Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          gjr6uwP54dK6ZL98hPdpiqj6e3/gI3O666uWtuuyEs8=
Subject key identifier:   3C:E2:B0:5C:1E:23:B5:26:D5:D2:B3:0B:84:0B:90:6D:A4:B9:48:C5
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       0197C2A4A2236DC4A8A29BEB4E3B8054D70E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0A49
Signing time:             Mon 30 Jun 2025 21:00:58 +0000
Manifest this update:     Mon 30 Jun 2025 21:00:58 +0000
Manifest next update:     Tue 01 Jul 2025 21:00:58 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: /jwpMJ/+0SU5kyu7L1dVPO6Kq8cG/oIgzIc+JpmIyCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 21:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:a4:a2:23:6d:c4:a8:a2:9b:eb:4e:3b:80:54:d7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Jun 30 21:00:58 2025 GMT
            Not After : Jul  1 21:00:58 2025 GMT
        Subject: CN=3ce2b05c1e23b526d5d2b30b840b906da4b948c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0c:b1:c8:3e:73:48:9b:18:ae:53:b2:32:df:
                    0d:e4:b7:91:33:93:a5:cf:b4:a8:97:92:72:8a:41:
                    7e:5c:6b:d4:43:f3:ae:74:92:83:1f:02:cf:01:2b:
                    1d:4b:05:f2:d8:30:4d:aa:11:8b:e7:f6:f0:6e:ff:
                    27:90:61:f6:1d:eb:87:ae:f2:f4:28:b8:bc:e7:08:
                    7c:ee:98:cd:09:53:dd:fd:3e:36:c0:21:4c:b3:94:
                    2d:e6:3c:f7:de:28:cf:f3:de:ab:71:ca:05:9e:9e:
                    4e:b0:5f:7b:10:70:f5:f7:14:99:2a:8e:4e:88:dd:
                    55:0f:67:4b:4c:8e:51:8d:fa:92:f3:8d:1c:bb:35:
                    1a:c6:ca:5d:9c:8a:a2:55:4b:7b:50:a6:96:c6:05:
                    68:9a:81:e2:6f:a5:db:e1:df:09:1d:81:24:3b:67:
                    ff:15:73:ba:4e:3d:74:44:63:4e:71:fb:32:f5:a9:
                    c6:24:6c:f9:f7:35:b8:11:8d:4e:e3:b1:2a:b1:26:
                    03:6c:ad:40:23:d8:49:56:ed:a3:0e:0f:44:fe:fd:
                    76:43:0f:24:ae:eb:0a:52:55:41:ab:0c:d9:0c:81:
                    5c:8a:51:49:3e:ed:2a:33:49:94:d3:bc:7f:73:dc:
                    f9:36:de:7f:31:3a:12:ff:41:29:c1:9e:1b:54:99:
                    db:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:E2:B0:5C:1E:23:B5:26:D5:D2:B3:0B:84:0B:90:6D:A4:B9:48:C5
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e2:8c:05:72:62:44:35:5d:72:39:4d:57:45:02:65:72:50:
         7b:e0:fc:bf:5a:c8:78:78:a4:ab:89:da:6a:b2:3e:26:8d:6a:
         58:a9:c4:f3:27:9a:34:48:71:f4:d9:81:20:d5:c6:05:bd:55:
         ec:2a:21:b2:d8:28:6a:80:e9:ce:1b:47:18:45:c4:7a:1a:3b:
         91:a9:e8:95:9e:45:a1:e7:7f:db:28:42:d9:a0:b7:5c:41:b9:
         2a:e9:e6:e9:e7:a6:0c:fc:c6:59:fa:6d:0b:e3:4c:fa:c2:15:
         de:65:d2:b3:68:48:eb:1e:81:d2:10:68:d2:b9:93:34:06:47:
         1c:7b:8e:9e:b9:54:dc:e3:c1:c9:1f:11:1b:e7:c7:f5:0d:ab:
         c0:91:32:52:91:a0:7d:fd:08:30:6d:73:ac:5a:04:c7:cb:6c:
         97:02:0f:14:ac:3d:87:4a:15:77:c6:43:45:85:49:27:ec:96:
         c0:41:5e:cc:3b:f8:d1:ff:6f:a8:d9:07:6b:5a:9b:15:ae:f4:
         76:0c:d9:b0:a9:c3:54:2c:90:28:a3:45:53:97:6f:33:34:a8:
         63:f3:ea:c5:a9:07:9d:15:89:da:fb:b3:1c:db:c6:49:f5:b1:
         53:03:d2:21:76:bf:51:f7:24:d8:1c:7c:93:7e:50:b5:9a:13:
         81:a6:fc:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCpKIjbcSoopvrTjuAVNcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwNjMwMjEwMDU4WhcNMjUwNzAxMjEwMDU4WjAzMTEwLwYDVQQD
EygzY2UyYjA1YzFlMjNiNTI2ZDVkMmIzMGI4NDBiOTA2ZGE0Yjk0OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQyxyD5zSJsYrlOyMt8N5LeRM5Ol
z7Sol5JyikF+XGvUQ/OudJKDHwLPASsdSwXy2DBNqhGL5/bwbv8nkGH2HeuHrvL0
KLi85wh87pjNCVPd/T42wCFMs5Qt5jz33ijP896rccoFnp5OsF97EHD19xSZKo5O
iN1VD2dLTI5RjfqS840cuzUaxspdnIqiVUt7UKaWxgVomoHib6Xb4d8JHYEkO2f/
FXO6Tj10RGNOcfsy9anGJGz59zW4EY1O47EqsSYDbK1AI9hJVu2jDg9E/v12Qw8k
rusKUlVBqwzZDIFcilFJPu0qM0mU07x/c9z5Nt5/MToS/0EpwZ4bVJnbuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzisFweI7Um1dKzC4QLkG2kuUjFMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+KMBXJi
RDVdcjlNV0UCZXJQe+D8v1rIeHikq4naarI+Jo1qWKnE8yeaNEhx9NmBINXGBb1V
7CohstgoaoDpzhtHGEXEeho7kanolZ5Foed/2yhC2aC3XEG5Kunm6eemDPzGWfpt
C+NM+sIV3mXSs2hI6x6B0hBo0rmTNAZHHHuOnrlU3OPByR8RG+fH9Q2rwJEyUpGg
ff0IMG1zrFoEx8tslwIPFKw9h0oVd8ZDRYVJJ+yWwEFezDv40f9vqNkHa1qbFa70
dgzZsKnDVCyQKKNFU5dvMzSoY/PqxakHnRWJ2vuzHNvGSfWxUwPSIXa/Ufck2Bx8
k35QtZoTgab8aA==
-----END CERTIFICATE-----