Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          8yXrs+/CmwLnwmGp4Rw4EoY4xQcW3eEmqJl8+MhQwO4=
Subject key identifier:   2D:A0:F4:0A:E2:61:52:BA:21:1B:EC:60:8B:F6:F8:04:B3:69:D8:95
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019A5187537DC6B0B2CD32CAC720AB100366
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          03DB
Signing time:             Wed 05 Nov 2025 01:00:14 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:14 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:14 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: 1rLNOXcnmH07rWydiUTaGSAfz5lB6/Jp5Qy5CCzkP9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 01:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:53:7d:c6:b0:b2:cd:32:ca:c7:20:ab:10:03:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Nov  5 01:00:14 2025 GMT
            Not After : Nov  6 01:00:14 2025 GMT
        Subject: CN=2da0f40ae26152ba211bec608bf6f804b369d895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:17:e4:d4:fa:51:bf:89:b0:4f:b7:e9:08:c6:
                    88:cb:41:9c:6c:7b:a4:aa:52:61:7a:b2:72:44:29:
                    ee:37:70:86:57:03:a9:78:e0:ea:37:97:b9:a6:12:
                    45:88:5a:5c:fd:dc:2c:9b:fa:36:c3:2c:95:b4:01:
                    1d:ae:97:e2:60:e3:08:08:e7:00:12:66:e5:cc:81:
                    2e:af:6d:b2:40:ac:ca:ab:fe:35:63:ab:ee:6e:3f:
                    06:58:93:f9:02:4c:4c:3f:a7:bf:65:a4:d4:35:fb:
                    92:d0:78:3a:99:3f:b1:8d:d7:8f:08:eb:78:b2:ed:
                    fb:36:a9:15:99:02:77:99:f3:dd:8d:fd:57:da:83:
                    57:44:6b:38:81:4f:34:05:ba:6d:88:9f:a3:2e:99:
                    4c:df:a4:20:5e:62:67:c3:67:68:ec:6e:9a:6b:c8:
                    47:52:d7:a8:73:a4:c8:fa:ef:3d:6d:aa:49:fd:ad:
                    88:18:5f:46:5c:20:03:f0:64:35:cc:80:69:26:44:
                    d3:c5:f1:15:04:64:71:0a:8c:8c:20:15:63:14:b9:
                    fb:72:f6:15:b3:45:4d:62:aa:5c:f4:cf:86:05:83:
                    22:dc:bf:59:ef:76:f0:78:b9:50:3a:31:5f:11:73:
                    fc:34:53:24:79:33:71:aa:51:63:35:f2:25:75:78:
                    84:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A0:F4:0A:E2:61:52:BA:21:1B:EC:60:8B:F6:F8:04:B3:69:D8:95
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:da:dd:66:2d:6d:09:19:9b:44:d5:43:b2:ac:98:8b:a1:17:
         23:41:c7:69:4b:9f:ac:dc:9b:84:f7:d1:d5:85:e1:d1:cf:89:
         5c:98:a5:3d:8d:18:df:3d:11:32:41:fb:63:4e:36:f9:41:de:
         84:d8:54:6c:ad:39:ff:7c:75:ef:a1:e3:84:51:34:30:20:e0:
         85:85:69:0c:c7:66:43:b3:46:ca:0c:11:06:77:ed:fb:74:50:
         e4:53:23:5f:b2:81:72:91:d2:41:b0:62:38:7c:9c:e0:d5:1a:
         3f:50:3a:78:c3:30:8c:64:56:53:5a:57:28:02:8f:b6:4c:7d:
         a1:ff:77:0f:aa:4b:59:61:4b:78:47:3a:9c:d4:5f:08:ba:57:
         8e:1a:c9:33:8a:4a:10:16:b0:c7:b7:92:49:b7:cd:22:f9:74:
         b3:8d:97:22:6e:d0:50:f6:e8:ba:f7:f9:84:50:16:fc:28:df:
         85:79:c1:f9:12:ef:68:af:7e:f3:a5:85:30:b7:24:c3:b7:dd:
         1c:93:5a:ab:2e:c2:7b:c9:87:d7:71:6a:5b:05:60:91:11:b3:
         1f:c1:5c:4d:0d:f6:67:3c:2f:b1:db:43:40:e4:c1:7c:f9:4d:
         70:12:cf:b2:e1:9b:06:76:84:8a:04:8b:23:2c:de:f8:5f:9d:
         6b:8e:85:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh1N9xrCyzTLKxyCrEANmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUxMTA1MDEwMDE0WhcNMjUxMTA2MDEwMDE0WjAzMTEwLwYDVQQD
EygyZGEwZjQwYWUyNjE1MmJhMjExYmVjNjA4YmY2ZjgwNGIzNjlkODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhfk1PpRv4mwT7fpCMaIy0GcbHuk
qlJherJyRCnuN3CGVwOpeODqN5e5phJFiFpc/dwsm/o2wyyVtAEdrpfiYOMICOcA
EmblzIEur22yQKzKq/41Y6vubj8GWJP5AkxMP6e/ZaTUNfuS0Hg6mT+xjdePCOt4
su37NqkVmQJ3mfPdjf1X2oNXRGs4gU80BbptiJ+jLplM36QgXmJnw2do7G6aa8hH
Uteoc6TI+u89bapJ/a2IGF9GXCAD8GQ1zIBpJkTTxfEVBGRxCoyMIBVjFLn7cvYV
s0VNYqpc9M+GBYMi3L9Z73bweLlQOjFfEXP8NFMkeTNxqlFjNfIldXiEuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2g9AriYVK6IRvsYIv2+ASzadiVMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGdrdZi1t
CRmbRNVDsqyYi6EXI0HHaUufrNybhPfR1YXh0c+JXJilPY0Y3z0RMkH7Y042+UHe
hNhUbK05/3x176HjhFE0MCDghYVpDMdmQ7NGygwRBnft+3RQ5FMjX7KBcpHSQbBi
OHyc4NUaP1A6eMMwjGRWU1pXKAKPtkx9of93D6pLWWFLeEc6nNRfCLpXjhrJM4pK
EBawx7eSSbfNIvl0s42XIm7QUPbouvf5hFAW/CjfhXnB+RLvaK9+86WFMLckw7fd
HJNaqy7Ce8mH13FqWwVgkRGzH8FcTQ32ZzwvsdtDQOTBfPlNcBLPsuGbBnaEigSL
Iyze+F+da46Fjg==
-----END CERTIFICATE-----