Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
File:                     gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json)
Hash identifier:          WclO8H7hz2Rd1IC5I5x5SIs9kuR/nwZgf/KJYYdFEpU=
Subject key identifier:   39:E0:E4:12:A2:30:A0:98:4D:BE:28:2C:1B:BE:70:6E:D7:FB:07:3B
Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23
Certificate issuer:       /CN=813a42838d2e45ed5dad4114606d9729a6501d23
Certificate serial:       0198D4E02F3A2366F87F4089C5FCEB4BC90E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
Manifest number:          0EA8
Signing time:             Sat 23 Aug 2025 03:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:58 +0000
Files and hashes:         1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: TqXyZoHX57q9OnuafWypbuaIuIpft49qxfGDCzH7bvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:2f:3a:23:66:f8:7f:40:89:c5:fc:eb:4b:c9:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23
        Validity
            Not Before: Aug 23 03:01:58 2025 GMT
            Not After : Aug 24 03:01:58 2025 GMT
        Subject: CN=39e0e412a230a0984dbe282c1bbe706ed7fb073b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:6a:b3:1a:7f:fc:55:40:c6:b4:7a:1c:cf:41:
                    56:3f:77:5c:f3:bc:6c:11:4a:3e:36:78:00:fb:92:
                    b3:df:61:83:c4:51:b3:91:46:9d:76:d5:ce:98:6f:
                    a3:04:e6:dd:58:2b:d5:b1:80:1e:37:36:e7:e7:d9:
                    62:bd:70:b7:38:69:83:4b:7c:df:b7:3b:6d:fc:ee:
                    91:97:cb:8b:46:f8:86:11:b8:b1:61:1d:ca:c0:77:
                    77:7b:f2:2c:30:a5:58:17:10:d6:4c:d5:39:b0:cf:
                    5b:a7:34:da:42:39:c3:ea:46:16:66:5f:1c:b1:7d:
                    ff:39:64:5e:93:38:a2:ab:ca:2d:ef:91:a2:ac:ec:
                    fc:e7:73:96:7b:f9:12:37:77:f7:4e:0f:eb:17:1d:
                    ca:39:13:39:86:b0:15:27:17:a4:9d:50:29:27:53:
                    74:ac:07:a9:df:8a:5f:28:6c:d4:76:87:ca:90:00:
                    93:97:55:43:8f:e0:a3:a2:67:be:cb:69:27:d1:59:
                    24:db:ff:11:8c:ad:18:a1:da:59:3e:1d:a7:0c:3a:
                    1f:37:33:4a:a3:26:34:73:46:e6:6b:b4:a4:c2:5a:
                    03:95:40:38:72:10:b4:c2:64:3f:6e:96:13:0f:69:
                    d4:54:a4:58:3b:19:01:f7:b8:6d:0e:a9:e1:05:1c:
                    24:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:E0:E4:12:A2:30:A0:98:4D:BE:28:2C:1B:BE:70:6E:D7:FB:07:3B
            X509v3 Authority Key Identifier:
                keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:6d:42:d0:57:57:b0:ea:3e:17:de:31:c1:7a:6b:6b:45:07:
         f6:72:b7:97:61:42:63:83:d4:4f:86:28:b8:dd:c2:0f:b6:89:
         c5:56:ab:d6:de:f0:91:47:e3:c1:21:ba:83:8a:66:e1:ff:04:
         5e:e9:1c:51:09:97:f5:72:3f:0f:d6:d7:94:0c:cb:94:8e:4e:
         1b:6b:f1:a2:41:4e:ba:2a:09:2d:52:36:6b:6b:df:f1:f3:cc:
         0f:16:27:13:01:60:f6:70:d4:4a:ec:0f:6c:28:36:53:60:ce:
         8c:a2:ef:03:69:51:6d:6e:ba:bd:0a:65:90:08:17:fd:95:96:
         91:ee:31:5b:16:a3:b8:24:cc:b2:15:56:2c:b7:32:6d:0d:d0:
         df:1e:bd:70:69:60:a1:bb:b0:22:bc:24:29:20:a1:76:15:d8:
         ec:fc:a4:63:91:64:8d:02:41:48:b1:26:e8:c0:82:4e:ab:8a:
         67:15:fc:a3:7e:20:a9:a5:53:a0:43:df:97:23:d6:ac:c3:af:
         b7:e9:5e:e2:7a:45:89:ec:75:94:dc:92:bc:b2:bf:e6:d6:bb:
         7a:ad:f4:b4:36:98:15:06:d5:98:95:af:74:01:d8:94:1b:2c:
         f7:20:8b:87:0d:33:6b:b6:fa:4b:21:cd:cf:25:b4:70:03:86:
         aa:76:cf:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4C86I2b4f0CJxfzrS8kOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1
MDFkMjMwHhcNMjUwODIzMDMwMTU4WhcNMjUwODI0MDMwMTU4WjAzMTEwLwYDVQQD
EygzOWUwZTQxMmEyMzBhMDk4NGRiZTI4MmMxYmJlNzA2ZWQ3ZmIwNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWqzGn/8VUDGtHocz0FWP3dc87xs
EUo+NngA+5Kz32GDxFGzkUaddtXOmG+jBObdWCvVsYAeNzbn59livXC3OGmDS3zf
tztt/O6Rl8uLRviGEbixYR3KwHd3e/IsMKVYFxDWTNU5sM9bpzTaQjnD6kYWZl8c
sX3/OWRekziiq8ot75GirOz853OWe/kSN3f3Tg/rFx3KORM5hrAVJxeknVApJ1N0
rAep34pfKGzUdofKkACTl1VDj+Cjome+y2kn0Vkk2/8RjK0YodpZPh2nDDofNzNK
oyY0c0bma7SkwloDlUA4chC0wmQ/bpYTD2nUVKRYOxkB97htDqnhBRwkVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDng5BKiMKCYTb4oLBu+cG7X+wc7MB8GA1UdIwQY
MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct
NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz
LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXG1C0FdX
sOo+F94xwXpra0UH9nK3l2FCY4PUT4YouN3CD7aJxVar1t7wkUfjwSG6g4pm4f8E
XukcUQmX9XI/D9bXlAzLlI5OG2vxokFOuioJLVI2a2vf8fPMDxYnEwFg9nDUSuwP
bCg2U2DOjKLvA2lRbW66vQplkAgX/ZWWke4xWxajuCTMshVWLLcybQ3Q3x69cGlg
obuwIrwkKSChdhXY7PykY5FkjQJBSLEm6MCCTquKZxX8o34gqaVToEPflyPWrMOv
t+le4npFiex1lNySvLK/5ta7eq30tDaYFQbVmJWvdAHYlBss9yCLhw0za7b6SyHN
zyW0cAOGqnbP2A==
-----END CERTIFICATE-----