Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          sHBqSk/DCKM82ZOyvZPw+M2rTDBFxCnIeHFwptgqpiw=
Subject key identifier:   9E:CC:32:90:E6:72:A3:9B:33:DC:CB:67:1E:75:D9:3F:28:4A:A6:F9
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       0199FDD97E4B13EB79652A6A2EEF62FF5FC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          1421
Signing time:             Sun 19 Oct 2025 19:01:52 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:52 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:52 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: 0h+exdIYazUwtXWRMIWT2an3D2A4n0ZH8H48Z/gTbbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:7e:4b:13:eb:79:65:2a:6a:2e:ef:62:ff:5f:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Oct 19 19:01:52 2025 GMT
            Not After : Oct 20 19:01:52 2025 GMT
        Subject: CN=9ecc3290e672a39b33dccb671e75d93f284aa6f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:15:84:1e:89:04:f1:0a:fc:8c:af:41:a1:0c:
                    46:4b:12:81:44:79:6e:e7:85:87:7f:13:24:c5:80:
                    82:7b:89:af:4a:f7:93:1e:ea:2f:3c:5b:d3:8a:24:
                    fe:ee:05:13:b7:f5:20:6c:76:6f:d9:5d:0e:f4:0d:
                    48:03:7f:ca:10:8b:a5:c5:e8:e2:f0:35:93:5c:90:
                    1d:d6:93:52:2b:c8:68:aa:a4:08:71:92:74:cb:a4:
                    55:03:a7:5f:c9:cc:d9:e9:16:24:7e:3d:36:01:a5:
                    a7:f4:5f:3d:39:4e:08:93:07:85:e5:ac:9f:21:4d:
                    2c:d4:fd:30:c6:01:58:27:49:30:a7:74:e7:6a:c5:
                    c9:ed:e0:c1:dd:50:13:b8:da:88:0a:04:cc:30:a5:
                    4c:1c:a6:de:e4:82:4b:4f:b9:a1:5d:87:af:21:e1:
                    58:11:7c:6b:7f:9d:08:6a:3f:dd:91:6d:8d:7a:27:
                    3b:63:ae:d5:97:68:70:33:5a:75:46:f9:39:de:80:
                    52:58:73:44:55:01:11:a3:0c:83:f3:14:62:50:94:
                    aa:d6:2b:d2:64:33:e5:a1:3d:ed:98:59:e8:37:76:
                    38:c2:32:c0:32:fc:fa:d9:98:b8:e8:b2:de:13:01:
                    3b:05:b9:ed:69:16:d2:0b:87:2d:b9:9c:d7:38:52:
                    da:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:CC:32:90:E6:72:A3:9B:33:DC:CB:67:1E:75:D9:3F:28:4A:A6:F9
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:a8:05:36:83:4f:6a:02:6d:77:03:d2:f9:20:8b:61:00:3e:
         93:b6:0f:96:55:f8:22:dc:84:30:fa:78:d6:b5:a4:62:f0:9b:
         68:44:65:96:9b:eb:27:81:c6:14:44:1c:1b:60:5a:59:b8:62:
         b9:06:1a:fb:fe:30:8f:99:ce:f7:3c:af:b5:13:f5:9d:c1:40:
         82:2a:29:dd:d6:9f:d1:56:6b:f5:6e:a2:a9:76:ed:f8:0e:53:
         6e:c9:23:51:64:22:1d:97:b4:a7:7e:74:d9:4c:3d:75:71:f4:
         cc:1f:f1:f7:89:4f:f8:8f:1c:45:c0:ed:c2:1c:4b:e5:4a:70:
         ce:1f:52:fb:77:b3:fa:41:83:45:39:55:3e:58:df:cd:23:7c:
         46:d1:9f:1d:e6:dd:28:c6:ce:fe:a7:34:9c:b3:11:07:4a:bf:
         6f:e9:c5:cc:5b:63:62:47:98:dd:2d:06:e4:9e:25:34:ce:8c:
         a3:49:55:8d:45:a3:f8:6b:fe:db:42:fa:f8:5e:99:33:43:c9:
         f7:bc:b8:ad:db:99:33:22:75:8e:de:58:0b:d8:0e:da:72:22:
         19:56:b9:39:7a:0d:b4:49:89:ae:05:7a:4e:66:74:73:ee:c8:
         f3:8e:48:a2:22:91:d9:de:6a:1f:73:b2:f0:ad:37:12:97:b4:
         40:09:70:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92X5LE+t5ZSpqLu9i/1/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUxMDE5MTkwMTUyWhcNMjUxMDIwMTkwMTUyWjAzMTEwLwYDVQQD
Eyg5ZWNjMzI5MGU2NzJhMzliMzNkY2NiNjcxZTc1ZDkzZjI4NGFhNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxWEHokE8Qr8jK9BoQxGSxKBRHlu
54WHfxMkxYCCe4mvSveTHuovPFvTiiT+7gUTt/UgbHZv2V0O9A1IA3/KEIulxeji
8DWTXJAd1pNSK8hoqqQIcZJ0y6RVA6dfyczZ6RYkfj02AaWn9F89OU4IkweF5ayf
IU0s1P0wxgFYJ0kwp3TnasXJ7eDB3VATuNqICgTMMKVMHKbe5IJLT7mhXYevIeFY
EXxrf50Iaj/dkW2Neic7Y67Vl2hwM1p1Rvk53oBSWHNEVQERowyD8xRiUJSq1ivS
ZDPloT3tmFnoN3Y4wjLAMvz62Zi46LLeEwE7BbntaRbSC4ctuZzXOFLaiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7MMpDmcqObM9zLZx512T8oSqb5MB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbagFNoNP
agJtdwPS+SCLYQA+k7YPllX4ItyEMPp41rWkYvCbaERllpvrJ4HGFEQcG2BaWbhi
uQYa+/4wj5nO9zyvtRP1ncFAgiop3daf0VZr9W6iqXbt+A5TbskjUWQiHZe0p350
2Uw9dXH0zB/x94lP+I8cRcDtwhxL5Upwzh9S+3ez+kGDRTlVPljfzSN8RtGfHebd
KMbO/qc0nLMRB0q/b+nFzFtjYkeY3S0G5J4lNM6Mo0lVjUWj+Gv+20L6+F6ZM0PJ
97y4rduZMyJ1jt5YC9gO2nIiGVa5OXoNtEmJrgV6TmZ0c+7I845IoiKR2d5qH3Oy
8K03Epe0QAlwLg==
-----END CERTIFICATE-----