Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          zhWmA7UtanX6ExjPKkg9+/u0yOCSytFC289SJqjvAS4=
Subject key identifier:   01:25:23:72:49:72:92:01:A9:09:E6:88:01:3C:B9:BB:B1:AB:1F:E2
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       0197BA7DDCADFC82EC2CA3C83BD34A4FAABB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          12F5
Signing time:             Sun 29 Jun 2025 07:01:40 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:40 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:40 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: Q4dSpLtJ9XyELgEe8V0isQV+Xzn2oVAJE4iAZHEwpFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:dc:ad:fc:82:ec:2c:a3:c8:3b:d3:4a:4f:aa:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Jun 29 07:01:40 2025 GMT
            Not After : Jun 30 07:01:40 2025 GMT
        Subject: CN=0125237249729201a909e688013cb9bbb1ab1fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e2:07:16:71:fd:06:5d:af:bc:1c:00:21:02:
                    b0:d8:37:69:e6:49:28:42:d3:95:2d:b0:5d:66:89:
                    aa:78:5d:83:28:b4:69:51:8b:25:36:25:83:72:2c:
                    4d:ac:b6:0d:8e:e0:5d:5b:48:e8:bd:d8:cc:39:19:
                    4b:03:a6:38:98:64:a8:b8:0a:da:1f:67:82:56:00:
                    56:89:f9:c1:fd:f7:96:a4:d5:80:2c:b5:0f:b8:1e:
                    82:dd:66:3d:fd:cf:b8:21:4a:88:ad:d9:8e:20:2a:
                    1a:6d:11:4d:ea:23:d2:87:2a:cd:fa:f0:25:42:bc:
                    d0:43:79:f0:10:79:41:4f:e2:68:87:38:1d:f9:81:
                    8a:7c:bd:ed:3d:46:ae:1c:a6:31:12:fb:35:a3:8b:
                    56:04:34:47:07:fb:24:de:20:17:02:46:67:c1:d5:
                    b1:b6:16:db:0d:53:b9:3e:6c:f6:5e:07:a3:5a:e2:
                    7a:2d:ff:9f:a3:5e:e4:53:c0:04:c8:1a:07:87:fd:
                    b3:f6:23:f4:27:25:78:4a:26:a8:c8:22:94:2b:15:
                    d6:5a:96:22:7f:b2:a6:20:5b:ae:01:17:26:b6:00:
                    14:b5:00:9c:06:4c:6b:80:bb:14:4a:79:f5:b0:07:
                    16:1a:57:2c:c6:e2:06:6a:1b:6d:31:1d:b3:5c:a3:
                    80:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:25:23:72:49:72:92:01:A9:09:E6:88:01:3C:B9:BB:B1:AB:1F:E2
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:46:6d:2c:af:6c:92:f3:1b:b3:6d:87:54:b3:85:30:8d:b1:
         cc:56:e9:18:1f:ae:46:3b:d9:2e:d5:d5:83:12:90:e1:cf:4a:
         fa:58:ec:28:be:74:85:10:4f:97:dc:c6:88:70:8e:9b:c5:e5:
         a6:e9:8f:29:7e:77:bf:73:b7:1b:c1:44:0f:3f:96:bb:9f:cf:
         9a:c5:5f:8e:88:ae:d1:5d:3e:8f:21:df:fb:4b:86:ec:c1:5d:
         e5:fb:2d:bd:af:44:c9:0f:07:03:a4:8a:ab:66:7a:8a:52:61:
         18:14:ed:21:09:40:81:3f:65:0e:b3:a2:5e:16:11:8a:c2:00:
         9a:27:6b:fe:c4:de:78:aa:88:9a:06:19:0e:3e:d3:cd:54:4c:
         eb:84:0f:a5:83:69:00:9b:b7:30:96:1a:e4:38:3b:43:9f:56:
         09:46:a3:99:49:6f:05:b5:65:b2:73:72:25:d2:20:32:5b:6a:
         b0:75:f0:52:39:ae:87:b2:ba:22:30:52:77:11:44:6e:56:e7:
         a5:93:6c:f7:e4:d0:79:a0:1a:c3:e6:e4:8a:96:3c:ae:88:1b:
         c3:65:32:53:dd:a7:8f:e4:37:a0:73:4e:dc:3e:13:68:a9:6c:
         7a:b1:31:d6:50:32:6c:c6:43:f6:ce:fd:56:1c:63:36:af:be:
         60:ae:eb:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fdyt/ILsLKPIO9NKT6q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNjI5MDcwMTQwWhcNMjUwNjMwMDcwMTQwWjAzMTEwLwYDVQQD
EygwMTI1MjM3MjQ5NzI5MjAxYTkwOWU2ODgwMTNjYjliYmIxYWIxZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuIHFnH9Bl2vvBwAIQKw2Ddp5kko
QtOVLbBdZomqeF2DKLRpUYslNiWDcixNrLYNjuBdW0jovdjMORlLA6Y4mGSouAra
H2eCVgBWifnB/feWpNWALLUPuB6C3WY9/c+4IUqIrdmOICoabRFN6iPShyrN+vAl
QrzQQ3nwEHlBT+Johzgd+YGKfL3tPUauHKYxEvs1o4tWBDRHB/sk3iAXAkZnwdWx
thbbDVO5Pmz2XgejWuJ6Lf+fo17kU8AEyBoHh/2z9iP0JyV4SiaoyCKUKxXWWpYi
f7KmIFuuARcmtgAUtQCcBkxrgLsUSnn1sAcWGlcsxuIGahttMR2zXKOAbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAElI3JJcpIBqQnmiAE8ubuxqx/iMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoUZtLK9s
kvMbs22HVLOFMI2xzFbpGB+uRjvZLtXVgxKQ4c9K+ljsKL50hRBPl9zGiHCOm8Xl
pumPKX53v3O3G8FEDz+Wu5/PmsVfjoiu0V0+jyHf+0uG7MFd5fstva9EyQ8HA6SK
q2Z6ilJhGBTtIQlAgT9lDrOiXhYRisIAmidr/sTeeKqImgYZDj7TzVRM64QPpYNp
AJu3MJYa5Dg7Q59WCUajmUlvBbVlsnNyJdIgMltqsHXwUjmuh7K6IjBSdxFEblbn
pZNs9+TQeaAaw+bkipY8rogbw2UyU92nj+Q3oHNO3D4TaKlserEx1lAybMZD9s79
VhxjNq++YK7rAA==
-----END CERTIFICATE-----