Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File:                     Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier:          KGOTizUYYkjIDa8HXucMvf8Z10I7HROpqQ0I/DLYqZM=
Subject key identifier:   00:11:6A:9E:45:EC:38:BB:11:32:A9:F5:6B:11:B5:2B:2C:AA:73:FE
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer:       /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial:       01987ED414E0F0F17957BB6DDA7A4B683251
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number:          1236
Signing time:             Wed 06 Aug 2025 10:01:24 +0000
Manifest this update:     Wed 06 Aug 2025 10:01:24 +0000
Manifest next update:     Thu 07 Aug 2025 10:01:24 +0000
Files and hashes:         1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: 1mP+I/ZOaaSmpFJUXAGvFVKewitd6OZR82N8jxEjWIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 10:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:d4:14:e0:f0:f1:79:57:bb:6d:da:7a:4b:68:32:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
        Validity
            Not Before: Aug  6 10:01:24 2025 GMT
            Not After : Aug  7 10:01:24 2025 GMT
        Subject: CN=00116a9e45ec38bb1132a9f56b11b52b2caa73fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:7d:13:98:e8:4e:90:b9:ed:c0:49:8b:65:3f:
                    31:d5:93:0e:02:a1:5b:cb:ae:e5:e7:6a:61:14:9e:
                    24:b1:6b:18:43:a7:cd:79:d0:b5:0f:95:82:18:63:
                    60:05:fa:58:f2:ce:8a:f6:00:83:c6:cd:7b:c5:3c:
                    7e:61:9d:c2:ed:cd:cb:c9:be:9c:20:2b:29:4d:77:
                    6b:29:9a:ee:bf:07:0b:15:7d:e2:6b:e9:69:85:4b:
                    97:ee:53:46:77:01:76:ac:35:66:4f:94:20:d2:cb:
                    a8:f2:41:60:69:bc:8c:d0:46:e1:fd:bd:5e:73:c7:
                    6b:36:a4:bc:69:d3:69:32:93:6c:cc:e5:02:e1:97:
                    0e:3d:03:fa:1f:61:fb:ae:da:1e:6e:58:c0:d4:8b:
                    0f:4c:ca:35:76:9c:5b:2b:0f:0d:56:57:03:1c:56:
                    dd:27:f6:14:29:b6:a1:bf:60:b5:1e:27:f5:13:de:
                    bf:69:f0:61:bb:68:35:77:03:ac:73:b9:9a:98:60:
                    b7:32:8c:68:3a:e2:bf:77:91:b5:31:b9:fb:e3:54:
                    9b:30:56:f8:2a:5d:84:af:28:be:25:29:e8:24:36:
                    86:19:76:b9:cb:50:f0:81:2d:bc:b9:6d:69:7d:ca:
                    14:cd:a9:77:7d:2a:e0:c9:ab:71:c3:0a:30:10:c1:
                    a9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:11:6A:9E:45:EC:38:BB:11:32:A9:F5:6B:11:B5:2B:2C:AA:73:FE
            X509v3 Authority Key Identifier:
                keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:72:1b:4f:eb:bb:7d:98:6b:4a:a8:15:58:70:44:32:18:8f:
         86:98:6d:2e:ec:81:f1:5e:b7:06:ca:22:96:46:c9:4e:11:1f:
         5d:9e:c6:28:ed:52:e8:b4:37:a6:65:1e:ee:c4:49:99:f5:b5:
         0f:79:b2:1f:e6:85:71:1f:ee:9c:2a:79:bc:3f:23:c5:64:bd:
         bd:87:d6:b3:13:b2:aa:0c:85:33:f3:54:00:2f:7f:1e:36:ff:
         6c:da:d8:83:87:4a:d7:f9:c1:80:69:a8:85:e7:ca:e7:f5:6d:
         97:73:c5:e8:49:f4:93:04:34:d1:1d:87:68:a8:f3:b6:97:4b:
         ce:59:67:79:f3:dd:f2:8d:e4:c1:ea:64:40:00:37:44:6b:29:
         a2:94:e3:70:43:08:60:3f:c6:2d:62:1e:90:3b:fa:ed:ac:a3:
         3c:16:15:81:49:d1:72:4e:69:c7:50:ac:6c:6a:40:b0:84:ac:
         5b:63:e1:44:48:38:7f:ca:27:78:e4:d6:38:3f:fd:e1:bf:da:
         e9:2d:d1:e3:05:40:a9:ba:55:00:77:e9:4e:2a:50:6b:f8:5c:
         16:81:48:b9:cf:f3:ec:c6:e1:e9:1e:43:60:fb:34:46:dc:bb:
         0a:0f:02:29:4d:02:fb:b1:78:e2:2f:94:c3:e4:8e:f0:40:52:
         52:58:fd:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+1BTg8PF5V7tt2npLaDJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjUwODA2MTAwMTI0WhcNMjUwODA3MTAwMTI0WjAzMTEwLwYDVQQD
EygwMDExNmE5ZTQ1ZWMzOGJiMTEzMmE5ZjU2YjExYjUyYjJjYWE3M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH0TmOhOkLntwEmLZT8x1ZMOAqFb
y67l52phFJ4ksWsYQ6fNedC1D5WCGGNgBfpY8s6K9gCDxs17xTx+YZ3C7c3Lyb6c
ICspTXdrKZruvwcLFX3ia+lphUuX7lNGdwF2rDVmT5Qg0suo8kFgabyM0Ebh/b1e
c8drNqS8adNpMpNszOUC4ZcOPQP6H2H7rtoebljA1IsPTMo1dpxbKw8NVlcDHFbd
J/YUKbahv2C1Hif1E96/afBhu2g1dwOsc7mamGC3MoxoOuK/d5G1Mbn741SbMFb4
Kl2Eryi+JSnoJDaGGXa5y1DwgS28uW1pfcoUzal3fSrgyatxwwowEMGpMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAARap5F7Di7ETKp9WsRtSssqnP+MB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnIbT+u7
fZhrSqgVWHBEMhiPhphtLuyB8V63BsoilkbJThEfXZ7GKO1S6LQ3pmUe7sRJmfW1
D3myH+aFcR/unCp5vD8jxWS9vYfWsxOyqgyFM/NUAC9/Hjb/bNrYg4dK1/nBgGmo
hefK5/Vtl3PF6En0kwQ00R2HaKjztpdLzllnefPd8o3kwepkQAA3RGspopTjcEMI
YD/GLWIekDv67ayjPBYVgUnRck5px1CsbGpAsISsW2PhREg4f8oneOTWOD/94b/a
6S3R4wVAqbpVAHfpTipQa/hcFoFIuc/z7Mbh6R5DYPs0Rty7Cg8CKU0C+7F44i+U
w+SO8EBSUlj9Dw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:24:24 2025 by rpki-client