Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          9bPGu3K8g6e8E5e/5gkc3Wk2XKTYXX1x+JdxWe1p4ls=
Subject key identifier:   02:17:0A:34:62:13:AA:DF:C7:31:A4:54:77:76:08:E8:DC:E2:C8:9E
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       0196BC006251BDD8C0A28857C0828AE34572
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          09C1
Signing time:             Sat 10 May 2025 21:01:03 +0000
Manifest this update:     Sat 10 May 2025 21:01:03 +0000
Manifest next update:     Sun 11 May 2025 21:01:03 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: TFM8vZFDyhpTBX0cV11H1Mu+OzvyTfniBSjC/hvQC5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:00:62:51:bd:d8:c0:a2:88:57:c0:82:8a:e3:45:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: May 10 21:01:03 2025 GMT
            Not After : May 11 21:01:03 2025 GMT
        Subject: CN=02170a346213aadfc731a454777608e8dce2c89e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:38:82:c5:18:3a:6e:6b:44:e5:87:b7:b2:8f:
                    1f:1c:4b:dc:d5:cc:f0:4d:a8:47:9e:c3:ff:c6:db:
                    71:4e:27:fd:e9:38:14:8d:34:bf:4d:bc:bf:0e:a1:
                    ec:87:1b:c6:d1:51:7d:60:fc:de:44:60:57:5c:9b:
                    37:ec:29:ec:96:23:0a:39:5e:bf:70:43:04:7c:2a:
                    d9:4a:0c:d8:b3:9c:4d:98:82:ea:29:81:9c:0c:30:
                    c1:61:8a:c7:d7:7c:4a:b8:e3:9b:ec:04:bd:5d:8d:
                    32:b5:c6:58:5d:f0:f7:38:1d:6f:a4:f3:ea:8d:fd:
                    5e:e6:36:b6:7f:18:b5:48:6b:f1:c1:76:9f:ae:70:
                    17:c1:17:e5:c6:cc:f5:a7:7c:54:a4:db:83:2a:9e:
                    ff:9e:c8:d5:ac:7a:31:dc:3d:bc:08:62:69:4c:67:
                    f9:c1:24:c1:a4:02:8f:d8:96:d3:92:d8:ef:dc:0f:
                    bd:ca:9b:2d:a5:42:ae:9b:35:d2:1a:a4:79:83:b5:
                    84:4e:71:9f:e0:84:a5:b5:9b:3e:7e:be:cf:00:36:
                    54:27:f1:f9:66:32:fd:2f:a9:1f:f0:7a:b9:49:21:
                    4d:ff:b5:c5:2b:93:03:56:0b:a4:bb:1b:37:cf:aa:
                    9c:f6:28:72:00:78:32:c0:94:9e:17:04:89:d8:37:
                    87:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:17:0A:34:62:13:AA:DF:C7:31:A4:54:77:76:08:E8:DC:E2:C8:9E
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:b9:13:9c:e3:0f:3f:16:77:69:4a:1f:3b:c2:13:08:ed:85:
         11:9b:97:0c:a4:fe:43:71:42:07:d1:60:ed:37:c6:5f:38:83:
         7a:23:71:f5:32:cb:00:22:45:b3:f3:42:f0:39:66:f4:9d:4e:
         e1:bd:cd:91:ab:66:33:2a:76:13:01:3f:6d:14:c0:64:c2:cb:
         ee:55:d0:2b:8f:06:b9:1b:eb:43:25:19:66:d4:5c:3e:d5:c5:
         87:98:35:47:59:9b:8d:97:b6:c9:71:36:0b:63:16:55:3c:40:
         b9:57:fa:f2:cd:c7:ef:bc:85:21:9a:b1:c1:7d:f1:07:aa:83:
         8b:84:03:71:63:9f:34:c3:35:68:bc:e6:23:a8:b6:84:a0:20:
         8b:30:d9:78:b0:bb:46:43:f6:12:ee:00:41:3f:f0:0b:6f:97:
         c8:17:41:19:1f:82:f8:35:15:b0:70:58:59:2f:23:c4:a7:34:
         4e:83:55:13:19:78:b6:30:14:25:5e:2f:f2:91:1d:7c:ae:a4:
         0b:90:fe:83:ca:6f:04:c4:ab:23:36:1f:ea:37:75:5e:b1:7b:
         75:cd:42:f0:55:5d:0d:a2:6c:70:75:63:16:bd:b6:00:5c:19:
         a1:73:db:16:4a:0f:91:8a:9f:dc:72:de:6b:6e:4b:4e:e4:b4:
         e0:47:a7:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8AGJRvdjAoohXwIKK40VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwNTEwMjEwMTAzWhcNMjUwNTExMjEwMTAzWjAzMTEwLwYDVQQD
EygwMjE3MGEzNDYyMTNhYWRmYzczMWE0NTQ3Nzc2MDhlOGRjZTJjODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDiCxRg6bmtE5Ye3so8fHEvc1czw
TahHnsP/xttxTif96TgUjTS/Tby/DqHshxvG0VF9YPzeRGBXXJs37CnsliMKOV6/
cEMEfCrZSgzYs5xNmILqKYGcDDDBYYrH13xKuOOb7AS9XY0ytcZYXfD3OB1vpPPq
jf1e5ja2fxi1SGvxwXafrnAXwRflxsz1p3xUpNuDKp7/nsjVrHox3D28CGJpTGf5
wSTBpAKP2JbTktjv3A+9ypstpUKumzXSGqR5g7WETnGf4ISltZs+fr7PADZUJ/H5
ZjL9L6kf8Hq5SSFN/7XFK5MDVgukuxs3z6qc9ihyAHgywJSeFwSJ2DeHBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIXCjRiE6rfxzGkVHd2COjc4sieMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrkTnOMP
PxZ3aUofO8ITCO2FEZuXDKT+Q3FCB9Fg7TfGXziDeiNx9TLLACJFs/NC8Dlm9J1O
4b3NkatmMyp2EwE/bRTAZMLL7lXQK48GuRvrQyUZZtRcPtXFh5g1R1mbjZe2yXE2
C2MWVTxAuVf68s3H77yFIZqxwX3xB6qDi4QDcWOfNMM1aLzmI6i2hKAgizDZeLC7
RkP2Eu4AQT/wC2+XyBdBGR+C+DUVsHBYWS8jxKc0ToNVExl4tjAUJV4v8pEdfK6k
C5D+g8pvBMSrIzYf6jd1XrF7dc1C8FVdDaJscHVjFr22AFwZoXPbFkoPkYqf3HLe
a25LTuS04EenmQ==
-----END CERTIFICATE-----