f8:ae:da:d1:bd:d1:41:a0:32:79:0a:ad:85:5b:94:
                    a0:f2:1f:a7:78:cb:1f:ce:0d:58:49:04:e9:c0:65:
                    28:55:85:c0:bf:ba:a1:7a:31:c1:0d:1b:a9:ce:8c:
                    20:49:84:79:77:59:f7:68:ce:33:e4:06:04:7b:40:
                    9b:d2:ec:cf:c1:c4:82:42:be:e0:99:8e:76:51:fa:
                    ef:01:88:12:d4:28:e6:97:7d:a5:ab:5f:af:b7:af:
                    be:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C7:45:FD:21:1D:F6:DF:02:F5:2F:3A:70:17:7D:B7:03:59:41:64
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:9e:21:23:32:a2:a0:b1:64:35:fc:02:55:d4:79:3a:20:46:
         c7:8c:ca:0b:f9:56:ae:49:4f:ae:21:7a:a3:f3:72:8f:e4:a2:
         70:9a:6d:86:93:08:e2:b0:18:fd:bb:5d:27:31:c4:94:82:ba:
         56:25:ae:3a:fd:f1:8c:c6:7f:40:ff:97:42:4d:30:f3:9b:70:
         83:7c:4b:7f:1b:13:e5:d1:f0:2b:59:f7:81:34:4b:9a:ff:78:
         7e:f2:07:d6:db:78:c6:1a:1b:b3:5e:07:69:cc:95:1a:d7:23:
         60:ca:bd:ed:9a:15:d6:a0:62:97:bf:e4:ed:32:c2:66:ff:93:
         f8:82:ff:a1:80:c7:80:34:ab:b8:bc:f7:db:b5:41:d2:46:a8:
         2a:5b:c8:e4:f1:bd:86:20:bf:98:55:e6:cf:bb:a1:00:f5:c3:
         6c:7d:47:42:77:74:d2:60:f8:34:06:34:94:8a:95:b1:d1:29:
         e2:ff:1f:ca:59:08:72:d2:40:b8:94:88:c9:ee:c5:a7:3b:75:
         7d:85:2f:cb:a1:57:a0:a2:9a:70:93:76:bc:5b:50:ef:3f:81:
         0a:aa:c9:f7:7c:a9:95:a7:78:0e:3b:fc:1d:8e:43:42:9a:12:
         29:95:20:e7:b1:26:26:02:17:1e:9f:52:27:f9:42:4f:6e:54:
         78:c7:2e:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXt7K+MRzg++oX/NWeqtj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUwODExMDYwMDU1WhcNMjUwODEyMDYwMDU1WjAzMTEwLwYDVQQD
EygyM2M3NDVmZDIxMWRmNmRmMDJmNTJmM2E3MDE3N2RiNzAzNTk0MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yh4OmMTaumcDBU5leafxeoQI3wH
23HJ+18Q+Of5neUYoZ1WS1Vutd4is8lw++rt6TSnMEvht2j3Td4Jz66rg5wFLVuI
Z42p7am5ilCtbkYt/vf8UH6Dkl/ffNABemmLX6f0EwmJy6Mzuj8fORDFbxqXCX+X
ErXk23uw+f3D9MFmzPhleQDPKVaYkQ1jTn47rU26JrkrNvdPxwfNU6nux9Vh5jT4
rtrRvdFBoDJ5Cq2FW5Sg8h+neMsfzg1YSQTpwGUoVYXAv7qhejHBDRupzowgSYR5
d1n3aM4z5AYEe0Cb0uzPwcSCQr7gmY52UfrvAYgS1Cjml32lq1+vt6++JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPHRf0hHfbfAvUvOnAXfbcDWUFkMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF54hIzKi
oLFkNfwCVdR5OiBGx4zKC/lWrklPriF6o/Nyj+SicJpthpMI4rAY/btdJzHElIK6
ViWuOv3xjMZ/QP+XQk0w85twg3xLfxsT5dHwK1n3gTRLmv94fvIH1tt4xhobs14H
acyVGtcjYMq97ZoV1qBil7/k7TLCZv+T+IL/oYDHgDSruLz327VB0kaoKlvI5PG9
hiC/mFXmz7uhAPXDbH1HQnd00mD4NAY0lIqVsdEp4v8fylkIctJAuJSIye7Fpzt1
fYUvy6FXoKKacJN2vFtQ7z+BCqrJ93yplad4Djv8HY5DQpoSKZUg57EmJgIXHp9S
J/lCT25UeMcuoA==
-----END CERTIFICATE-----