Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          VgzBUomnQzmRxzNixxwAPClU1H74AUjI5jOQ1JCa+JY=
Subject key identifier:   DA:40:CC:8B:CB:D6:17:3C:28:19:B1:A3:CE:C5:A3:10:8D:A3:67:C3
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       0198D6611EADB92D5010324EA949FDA130BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          1388
Signing time:             Sat 23 Aug 2025 10:02:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:25 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: r7P0f+pKJXgnRPPantzdZVs6WQm3GymP7VlgNpS3hO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1e:ad:b9:2d:50:10:32:4e:a9:49:fd:a1:30:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Aug 23 10:02:25 2025 GMT
            Not After : Aug 24 10:02:25 2025 GMT
        Subject: CN=da40cc8bcbd6173c2819b1a3cec5a3108da367c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4f:27:57:41:63:77:76:be:19:52:e6:1f:3e:
                    1b:42:6a:f6:7d:6f:06:23:9d:fa:97:13:60:c1:df:
                    71:6b:81:7e:b6:1e:87:d6:c0:14:7b:26:cf:f2:f3:
                    aa:6b:58:4c:97:9d:11:b2:14:45:70:2b:19:18:78:
                    04:68:43:8a:a4:a4:d3:15:6e:8c:02:d0:a7:9a:4c:
                    15:3c:9d:e3:93:b6:d6:80:5e:39:1a:71:db:e7:f6:
                    9d:47:67:a7:d5:cd:a2:22:53:b9:44:6e:96:0e:20:
                    7c:29:ef:5f:cf:b5:36:80:4c:45:f7:72:39:03:5a:
                    d2:95:64:11:a4:3a:6f:45:41:ca:21:63:df:72:79:
                    6a:13:45:df:a6:6f:61:3a:74:63:03:17:6f:b4:09:
                    ce:64:fd:f5:8a:04:19:f4:88:7e:46:5d:da:83:a6:
                    73:27:3c:5e:e6:f0:f3:3f:0e:ef:22:ef:ac:15:c8:
                    b5:3b:c6:c4:37:0f:92:0a:ae:54:3f:ed:51:8e:dc:
                    29:77:61:a6:04:94:b9:35:93:07:ec:34:8b:94:b2:
                    62:7a:aa:e0:96:5b:c9:05:a3:8c:6a:46:0e:da:32:
                    f5:ef:95:16:92:2f:ce:7f:b9:cd:55:cb:ce:9f:91:
                    bc:a1:ec:97:71:0e:c0:05:a8:65:15:a7:7e:b9:f3:
                    96:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:40:CC:8B:CB:D6:17:3C:28:19:B1:A3:CE:C5:A3:10:8D:A3:67:C3
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:84:db:e1:df:4b:41:21:de:5f:86:8d:4f:2a:df:c1:c2:c8:
         2a:4c:4e:da:65:c4:4f:23:d8:d2:48:5b:2f:38:c4:ed:6c:3d:
         df:f9:0d:a1:b3:27:87:84:8f:9e:e4:40:7d:64:d0:46:04:72:
         11:4f:80:b0:b4:77:41:c3:3e:85:5e:c1:cb:bc:2d:8d:ca:fb:
         e4:ae:fe:f3:13:69:aa:52:ff:87:8d:7e:f8:d6:6e:3d:a9:2b:
         8b:da:00:78:de:f3:c6:94:9e:ec:53:3b:11:d1:27:ca:91:2c:
         5c:6f:5d:26:c6:1a:eb:b3:a1:37:8a:7c:60:e6:a6:d3:70:22:
         f4:e9:12:32:6f:f3:aa:2d:da:bd:0b:a7:9e:12:1a:78:f0:a9:
         08:c3:0c:67:3c:29:57:2b:cb:b6:e4:f6:64:b1:5d:85:e7:57:
         ac:69:44:fd:36:c0:51:1b:a5:cd:65:fd:76:8d:2d:9a:70:62:
         07:50:e9:a1:2c:dc:d9:04:89:a1:08:66:a2:eb:2c:02:a4:67:
         77:ef:6b:3a:27:51:e4:1c:3b:af:cf:d8:ad:a5:46:24:d7:70:
         e1:3e:04:a6:9d:3c:97:23:74:2b:cb:df:e9:89:20:65:99:7d:
         8a:48:12:ac:8e:58:e5:bb:b3:64:ea:b6:10:64:28:ab:73:9d:
         87:5a:12:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYR6tuS1QEDJOqUn9oTC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwODIzMTAwMjI1WhcNMjUwODI0MTAwMjI1WjAzMTEwLwYDVQQD
EyhkYTQwY2M4YmNiZDYxNzNjMjgxOWIxYTNjZWM1YTMxMDhkYTM2N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr08nV0Fjd3a+GVLmHz4bQmr2fW8G
I536lxNgwd9xa4F+th6H1sAUeybP8vOqa1hMl50RshRFcCsZGHgEaEOKpKTTFW6M
AtCnmkwVPJ3jk7bWgF45GnHb5/adR2en1c2iIlO5RG6WDiB8Ke9fz7U2gExF93I5
A1rSlWQRpDpvRUHKIWPfcnlqE0Xfpm9hOnRjAxdvtAnOZP31igQZ9Ih+Rl3ag6Zz
Jzxe5vDzPw7vIu+sFci1O8bENw+SCq5UP+1Rjtwpd2GmBJS5NZMH7DSLlLJieqrg
llvJBaOMakYO2jL175UWki/Of7nNVcvOn5G8oeyXcQ7ABahlFad+ufOWCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpAzIvL1hc8KBmxo87FoxCNo2fDMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA04Tb4d9L
QSHeX4aNTyrfwcLIKkxO2mXETyPY0khbLzjE7Ww93/kNobMnh4SPnuRAfWTQRgRy
EU+AsLR3QcM+hV7By7wtjcr75K7+8xNpqlL/h41++NZuPakri9oAeN7zxpSe7FM7
EdEnypEsXG9dJsYa67OhN4p8YOam03Ai9OkSMm/zqi3avQunnhIaePCpCMMMZzwp
VyvLtuT2ZLFdhedXrGlE/TbAURulzWX9do0tmnBiB1DpoSzc2QSJoQhmoussAqRn
d+9rOidR5Bw7r8/YraVGJNdw4T4Epp08lyN0K8vf6YkgZZl9ikgSrI5Y5buzZOq2
EGQoq3Odh1oSFA==
-----END CERTIFICATE-----