Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          DJCfb883RGGUwpjUVIWEWTbv+92tOoyuPz43ss6vBOE=
Subject key identifier:   71:BA:0D:2E:07:CD:6B:E7:01:20:51:80:1C:90:C9:46:1E:2D:7F:23
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       0197B6A188BB8F138B3F76A0139A072E7B19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          14A1
Signing time:             Sat 28 Jun 2025 13:02:08 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:08 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:08 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: ZULIDeOGH1b8ioYp26d/OE5ka23qEc4lxlJxTDG1KkI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:88:bb:8f:13:8b:3f:76:a0:13:9a:07:2e:7b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Jun 28 13:02:08 2025 GMT
            Not After : Jun 29 13:02:08 2025 GMT
        Subject: CN=71ba0d2e07cd6be7012051801c90c9461e2d7f23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:1a:ab:e9:28:eb:b1:df:f4:a5:35:35:ef:ee:
                    c3:98:bc:f9:37:8b:42:85:15:71:00:bb:fa:df:86:
                    66:0c:78:ad:45:29:b1:92:90:88:87:da:a6:5d:e5:
                    1c:f7:e3:05:25:fd:0f:4a:59:19:f0:21:bf:72:d8:
                    0f:ac:71:a6:90:e1:3e:d8:d4:79:4e:88:d9:59:88:
                    a1:7c:51:39:67:c1:cb:fc:1d:81:a1:80:b6:81:f0:
                    78:08:2a:37:08:d7:59:99:d8:b5:32:d4:11:a9:a3:
                    d1:f6:bb:6d:eb:8d:5f:34:c5:45:02:b6:f9:b6:d7:
                    fe:d4:8f:07:b2:03:72:84:6b:a0:ef:2b:9c:c7:87:
                    18:de:68:40:b7:fc:f7:0c:9e:04:7c:1a:eb:14:4c:
                    e6:54:2b:00:56:36:55:87:20:04:ff:34:9e:82:75:
                    e2:07:74:f2:f0:bd:9f:4f:9e:0e:93:09:95:5f:36:
                    94:89:0c:2f:79:e9:74:c8:63:db:86:19:f7:20:72:
                    12:38:74:5c:ca:ab:66:c9:64:1c:27:55:dd:d2:f9:
                    a5:1c:02:a7:01:7a:3b:95:57:85:94:ba:5b:03:f4:
                    77:39:64:40:56:c0:f8:3f:da:af:14:94:51:58:ef:
                    e8:17:65:7d:8f:5c:80:e1:d7:85:8e:36:87:a6:97:
                    1c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:BA:0D:2E:07:CD:6B:E7:01:20:51:80:1C:90:C9:46:1E:2D:7F:23
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:f3:e3:04:76:35:c9:a2:ea:7d:1a:00:a9:96:fb:fe:1f:2e:
         8a:4c:d7:d6:3b:94:80:57:a5:87:ca:4c:55:cf:af:69:43:c1:
         2f:4f:a6:64:21:ef:2b:97:81:f6:92:64:41:00:96:97:5f:ca:
         f0:8e:91:55:0d:8e:5c:58:96:c2:dd:ef:38:a4:7c:6c:67:20:
         fd:a2:45:d9:2c:3c:de:4a:7f:dd:97:b9:34:06:2b:d5:0d:95:
         cb:b1:b5:8a:c7:de:ec:ed:53:d3:38:00:5e:c2:55:22:0c:ac:
         c3:fc:57:de:4b:56:da:9c:a4:68:69:da:2e:51:9b:76:db:dc:
         9d:67:ec:8e:dc:df:56:1d:10:3d:b4:b6:b7:0c:d7:84:ca:33:
         f8:29:2b:36:60:0e:e6:67:c8:3b:a5:dc:5a:9a:51:59:12:6b:
         49:a4:81:1b:c2:29:3b:8f:19:7f:8c:b6:c0:1c:1a:51:13:a7:
         5d:75:e3:53:f3:8f:c7:0c:c7:88:f5:70:1a:73:85:0c:44:b3:
         20:bb:6c:5a:d5:a4:0c:e8:c5:b6:a2:71:55:2b:76:c4:85:76:
         40:67:1a:32:04:39:43:e8:0e:1b:a7:c6:16:03:51:6c:b9:e5:
         27:10:04:33:cf:8e:6c:fc:a5:dd:cd:6f:b7:9b:9c:96:69:d7:
         c4:7a:55:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oYi7jxOLP3agE5oHLnsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUwNjI4MTMwMjA4WhcNMjUwNjI5MTMwMjA4WjAzMTEwLwYDVQQD
Eyg3MWJhMGQyZTA3Y2Q2YmU3MDEyMDUxODAxYzkwYzk0NjFlMmQ3ZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBqr6Sjrsd/0pTU17+7DmLz5N4tC
hRVxALv634ZmDHitRSmxkpCIh9qmXeUc9+MFJf0PSlkZ8CG/ctgPrHGmkOE+2NR5
TojZWYihfFE5Z8HL/B2BoYC2gfB4CCo3CNdZmdi1MtQRqaPR9rtt641fNMVFArb5
ttf+1I8HsgNyhGug7yucx4cY3mhAt/z3DJ4EfBrrFEzmVCsAVjZVhyAE/zSegnXi
B3Ty8L2fT54OkwmVXzaUiQwveel0yGPbhhn3IHISOHRcyqtmyWQcJ1Xd0vmlHAKn
AXo7lVeFlLpbA/R3OWRAVsD4P9qvFJRRWO/oF2V9j1yA4deFjjaHppccvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHG6DS4HzWvnASBRgByQyUYeLX8jMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqPPjBHY1
yaLqfRoAqZb7/h8uikzX1juUgFelh8pMVc+vaUPBL0+mZCHvK5eB9pJkQQCWl1/K
8I6RVQ2OXFiWwt3vOKR8bGcg/aJF2Sw83kp/3Ze5NAYr1Q2Vy7G1isfe7O1T0zgA
XsJVIgysw/xX3ktW2pykaGnaLlGbdtvcnWfsjtzfVh0QPbS2twzXhMoz+CkrNmAO
5mfIO6XcWppRWRJrSaSBG8IpO48Zf4y2wBwaUROnXXXjU/OPxwzHiPVwGnOFDESz
ILtsWtWkDOjFtqJxVSt2xIV2QGcaMgQ5Q+gOG6fGFgNRbLnlJxAEM8+ObPyl3c1v
t5uclmnXxHpV+w==
-----END CERTIFICATE-----