Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
File:                     gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json)
Hash identifier:          BZBUMKkWnI1dK9LEAeM4wUXTvfaeB8ksoRaJM9oVn9w=
Subject key identifier:   1E:A9:C3:80:60:B9:99:CE:B6:95:20:6E:D9:5D:AE:12:FE:D7:71:B6
Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23
Certificate issuer:       /CN=813a42838d2e45ed5dad4114606d9729a6501d23
Certificate serial:       019A02231922D026D444D85D1831F52C0EBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
Manifest number:          0F44
Signing time:             Mon 20 Oct 2025 15:00:45 +0000
Manifest this update:     Mon 20 Oct 2025 15:00:45 +0000
Manifest next update:     Tue 21 Oct 2025 15:00:45 +0000
Files and hashes:         1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: lVt8RanluQpEwu0bab7WI5zpTETd4Cawn5MSo8y6Ptg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:23:19:22:d0:26:d4:44:d8:5d:18:31:f5:2c:0e:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23
        Validity
            Not Before: Oct 20 15:00:45 2025 GMT
            Not After : Oct 21 15:00:45 2025 GMT
        Subject: CN=1ea9c38060b999ceb695206ed95dae12fed771b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a5:d0:1e:31:bd:4c:b3:82:54:4e:71:d9:3e:
                    eb:72:71:f5:76:7a:87:a2:1b:fd:85:fb:b2:b2:32:
                    f2:13:93:2b:b6:c4:2d:e0:ac:fe:8a:15:39:16:44:
                    1b:ab:d4:7a:94:bf:02:ce:82:c6:a4:3e:a2:66:2c:
                    4b:76:73:f8:75:ae:21:80:45:f9:52:1b:ec:10:9a:
                    d7:db:1e:39:89:e5:34:c3:92:aa:e1:9e:eb:a0:3b:
                    66:82:aa:c0:00:56:15:d8:88:b4:28:b5:3c:2f:f6:
                    3f:63:f7:22:54:28:91:70:32:8d:12:01:c1:33:e7:
                    41:0b:b1:49:ae:bd:bf:ae:3c:2c:4b:d6:b9:6b:45:
                    2a:f1:a0:02:0a:90:a7:e8:c4:39:98:a0:b2:30:3e:
                    da:c0:d2:17:50:f7:b7:f0:78:da:c2:7c:da:86:4d:
                    11:ae:ad:84:a7:2e:f6:af:8f:69:47:0c:6b:f8:00:
                    9c:52:29:cf:e4:ca:5e:7b:af:d0:10:a4:ce:1a:ab:
                    73:b5:75:1d:c9:0d:d0:7c:47:81:77:b6:5f:23:34:
                    9f:27:e8:f3:a0:d8:7f:f9:a3:77:4f:be:4d:36:cf:
                    82:e1:53:49:72:8f:6c:bc:d1:e3:2b:38:cd:5e:2e:
                    f6:99:22:0f:30:79:fc:ba:cd:a8:f5:34:a2:7c:b2:
                    04:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:A9:C3:80:60:B9:99:CE:B6:95:20:6E:D9:5D:AE:12:FE:D7:71:B6
            X509v3 Authority Key Identifier:
                keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:02:17:a1:75:e7:98:ba:2d:d4:54:83:26:77:24:4e:67:32:
         43:88:21:72:90:22:33:53:88:41:df:15:36:4e:05:5e:2f:bb:
         53:c8:68:06:e4:1d:87:cd:7f:16:d6:80:41:a8:90:07:ca:1b:
         85:f1:f9:99:cf:cc:d2:62:26:bc:8e:d7:95:e8:7a:b3:55:9c:
         32:db:3a:17:9e:77:0f:b8:38:28:1f:da:7c:66:f5:46:b5:25:
         a0:43:9e:8e:cf:f1:0d:02:f7:76:03:4b:9b:22:49:61:a3:5a:
         e8:c5:dc:47:6f:38:bd:7c:ee:34:cc:b8:e6:b8:bd:6d:b7:b5:
         84:99:73:6a:25:16:c0:f1:5a:16:f5:d1:be:49:3d:a5:13:8e:
         f2:6d:53:f4:67:d5:3a:ec:ff:22:eb:ba:2d:c7:4d:3d:a8:b0:
         64:67:98:08:5b:42:b7:53:cb:8a:7c:6f:a9:d3:7d:dd:de:3b:
         27:23:d5:73:72:9e:38:89:16:3a:ae:67:d3:99:7a:95:b6:b5:
         e8:47:04:8e:c1:24:bf:90:23:77:ad:47:3a:a7:73:ab:d7:91:
         f6:d2:9c:35:81:31:8b:cc:7c:04:cc:26:f0:94:c6:d6:ff:1e:
         37:10:12:50:17:a6:9a:43:f2:3f:33:55:b9:36:c4:e1:01:8d:
         8d:bd:33:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIxki0CbURNhdGDH1LA67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1
MDFkMjMwHhcNMjUxMDIwMTUwMDQ1WhcNMjUxMDIxMTUwMDQ1WjAzMTEwLwYDVQQD
EygxZWE5YzM4MDYwYjk5OWNlYjY5NTIwNmVkOTVkYWUxMmZlZDc3MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqXQHjG9TLOCVE5x2T7rcnH1dnqH
ohv9hfuysjLyE5MrtsQt4Kz+ihU5FkQbq9R6lL8CzoLGpD6iZixLdnP4da4hgEX5
UhvsEJrX2x45ieU0w5Kq4Z7roDtmgqrAAFYV2Ii0KLU8L/Y/Y/ciVCiRcDKNEgHB
M+dBC7FJrr2/rjwsS9a5a0Uq8aACCpCn6MQ5mKCyMD7awNIXUPe38Hjawnzahk0R
rq2Epy72r49pRwxr+ACcUinP5Mpee6/QEKTOGqtztXUdyQ3QfEeBd7ZfIzSfJ+jz
oNh/+aN3T75NNs+C4VNJco9svNHjKzjNXi72mSIPMHn8us2o9TSifLIEqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6pw4BguZnOtpUgbtldrhL+13G2MB8GA1UdIwQY
MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct
NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz
LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALQIXoXXn
mLot1FSDJnckTmcyQ4ghcpAiM1OIQd8VNk4FXi+7U8hoBuQdh81/FtaAQaiQB8ob
hfH5mc/M0mImvI7Xleh6s1WcMts6F553D7g4KB/afGb1RrUloEOejs/xDQL3dgNL
myJJYaNa6MXcR284vXzuNMy45ri9bbe1hJlzaiUWwPFaFvXRvkk9pROO8m1T9GfV
Ouz/Iuu6LcdNPaiwZGeYCFtCt1PLinxvqdN93d47JyPVc3KeOIkWOq5n05l6lba1
6EcEjsEkv5Ajd61HOqdzq9eR9tKcNYExi8x8BMwm8JTG1v8eNxASUBemmkPyPzNV
uTbE4QGNjb0zYw==
-----END CERTIFICATE-----