Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          D8/WToMhc0ekX/tHTKzH1VmW2s6D76WP0iuf64Od/kI=
Subject key identifier:   49:4A:58:DE:CE:F8:F6:33:A6:D2:FB:F2:29:98:D4:CB:C3:82:17:F7
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       0197CA5E9309FEB99743628A95D971A641B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0CDA
Signing time:             Wed 02 Jul 2025 09:01:25 +0000
Manifest this update:     Wed 02 Jul 2025 09:01:25 +0000
Manifest next update:     Thu 03 Jul 2025 09:01:25 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: U3b8JJ6uI/4KPSjQJR/13sCIdsZgVN8fXe13imwvaXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 09:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:5e:93:09:fe:b9:97:43:62:8a:95:d9:71:a6:41:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Jul  2 09:01:25 2025 GMT
            Not After : Jul  3 09:01:25 2025 GMT
        Subject: CN=494a58decef8f633a6d2fbf22998d4cbc38217f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:ba:34:35:43:ae:f2:21:22:64:ac:c1:cc:
                    2a:55:d1:23:08:2f:f4:08:e8:94:c2:24:12:1c:52:
                    65:26:0b:00:93:a8:68:bf:c3:ca:02:7c:59:44:59:
                    3a:5b:ad:13:e6:ad:57:76:ea:58:af:05:b3:f1:9e:
                    2c:4e:85:43:62:2c:77:93:ba:f2:78:f9:ff:fa:74:
                    a0:af:b3:4d:84:24:cf:04:9a:04:1e:d6:f2:79:45:
                    fb:aa:3e:0e:3f:05:f0:02:e3:34:de:ee:e0:d0:14:
                    2a:f3:c3:a6:74:4f:d3:aa:73:a6:28:53:55:13:d7:
                    f1:b1:0e:c3:9c:c7:c2:42:4f:d9:64:82:9e:3d:7d:
                    ca:60:e3:c0:53:ec:bf:bf:ac:39:c2:8a:a8:e9:2d:
                    fd:34:1c:c8:01:f8:0e:ab:ec:84:8b:5e:13:48:87:
                    ff:01:68:37:5a:0e:dc:3e:54:70:a3:c8:01:b5:6b:
                    62:bd:98:0b:00:ac:d6:07:7a:f0:c6:ce:28:d8:48:
                    76:72:10:6f:cc:e9:de:cc:3f:ba:a4:9e:e7:42:25:
                    79:5b:f7:d8:da:a5:b8:31:7a:d2:54:42:6e:e0:6d:
                    f2:ac:56:be:44:ec:fd:07:5f:6a:ea:ff:1c:a1:f8:
                    cc:38:3e:79:d2:8e:e7:af:71:5b:6e:7d:38:05:e5:
                    57:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4A:58:DE:CE:F8:F6:33:A6:D2:FB:F2:29:98:D4:CB:C3:82:17:F7
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:62:15:6d:84:0a:87:d8:17:8b:9b:7d:89:65:b7:36:75:d8:
         e7:33:02:f2:2c:da:ec:cb:cc:d7:a8:40:69:bc:aa:56:8c:b4:
         1e:41:c5:c2:8b:af:31:8d:03:dd:e8:cf:a3:71:c6:66:fc:77:
         b6:9c:ad:fd:1a:4c:e9:df:80:82:c7:19:db:3a:57:bf:89:27:
         99:f8:8e:b3:12:03:1d:6f:f9:8e:79:d4:7f:3c:b4:9c:b3:2a:
         30:83:3a:1c:e5:b9:29:8e:c2:55:37:cc:01:05:08:c2:65:9e:
         c7:dc:7a:0c:c7:0d:31:51:97:33:32:1c:88:5b:ae:54:dc:8d:
         5a:f3:b0:39:93:2b:1b:4c:5f:dd:bc:88:b4:71:ac:f0:77:a1:
         c8:31:a4:a5:9f:3e:2d:f6:de:40:8d:cd:18:2f:cb:5b:8d:92:
         54:57:fb:ab:74:e6:26:a9:d9:4d:ab:62:4f:ca:7c:f4:8a:d5:
         fe:47:0a:5c:da:db:eb:80:37:05:c1:ee:5f:1f:82:e1:fd:e2:
         35:e6:68:d7:86:5d:af:3b:f6:16:3b:04:fd:45:64:57:71:9c:
         a3:1f:d0:95:c1:44:62:7b:7d:52:9b:05:da:f5:86:7e:74:32:
         2f:11:72:fd:75:7f:9f:ae:14:91:a9:79:d6:10:22:43:b8:75:
         9f:bb:68:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKXpMJ/rmXQ2KKldlxpkG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUwNzAyMDkwMTI1WhcNMjUwNzAzMDkwMTI1WjAzMTEwLwYDVQQD
Eyg0OTRhNThkZWNlZjhmNjMzYTZkMmZiZjIyOTk4ZDRjYmMzODIxN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp26NDVDrvIhImSswcwqVdEjCC/0
COiUwiQSHFJlJgsAk6hov8PKAnxZRFk6W60T5q1XdupYrwWz8Z4sToVDYix3k7ry
ePn/+nSgr7NNhCTPBJoEHtbyeUX7qj4OPwXwAuM03u7g0BQq88OmdE/TqnOmKFNV
E9fxsQ7DnMfCQk/ZZIKePX3KYOPAU+y/v6w5woqo6S39NBzIAfgOq+yEi14TSIf/
AWg3Wg7cPlRwo8gBtWtivZgLAKzWB3rwxs4o2Eh2chBvzOnezD+6pJ7nQiV5W/fY
2qW4MXrSVEJu4G3yrFa+ROz9B19q6v8cofjMOD550o7nr3Fbbn04BeVXJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElKWN7O+PYzptL78imY1MvDghf3MB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKGIVbYQK
h9gXi5t9iWW3NnXY5zMC8iza7MvM16hAabyqVoy0HkHFwouvMY0D3ejPo3HGZvx3
tpyt/RpM6d+AgscZ2zpXv4knmfiOsxIDHW/5jnnUfzy0nLMqMIM6HOW5KY7CVTfM
AQUIwmWex9x6DMcNMVGXMzIciFuuVNyNWvOwOZMrG0xf3byItHGs8HehyDGkpZ8+
LfbeQI3NGC/LW42SVFf7q3TmJqnZTatiT8p89IrV/kcKXNrb64A3BcHuXx+C4f3i
NeZo14Zdrzv2FjsE/UVkV3Gcox/QlcFEYnt9UpsF2vWGfnQyLxFy/XV/n64Ukal5
1hAiQ7h1n7to8g==
-----END CERTIFICATE-----