Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          ubcr4MgM5kKD3cjiQofvhIUSvdecE35NxRkVEthZKcM=
Subject key identifier:   44:C0:3D:30:89:F0:14:B8:ED:C2:27:CD:37:C6:99:20:14:EA:A0:70
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       0198D65F43DD5BF585E20E65B9A6D31304F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          1536
Signing time:             Sat 23 Aug 2025 10:00:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:24 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: eU8DT6yldrOGSiyqaB365eEFnw3fy1y/rwbPcvK/8UY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:43:dd:5b:f5:85:e2:0e:65:b9:a6:d3:13:04:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Aug 23 10:00:24 2025 GMT
            Not After : Aug 24 10:00:24 2025 GMT
        Subject: CN=44c03d3089f014b8edc227cd37c6992014eaa070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6e:14:3c:ea:b2:92:77:4f:4c:3f:13:6c:46:
                    18:6a:6f:00:e0:3b:0b:2c:43:21:3e:41:9d:ae:18:
                    f8:1b:83:f8:7b:24:ed:80:fa:d5:39:5f:bc:6e:fe:
                    ed:ae:56:61:08:e8:a1:a0:ef:8d:b4:87:c8:9e:4b:
                    db:14:1a:c2:59:01:64:a0:ee:8f:5c:89:01:78:96:
                    dd:0a:8c:bd:04:1f:38:66:30:2b:93:3d:f7:17:c8:
                    11:f2:42:19:0e:91:7f:2c:e4:ff:89:58:1d:82:7a:
                    d7:e7:1a:bf:8e:4b:7f:40:dd:2b:4d:c0:68:12:66:
                    b9:69:96:dd:fd:d2:a2:36:73:56:4e:0d:0c:3e:be:
                    68:0f:56:75:59:27:29:ae:52:13:47:cc:2b:14:47:
                    3f:90:79:09:97:f9:f5:cb:f1:53:07:da:04:4e:27:
                    db:03:82:15:bb:71:ba:fb:7d:a4:73:b6:4a:1d:00:
                    20:7b:bb:48:eb:90:48:ac:a4:22:99:10:bb:41:10:
                    37:b9:e7:0c:0d:f3:91:bb:11:f3:b0:ff:77:8c:3a:
                    51:21:b4:d7:f8:b8:f6:f2:4f:b4:19:d0:69:15:a2:
                    e6:76:b4:8e:d2:6b:ad:4a:e2:b4:3a:11:b7:38:d6:
                    4f:95:f6:b3:1f:d1:2b:4a:f5:15:ef:93:21:4f:9e:
                    c1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:C0:3D:30:89:F0:14:B8:ED:C2:27:CD:37:C6:99:20:14:EA:A0:70
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:73:77:15:ed:38:84:a3:15:dc:0e:22:ec:ba:99:1f:b2:1a:
         69:43:82:1f:ee:b0:41:31:b5:30:b9:25:41:1d:36:f6:6d:2c:
         8f:4f:75:ab:9a:bd:2c:87:ad:b9:76:70:68:5f:e2:46:13:7b:
         6d:a9:1e:7c:66:dc:92:42:fa:68:38:49:25:a0:56:7b:a3:78:
         b7:5c:32:ad:3f:21:d4:72:ff:72:5e:c4:e4:cb:cf:b3:7f:1a:
         40:49:a0:aa:d5:dc:0b:31:2c:fa:65:8d:a2:92:e6:7a:31:f1:
         7c:46:a2:a5:d1:2d:5c:1e:88:ff:a0:65:57:3e:c1:ff:7f:d5:
         25:a3:f9:e0:d7:e7:fd:17:79:b3:6b:4e:8f:80:f6:ec:87:22:
         a6:f4:f4:7f:50:03:82:42:b7:ad:b8:16:bb:7c:b2:c1:f4:9f:
         d3:ec:40:cf:08:6e:fd:33:19:6f:b8:10:c6:ba:d2:32:be:2a:
         c0:40:8d:92:de:7d:56:25:a8:52:78:1f:5f:ca:1a:a6:7d:02:
         b0:1a:b9:bd:f2:5e:e2:5a:7c:1f:b1:70:cc:df:43:00:9c:c7:
         75:69:0d:3f:0e:8b:c4:1e:e3:93:32:28:8b:46:f9:8c:a6:ff:
         4d:71:28:9d:37:6e:46:ee:25:6d:08:90:99:e6:11:cd:2f:06:
         bf:f4:49:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX0PdW/WF4g5luabTEwT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUwODIzMTAwMDI0WhcNMjUwODI0MTAwMDI0WjAzMTEwLwYDVQQD
Eyg0NGMwM2QzMDg5ZjAxNGI4ZWRjMjI3Y2QzN2M2OTkyMDE0ZWFhMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm4UPOqykndPTD8TbEYYam8A4DsL
LEMhPkGdrhj4G4P4eyTtgPrVOV+8bv7trlZhCOihoO+NtIfInkvbFBrCWQFkoO6P
XIkBeJbdCoy9BB84ZjArkz33F8gR8kIZDpF/LOT/iVgdgnrX5xq/jkt/QN0rTcBo
Ema5aZbd/dKiNnNWTg0MPr5oD1Z1WScprlITR8wrFEc/kHkJl/n1y/FTB9oETifb
A4IVu3G6+32kc7ZKHQAge7tI65BIrKQimRC7QRA3uecMDfORuxHzsP93jDpRIbTX
+Lj28k+0GdBpFaLmdrSO0mutSuK0OhG3ONZPlfazH9ErSvUV75MhT57BnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETAPTCJ8BS47cInzTfGmSAU6qBwMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYXN3Fe04
hKMV3A4i7LqZH7IaaUOCH+6wQTG1MLklQR029m0sj091q5q9LIetuXZwaF/iRhN7
bakefGbckkL6aDhJJaBWe6N4t1wyrT8h1HL/cl7E5MvPs38aQEmgqtXcCzEs+mWN
opLmejHxfEaipdEtXB6I/6BlVz7B/3/VJaP54Nfn/Rd5s2tOj4D27IcipvT0f1AD
gkK3rbgWu3yywfSf0+xAzwhu/TMZb7gQxrrSMr4qwECNkt59ViWoUngfX8oapn0C
sBq5vfJe4lp8H7FwzN9DAJzHdWkNPw6LxB7jkzIoi0b5jKb/TXEonTduRu4lbQiQ
meYRzS8Gv/RJCw==
-----END CERTIFICATE-----