Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          L9jWgOdyeTMi0URguaEckka0dVeLEjpxH9kBTRZ/5b0=
Subject key identifier:   B9:8D:56:8A:72:43:CC:1B:27:C6:BD:70:3C:95:A8:84:B4:84:7D:22
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       0196C53A9F0C0C00453089B860F684F715FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          1424
Signing time:             Mon 12 May 2025 16:01:15 +0000
Manifest this update:     Mon 12 May 2025 16:01:15 +0000
Manifest next update:     Tue 13 May 2025 16:01:15 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: v+GNRNb0fv89eJSMM18rEiqKMrbuchALQiy2K7s5bOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:9f:0c:0c:00:45:30:89:b8:60:f6:84:f7:15:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: May 12 16:01:15 2025 GMT
            Not After : May 13 16:01:15 2025 GMT
        Subject: CN=b98d568a7243cc1b27c6bd703c95a884b4847d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0b:ee:c1:29:35:f5:8d:97:64:aa:f3:91:af:
                    4d:03:9c:9c:e5:31:2f:03:d6:83:25:98:53:5a:f8:
                    a9:24:de:34:63:75:28:5e:26:36:d8:b5:66:bf:2a:
                    c6:68:9d:71:1c:b5:bd:8f:ed:6c:1a:77:92:84:97:
                    ad:df:d0:07:b1:10:98:ba:8c:fc:36:47:fe:d0:9c:
                    43:50:e3:41:00:62:3e:a6:6d:53:2c:6f:a7:1c:46:
                    35:fc:1f:90:b0:07:09:ff:cb:5d:c9:66:fa:a4:99:
                    bc:c7:e4:2c:c9:1e:2f:69:96:0e:f4:ff:73:95:6e:
                    e4:91:64:34:b0:d7:d7:41:5c:04:14:ea:16:05:ca:
                    56:50:f2:d3:1a:7b:dd:70:43:a8:9e:bf:74:29:7f:
                    ab:ce:9c:4d:00:5c:20:53:2c:b6:4b:14:92:94:62:
                    f9:57:c6:80:1e:23:8b:7c:66:13:5c:cd:b4:f2:80:
                    b5:8d:8a:04:a4:5e:0f:25:cb:e5:86:4a:15:7a:90:
                    39:55:75:10:ff:e6:e6:b4:07:71:b9:76:0a:f4:e9:
                    48:c5:46:55:36:58:25:68:28:37:12:37:6d:9e:44:
                    99:fc:83:47:94:b2:2a:bb:54:89:1e:b0:b0:a5:c8:
                    24:bb:f6:63:01:dc:13:08:ef:aa:1e:09:11:e1:86:
                    b5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:8D:56:8A:72:43:CC:1B:27:C6:BD:70:3C:95:A8:84:B4:84:7D:22
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:7b:bd:c9:b3:2f:18:87:a3:21:1b:f9:30:29:e9:6e:57:7f:
         c5:e9:8b:f5:9b:e6:9b:ae:ea:9a:cd:36:de:be:dd:0b:88:39:
         e8:5d:e9:1b:52:82:a9:14:4d:2e:e9:d6:08:2f:45:ee:66:f1:
         75:ef:95:a5:76:39:cb:53:cf:71:0a:e1:5d:0a:32:b4:6a:60:
         50:0e:fe:5e:9d:fa:57:e1:b4:80:76:ed:0e:32:c6:26:85:61:
         02:15:78:aa:bc:71:2a:6a:af:d7:18:5e:18:8e:5c:e0:ee:c6:
         a5:77:37:e8:c8:8d:ee:70:56:f7:1f:fa:85:da:b1:14:42:e1:
         96:7b:0d:af:8f:21:c8:6f:f0:89:7b:08:b6:a0:46:70:93:47:
         51:40:a4:c3:5b:53:ac:0c:6e:2d:50:2c:a6:8d:99:06:c4:df:
         c7:ac:45:37:0d:5c:51:8c:c0:21:a6:3a:43:cc:70:f0:96:a1:
         bc:ef:b8:36:0b:d7:37:22:46:c9:84:31:81:c1:13:bf:04:a1:
         f6:b2:18:f8:e6:df:4b:fc:a1:8a:a9:85:20:df:e4:57:1d:57:
         e3:ac:17:ee:4e:8e:db:9c:cd:75:1b:c8:78:25:d9:eb:a5:81:
         f6:3d:8f:3d:4c:2d:c6:db:75:c6:d8:a6:14:53:1e:d7:ee:e1:
         0e:7d:df:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOp8MDABFMIm4YPaE9xX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUwNTEyMTYwMTE1WhcNMjUwNTEzMTYwMTE1WjAzMTEwLwYDVQQD
EyhiOThkNTY4YTcyNDNjYzFiMjdjNmJkNzAzYzk1YTg4NGI0ODQ3ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwvuwSk19Y2XZKrzka9NA5yc5TEv
A9aDJZhTWvipJN40Y3UoXiY22LVmvyrGaJ1xHLW9j+1sGneShJet39AHsRCYuoz8
Nkf+0JxDUONBAGI+pm1TLG+nHEY1/B+QsAcJ/8tdyWb6pJm8x+QsyR4vaZYO9P9z
lW7kkWQ0sNfXQVwEFOoWBcpWUPLTGnvdcEOonr90KX+rzpxNAFwgUyy2SxSSlGL5
V8aAHiOLfGYTXM208oC1jYoEpF4PJcvlhkoVepA5VXUQ/+bmtAdxuXYK9OlIxUZV
NlglaCg3EjdtnkSZ/INHlLIqu1SJHrCwpcgku/ZjAdwTCO+qHgkR4Ya1xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmNVopyQ8wbJ8a9cDyVqIS0hH0iMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMHu9ybMv
GIejIRv5MCnpbld/xemL9Zvmm67qms023r7dC4g56F3pG1KCqRRNLunWCC9F7mbx
de+VpXY5y1PPcQrhXQoytGpgUA7+Xp36V+G0gHbtDjLGJoVhAhV4qrxxKmqv1xhe
GI5c4O7GpXc36MiN7nBW9x/6hdqxFELhlnsNr48hyG/wiXsItqBGcJNHUUCkw1tT
rAxuLVAspo2ZBsTfx6xFNw1cUYzAIaY6Q8xw8JahvO+4NgvXNyJGyYQxgcETvwSh
9rIY+ObfS/yhiqmFIN/kVx1X46wX7k6O25zNdRvIeCXZ66WB9j2PPUwtxtt1xtim
FFMe1+7hDn3ffw==
-----END CERTIFICATE-----