Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          v7UkkgMg7xJNGqpNEMk/SSWHGDQwbdWOhRYhXZMmXw4=
Subject key identifier:   CE:46:14:B0:83:66:EA:48:B0:EF:C4:16:07:5C:F3:41:90:60:B7:0F
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       019A0591C74CC418C824D546482B0D894311
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          15D3
Signing time:             Tue 21 Oct 2025 07:00:31 +0000
Manifest this update:     Tue 21 Oct 2025 07:00:31 +0000
Manifest next update:     Wed 22 Oct 2025 07:00:31 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: e12Fwl0llx+L2EReRsTlbwiQ4ZTyc6PAr1SY/alwT1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 07:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:05:91:c7:4c:c4:18:c8:24:d5:46:48:2b:0d:89:43:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Oct 21 07:00:31 2025 GMT
            Not After : Oct 22 07:00:31 2025 GMT
        Subject: CN=ce4614b08366ea48b0efc416075cf3419060b70f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:05:7a:80:74:4f:a5:f9:ec:1b:65:88:53:09:
                    d1:05:c1:58:a5:1e:91:0a:d3:ae:8b:68:3f:b8:70:
                    32:6b:a6:bd:23:c2:13:55:48:0a:21:d2:4d:1f:6a:
                    56:10:83:f2:31:3d:34:10:77:f3:ac:8e:40:4a:a0:
                    0c:ce:1e:a4:95:58:ed:70:e0:d1:42:52:50:26:ce:
                    0c:1f:ac:6e:20:07:88:48:93:98:24:1b:21:13:dd:
                    8b:ef:0b:a8:16:8e:73:e5:24:3c:4a:77:74:17:d1:
                    b7:23:eb:21:6e:19:2f:90:31:70:69:90:42:dd:95:
                    7a:ee:f9:ac:50:90:37:ab:91:2d:aa:41:2d:a0:b2:
                    d3:f7:c8:7d:e5:be:5c:f2:71:8a:6b:df:a9:a7:8e:
                    f7:77:15:a3:d8:86:a8:65:45:74:27:b2:a3:9c:58:
                    ae:4f:fd:a8:91:82:e8:3c:82:c8:4d:ef:6b:b2:ae:
                    ad:e0:a3:aa:ed:db:f1:d9:fd:43:71:32:59:f4:86:
                    f6:36:50:d0:1d:88:b6:c1:d4:77:b9:f3:82:1a:03:
                    80:bf:60:d2:cc:6c:c6:93:48:7d:95:67:8a:68:7c:
                    3a:d9:4d:fe:c6:c7:40:88:8a:15:cb:8e:43:17:b4:
                    15:f6:92:78:cd:d1:db:c5:33:b5:69:bb:03:44:82:
                    02:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:46:14:B0:83:66:EA:48:B0:EF:C4:16:07:5C:F3:41:90:60:B7:0F
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:48:1e:d1:51:bc:1f:63:05:bb:1f:ca:e1:1b:e4:86:b3:06:
         5f:fc:be:5b:72:11:ab:a7:e0:21:4b:f7:68:7c:a9:ab:f1:1e:
         63:43:90:dd:37:cf:a8:0f:01:c0:5e:30:4d:64:32:a6:53:df:
         61:3f:ac:d7:bd:59:41:29:9f:55:4e:82:62:f7:df:7a:50:dd:
         94:48:8b:f3:31:6f:51:1d:02:c1:51:87:78:ca:4c:a1:c5:14:
         b6:53:82:b8:d8:4f:79:22:17:c7:36:c9:53:1e:3e:8f:23:a1:
         be:fd:ae:84:ff:d8:6c:63:30:81:db:0b:92:b5:bd:4a:0a:5a:
         c6:85:b9:92:48:1c:86:bf:a1:3e:60:22:e8:61:de:88:f5:8d:
         f6:04:b5:58:06:33:87:06:6c:a7:fe:a9:b5:67:74:1c:90:20:
         7d:a9:b3:fb:b7:5e:0c:27:95:6c:b2:de:d2:6e:fa:92:5e:f2:
         24:e6:bf:a6:b9:70:6e:28:2a:a5:6c:0d:9f:f0:57:a9:95:b5:
         04:88:72:64:42:c6:b6:76:c4:d5:65:05:4f:06:6d:87:39:09:
         99:c5:e3:62:87:ea:be:e4:56:da:3f:45:1b:b1:45:b3:0d:fe:
         9c:2f:2d:c5:cf:83:be:1c:36:38:0c:d3:e6:9e:aa:d7:51:9e:
         6c:ea:32:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoFkcdMxBjIJNVGSCsNiUMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUxMDIxMDcwMDMxWhcNMjUxMDIyMDcwMDMxWjAzMTEwLwYDVQQD
EyhjZTQ2MTRiMDgzNjZlYTQ4YjBlZmM0MTYwNzVjZjM0MTkwNjBiNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+AV6gHRPpfnsG2WIUwnRBcFYpR6R
CtOui2g/uHAya6a9I8ITVUgKIdJNH2pWEIPyMT00EHfzrI5ASqAMzh6klVjtcODR
QlJQJs4MH6xuIAeISJOYJBshE92L7wuoFo5z5SQ8Snd0F9G3I+shbhkvkDFwaZBC
3ZV67vmsUJA3q5EtqkEtoLLT98h95b5c8nGKa9+pp473dxWj2IaoZUV0J7KjnFiu
T/2okYLoPILITe9rsq6t4KOq7dvx2f1DcTJZ9Ib2NlDQHYi2wdR3ufOCGgOAv2DS
zGzGk0h9lWeKaHw62U3+xsdAiIoVy45DF7QV9pJ4zdHbxTO1absDRIICcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5GFLCDZupIsO/EFgdc80GQYLcPMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0ge0VG8
H2MFux/K4RvkhrMGX/y+W3IRq6fgIUv3aHypq/EeY0OQ3TfPqA8BwF4wTWQyplPf
YT+s171ZQSmfVU6CYvffelDdlEiL8zFvUR0CwVGHeMpMocUUtlOCuNhPeSIXxzbJ
Ux4+jyOhvv2uhP/YbGMwgdsLkrW9SgpaxoW5kkgchr+hPmAi6GHeiPWN9gS1WAYz
hwZsp/6ptWd0HJAgfamz+7deDCeVbLLe0m76kl7yJOa/prlwbigqpWwNn/BXqZW1
BIhyZELGtnbE1WUFTwZthzkJmcXjYofqvuRW2j9FG7FFsw3+nC8txc+Dvhw2OAzT
5p6q11GebOoyfA==
-----END CERTIFICATE-----