Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          qtN0RVX7D2QXjesxUa3fNUaurC8mIfNEwhXj0pTPNP0=
Subject key identifier:   D2:A6:17:CF:4D:7E:B4:15:84:C1:BD:F1:80:0F:49:FC:37:7F:04:46
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       0197711A1DF03B10765564EB6C3CA6A76FD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0A7F
Signing time:             Sun 15 Jun 2025 01:00:26 +0000
Manifest this update:     Sun 15 Jun 2025 01:00:26 +0000
Manifest next update:     Mon 16 Jun 2025 01:00:26 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: +KKuFhk1gcS3U8ewRuoXfB76KKj1faTCQyRruyokq9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:1d:f0:3b:10:76:55:64:eb:6c:3c:a6:a7:6f:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Jun 15 01:00:26 2025 GMT
            Not After : Jun 16 01:00:26 2025 GMT
        Subject: CN=d2a617cf4d7eb41584c1bdf1800f49fc377f0446
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:5c:d8:1f:9a:79:6f:df:96:fe:43:df:f7:ce:
                    0b:96:eb:81:62:b7:4a:4e:fc:80:20:63:d5:00:3a:
                    e8:c6:d2:d1:91:56:8f:c7:56:08:6a:82:60:5a:23:
                    39:53:60:2b:84:d3:1e:05:f4:9f:73:56:2c:48:03:
                    fa:03:82:fc:1a:1c:fe:1d:a7:fe:18:d4:97:fa:4a:
                    6b:9b:4e:78:9c:54:d9:ac:82:04:92:f6:c2:ad:0b:
                    1f:5d:43:3d:2c:ea:f4:2d:2e:b1:56:9d:4b:f1:6b:
                    1b:8b:be:11:d9:b1:cc:b1:1a:45:90:41:2e:0b:59:
                    0f:a3:6e:ed:33:6a:ff:3d:f7:fc:41:15:ba:bd:88:
                    cf:ab:42:95:c0:cc:4b:a9:89:b7:1b:35:96:1e:f3:
                    18:26:ba:67:07:8a:a6:13:0e:aa:97:ed:3b:3c:12:
                    cd:f4:1c:e7:1d:f8:69:69:96:1a:b3:29:76:10:e9:
                    35:ea:f9:6e:c4:b4:1a:08:c8:aa:76:37:0e:f2:83:
                    85:c0:fc:e1:61:d7:5b:67:ae:d1:2f:ab:8c:fa:65:
                    9a:ff:02:45:f1:a2:24:95:10:5b:e8:89:ef:dc:a8:
                    d1:30:17:a3:09:72:29:f5:bb:01:ad:9b:23:28:59:
                    b4:d6:83:9d:6f:19:3f:00:ef:b3:63:35:14:7d:21:
                    f5:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:A6:17:CF:4D:7E:B4:15:84:C1:BD:F1:80:0F:49:FC:37:7F:04:46
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:fd:aa:d8:0e:24:6f:65:7a:ac:ad:38:4d:01:5f:65:6b:91:
         db:e9:7c:af:b6:23:8c:99:c0:b0:0b:a1:0a:b7:26:9b:3f:71:
         c1:98:7a:9f:66:78:72:5a:ae:79:31:41:b7:e7:ad:dc:59:53:
         27:e3:c8:d1:20:ea:bd:6f:5d:f6:ce:68:44:0f:a5:2f:0f:1c:
         0c:df:ab:f6:f8:d1:3c:cf:99:43:13:4d:03:b6:eb:c5:dd:60:
         cd:46:ea:cf:da:21:08:c2:5b:6e:dc:bb:46:8c:33:77:75:65:
         6f:07:0c:b8:1a:2f:ca:60:0c:28:99:47:35:67:d6:ac:b0:5e:
         ad:bf:19:8c:9b:67:00:ba:d9:7e:1d:a0:a7:3c:fd:b8:81:e9:
         30:5e:54:e2:0b:14:ff:a2:63:ce:4d:87:7e:92:92:91:f8:12:
         06:dc:9b:d7:a7:43:62:7b:5d:6a:b0:b0:23:b1:31:99:53:f2:
         70:e0:ee:3b:b6:c1:3e:e6:bc:21:ed:5b:57:81:55:ff:54:2e:
         43:85:79:e4:92:68:91:45:1f:d8:bc:2c:88:c5:32:15:fe:9a:
         2d:56:23:ce:a1:99:d6:ca:b4:db:07:ab:fc:be:1c:0f:74:16:
         5e:c7:00:36:7b:60:1e:c9:8e:85:0b:9e:37:a5:86:ba:34:ea:
         d6:e8:c2:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGh3wOxB2VWTrbDymp2/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwNjE1MDEwMDI2WhcNMjUwNjE2MDEwMDI2WjAzMTEwLwYDVQQD
EyhkMmE2MTdjZjRkN2ViNDE1ODRjMWJkZjE4MDBmNDlmYzM3N2YwNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41zYH5p5b9+W/kPf984LluuBYrdK
TvyAIGPVADroxtLRkVaPx1YIaoJgWiM5U2ArhNMeBfSfc1YsSAP6A4L8Ghz+Haf+
GNSX+kprm054nFTZrIIEkvbCrQsfXUM9LOr0LS6xVp1L8Wsbi74R2bHMsRpFkEEu
C1kPo27tM2r/Pff8QRW6vYjPq0KVwMxLqYm3GzWWHvMYJrpnB4qmEw6ql+07PBLN
9BznHfhpaZYasyl2EOk16vluxLQaCMiqdjcO8oOFwPzhYddbZ67RL6uM+mWa/wJF
8aIklRBb6Inv3KjRMBejCXIp9bsBrZsjKFm01oOdbxk/AO+zYzUUfSH17wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKmF89NfrQVhMG98YAPSfw3fwRGMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfv2q2A4k
b2V6rK04TQFfZWuR2+l8r7YjjJnAsAuhCrcmmz9xwZh6n2Z4clqueTFBt+et3FlT
J+PI0SDqvW9d9s5oRA+lLw8cDN+r9vjRPM+ZQxNNA7brxd1gzUbqz9ohCMJbbty7
Rowzd3VlbwcMuBovymAMKJlHNWfWrLBerb8ZjJtnALrZfh2gpzz9uIHpMF5U4gsU
/6Jjzk2HfpKSkfgSBtyb16dDYntdarCwI7ExmVPycODuO7bBPua8Ie1bV4FV/1Qu
Q4V55JJokUUf2LwsiMUyFf6aLVYjzqGZ1sq02wer/L4cD3QWXscANntgHsmOhQue
N6WGujTq1ujCxw==
-----END CERTIFICATE-----