Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          kp22Z7dg/4hfFsZ0MKhf35my5yKmVjVIR/XwC8G9qU4=
Subject key identifier:   8C:F6:84:FB:B2:6B:06:65:65:10:27:65:15:49:89:8A:F7:16:5E:B5
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019A4E19110C1126253BE6F88FCEA775506B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          0436
Signing time:             Tue 04 Nov 2025 09:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:56 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: 6AwDlocv2bpehGq2EvvZXiTI6OwVT+qvPpaBEFOTz6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:19:11:0c:11:26:25:3b:e6:f8:8f:ce:a7:75:50:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Nov  4 09:00:56 2025 GMT
            Not After : Nov  5 09:00:56 2025 GMT
        Subject: CN=8cf684fbb26b0665651027651549898af7165eb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d4:ca:e4:04:cb:d7:ba:d2:51:29:ea:0c:61:
                    67:f4:a6:06:3b:4f:53:b5:eb:3a:e7:2e:c2:5a:0b:
                    85:e0:ad:6c:53:68:90:24:1c:ff:87:53:db:42:e4:
                    91:d7:cd:99:e6:2f:d9:66:ea:c3:5c:71:72:39:4d:
                    d3:e2:1f:20:77:71:bc:03:11:c6:17:07:d4:6f:cc:
                    ef:04:9f:7c:cd:69:b0:5b:1b:02:ac:4b:d8:1a:35:
                    6d:e5:23:69:8f:97:6d:48:2e:c3:1e:c3:a7:86:7b:
                    b5:00:38:43:dd:eb:80:d1:68:98:f9:10:73:bf:7d:
                    76:91:31:4b:04:8e:92:54:47:96:f6:98:cb:a1:53:
                    ee:2c:d0:01:18:d2:8b:4c:62:4b:cd:d4:34:c7:49:
                    06:69:f3:6f:59:a3:5a:2b:6e:b0:ef:42:5a:17:d5:
                    02:4a:7c:46:c2:f1:ee:2c:0d:ac:a1:52:1b:71:3a:
                    16:99:a6:cc:1e:4d:9d:ed:ea:55:f9:e1:d9:45:f5:
                    fc:c7:61:e5:34:51:c6:be:2b:77:cd:4b:49:27:28:
                    bc:be:e7:7c:e1:68:50:93:97:02:a6:da:6c:08:e4:
                    04:5e:7c:84:ac:fa:43:fc:24:66:03:2c:ed:6f:be:
                    e6:45:e2:91:5e:4f:da:42:c5:b3:31:66:d3:e9:65:
                    89:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F6:84:FB:B2:6B:06:65:65:10:27:65:15:49:89:8A:F7:16:5E:B5
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:48:27:50:25:eb:2e:28:13:4c:25:a0:be:b7:f3:08:e5:c1:
         88:1e:36:9a:e9:30:ca:e7:8f:00:17:7b:ea:84:5f:f8:27:66:
         4c:3f:cb:d2:0f:57:7b:78:67:6c:1b:2e:5f:c6:62:b2:50:f9:
         76:aa:5a:b4:ce:d8:74:a8:29:d0:5c:c5:c3:aa:5c:4a:49:2d:
         28:26:cd:91:a5:b9:76:04:c5:48:f7:28:8d:83:4b:f1:e2:4a:
         e5:75:75:ad:05:37:97:2e:83:95:22:7a:3f:d4:70:2b:b3:23:
         0b:e6:01:ef:0d:72:76:4d:be:7a:72:1d:12:79:79:43:17:a7:
         ec:81:d3:59:7d:b4:d1:42:a9:54:9e:11:77:7b:b7:b2:39:a9:
         fa:dd:80:cf:1c:db:e7:8b:a6:96:36:cb:a1:2e:ad:02:40:e6:
         42:50:0c:a7:a2:e0:a4:2d:f0:ca:8e:b9:c7:f1:20:f0:71:9c:
         80:7c:4f:9f:d2:39:d9:6b:78:6b:9c:70:b2:fa:a1:36:a2:3e:
         a8:12:dd:6a:7d:33:65:ee:ff:72:c1:ad:3a:82:53:62:80:07:
         5f:0f:ce:8f:64:66:5f:b7:29:e2:13:23:df:c8:ea:22:90:4d:
         39:7c:c2:55:c1:9d:12:58:ac:58:9b:6c:96:55:ec:a8:85:0a:
         9d:c7:1e:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGREMESYlO+b4j86ndVBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjUxMTA0MDkwMDU2WhcNMjUxMTA1MDkwMDU2WjAzMTEwLwYDVQQD
Eyg4Y2Y2ODRmYmIyNmIwNjY1NjUxMDI3NjUxNTQ5ODk4YWY3MTY1ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtTK5ATL17rSUSnqDGFn9KYGO09T
tes65y7CWguF4K1sU2iQJBz/h1PbQuSR182Z5i/ZZurDXHFyOU3T4h8gd3G8AxHG
FwfUb8zvBJ98zWmwWxsCrEvYGjVt5SNpj5dtSC7DHsOnhnu1ADhD3euA0WiY+RBz
v312kTFLBI6SVEeW9pjLoVPuLNABGNKLTGJLzdQ0x0kGafNvWaNaK26w70JaF9UC
SnxGwvHuLA2soVIbcToWmabMHk2d7epV+eHZRfX8x2HlNFHGvit3zUtJJyi8vud8
4WhQk5cCptpsCOQEXnyErPpD/CRmAyztb77mReKRXk/aQsWzMWbT6WWJwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIz2hPuyawZlZRAnZRVJiYr3Fl61MB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEgnUCXr
LigTTCWgvrfzCOXBiB42mukwyuePABd76oRf+CdmTD/L0g9Xe3hnbBsuX8ZislD5
dqpatM7YdKgp0FzFw6pcSkktKCbNkaW5dgTFSPcojYNL8eJK5XV1rQU3ly6DlSJ6
P9RwK7MjC+YB7w1ydk2+enIdEnl5Qxen7IHTWX200UKpVJ4Rd3u3sjmp+t2Azxzb
54umljbLoS6tAkDmQlAMp6LgpC3wyo65x/Eg8HGcgHxPn9I52Wt4a5xwsvqhNqI+
qBLdan0zZe7/csGtOoJTYoAHXw/Oj2RmX7cp4hMj38jqIpBNOXzCVcGdElisWJts
llXsqIUKncce0Q==
-----END CERTIFICATE-----