Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          dYX9fJBxy+mSlxNIYSC/PUodFM5MxWKYErpP7ppzXNo=
Subject key identifier:   E1:91:E4:86:18:3D:F5:14:BC:DD:EF:B6:1C:12:79:7E:FB:85:2E:5A
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       0199FC591820CC29CCD58B8B5C7CC8B269DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0B70
Signing time:             Sun 19 Oct 2025 12:02:01 +0000
Manifest this update:     Sun 19 Oct 2025 12:02:01 +0000
Manifest next update:     Mon 20 Oct 2025 12:02:01 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: KKzkMlcUPMlT1fCSw3hhp0Yzd0x2HP89cG8RuiB0+u8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:18:20:cc:29:cc:d5:8b:8b:5c:7c:c8:b2:69:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Oct 19 12:02:01 2025 GMT
            Not After : Oct 20 12:02:01 2025 GMT
        Subject: CN=e191e486183df514bcddefb61c12797efb852e5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5a:b1:22:2c:5b:78:52:ee:b6:f4:6d:b2:a6:
                    91:f1:09:7d:61:3c:9c:f2:a3:6c:94:52:fd:c9:25:
                    d7:c2:8e:2d:6f:e6:21:7c:3b:0d:70:f9:1f:40:e5:
                    19:50:ad:6e:cf:7b:6c:91:83:10:7e:43:77:36:ca:
                    cf:b9:ea:37:db:6d:a8:e3:df:b9:57:43:ba:c6:ce:
                    86:6f:03:98:30:6c:b4:2c:f1:27:0c:89:59:08:2d:
                    d3:89:02:ef:ef:8c:75:7d:a6:0b:cc:7e:02:38:43:
                    c7:a4:f2:d2:29:44:66:ed:90:bf:8f:51:d6:a9:76:
                    a0:3c:6c:38:49:cc:9f:7f:68:70:f6:bc:64:d5:2b:
                    c1:88:13:de:0b:7f:27:f1:66:2f:0a:29:47:fb:40:
                    83:52:c4:91:d4:de:b3:d7:c7:b5:1c:17:e1:24:e1:
                    34:16:0e:91:8b:31:37:9e:0d:3a:fc:aa:39:5f:9b:
                    68:7a:aa:69:7b:dc:74:e7:94:d0:76:0e:b8:80:88:
                    5f:44:bd:76:a4:a6:28:a1:c4:f8:22:00:59:2b:e8:
                    87:16:fa:74:17:32:24:20:92:5d:81:a7:6f:52:9a:
                    8a:ec:aa:b2:70:28:5f:ab:8b:87:93:df:69:17:54:
                    90:d9:01:28:83:4f:35:7f:5b:49:4e:68:6f:48:11:
                    f2:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:91:E4:86:18:3D:F5:14:BC:DD:EF:B6:1C:12:79:7E:FB:85:2E:5A
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:b1:9b:44:fc:6c:42:aa:b9:fb:45:19:11:1f:6f:58:f0:84:
         9c:33:7d:24:e7:a9:7f:7a:d8:77:0e:ce:3b:eb:94:d4:33:c3:
         ed:b1:4f:20:c4:33:37:f0:66:cc:05:ef:18:f1:1a:f4:17:65:
         55:99:20:d2:fc:e5:22:06:d2:18:5b:c9:8d:4e:4a:11:a9:cb:
         0f:a8:8e:4f:bf:51:ce:12:c2:18:6c:5e:43:40:f1:15:56:1a:
         b3:02:d5:f8:25:79:55:1a:77:b7:bb:a3:1c:bb:cf:95:f8:92:
         38:00:22:22:cc:17:80:35:d2:8b:80:54:12:ce:81:44:43:8f:
         9f:6c:91:59:ac:35:46:c7:64:2b:e3:06:c0:b5:a7:c9:09:d4:
         92:cd:bd:ea:48:a9:72:4f:45:4f:ab:bc:e3:81:38:f6:f2:c8:
         79:5c:d3:e0:fa:5e:ae:d2:8f:2b:51:4b:34:85:2a:c2:3a:41:
         ac:21:35:87:1a:c6:7a:f5:3b:95:44:f7:c8:b9:79:6a:19:49:
         c6:e3:b5:c2:f4:6f:4c:3e:17:a1:ae:b9:5c:8d:14:8b:48:3e:
         a7:11:5e:65:82:71:9b:15:c9:3c:ba:8a:dc:16:54:b2:42:6b:
         2d:d0:72:8d:47:8b:c9:75:8e:bd:1d:73:ec:7e:b4:fb:4f:7d:
         a8:4e:90:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WRggzCnM1YuLXHzIsmnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUxMDE5MTIwMjAxWhcNMjUxMDIwMTIwMjAxWjAzMTEwLwYDVQQD
EyhlMTkxZTQ4NjE4M2RmNTE0YmNkZGVmYjYxYzEyNzk3ZWZiODUyZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlqxIixbeFLutvRtsqaR8Ql9YTyc
8qNslFL9ySXXwo4tb+YhfDsNcPkfQOUZUK1uz3tskYMQfkN3NsrPueo3222o49+5
V0O6xs6GbwOYMGy0LPEnDIlZCC3TiQLv74x1faYLzH4COEPHpPLSKURm7ZC/j1HW
qXagPGw4Scyff2hw9rxk1SvBiBPeC38n8WYvCilH+0CDUsSR1N6z18e1HBfhJOE0
Fg6RizE3ng06/Ko5X5toeqppe9x055TQdg64gIhfRL12pKYoocT4IgBZK+iHFvp0
FzIkIJJdgadvUpqK7KqycChfq4uHk99pF1SQ2QEog081f1tJTmhvSBHylwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGR5IYYPfUUvN3vthwSeX77hS5aMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7GbRPxs
Qqq5+0UZER9vWPCEnDN9JOepf3rYdw7OO+uU1DPD7bFPIMQzN/BmzAXvGPEa9Bdl
VZkg0vzlIgbSGFvJjU5KEanLD6iOT79RzhLCGGxeQ0DxFVYaswLV+CV5VRp3t7uj
HLvPlfiSOAAiIswXgDXSi4BUEs6BREOPn2yRWaw1RsdkK+MGwLWnyQnUks296kip
ck9FT6u844E49vLIeVzT4PpertKPK1FLNIUqwjpBrCE1hxrGevU7lUT3yLl5ahlJ
xuO1wvRvTD4Xoa65XI0Ui0g+pxFeZYJxmxXJPLqK3BZUskJrLdByjUeLyXWOvR1z
7H60+099qE6QQA==
-----END CERTIFICATE-----