Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          eAysFko/Xn7/cDkI40Fap/B9z6ftK5RD6qT/KCQTF/M=
Subject key identifier:   ED:E2:33:49:71:91:10:99:4A:7A:AE:1F:B8:5D:DD:3E:3C:06:B0:D8
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       0196B7B5B2E8DC4DA9B1B3157666FDD320BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          126F
Signing time:             Sat 10 May 2025 01:01:00 +0000
Manifest this update:     Sat 10 May 2025 01:01:00 +0000
Manifest next update:     Sun 11 May 2025 01:01:00 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: Ky4OD0Uyv2ITnf4KxnviUPLvh3yAm1WQkcJicM3BlMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 01:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:b5:b2:e8:dc:4d:a9:b1:b3:15:76:66:fd:d3:20:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: May 10 01:01:00 2025 GMT
            Not After : May 11 01:01:00 2025 GMT
        Subject: CN=ede23349719110994a7aae1fb85ddd3e3c06b0d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:4e:8d:1d:66:2f:e2:69:8e:ed:fd:6f:e5:8e:
                    3e:45:e2:e4:7a:95:c9:0c:21:bd:d5:58:a6:f6:b7:
                    a7:2c:c4:34:b7:af:15:08:7f:e0:6e:c7:46:46:02:
                    3c:db:47:78:0a:8f:d3:48:81:15:0c:c3:47:4e:44:
                    05:1a:53:98:96:0f:e7:4e:b8:13:0d:f6:20:c9:3a:
                    a0:c1:36:33:d0:1c:55:fd:a0:21:72:c2:cd:d0:1d:
                    eb:dc:b4:48:c5:29:c3:2c:83:3a:95:3f:d0:a1:1e:
                    8a:86:de:40:1e:db:aa:12:49:3f:75:2c:dc:d3:51:
                    5d:54:14:07:73:a7:8a:97:d8:b4:6b:d4:2b:ba:8a:
                    df:de:5d:ea:7c:10:11:f6:5c:1d:7b:db:ef:61:d1:
                    16:56:93:64:fe:c2:c4:68:61:c1:6c:8f:e3:1e:93:
                    4b:62:f4:f7:56:d6:70:f4:d0:e8:57:b6:74:5f:89:
                    f4:5b:80:7b:53:37:f1:76:6c:d8:29:41:37:a8:f1:
                    ef:25:a5:51:a4:4e:12:a4:ee:29:70:3a:82:a3:b3:
                    39:15:96:31:91:a2:5a:f4:42:ee:7f:4f:a2:d0:d1:
                    c8:3b:b4:14:21:7c:4a:3c:74:99:0c:3e:58:df:42:
                    9f:39:f4:f8:b0:8c:79:11:90:49:9e:c6:71:03:67:
                    cd:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:E2:33:49:71:91:10:99:4A:7A:AE:1F:B8:5D:DD:3E:3C:06:B0:D8
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:38:4f:29:f9:26:56:be:19:03:a9:9e:9f:ce:8f:39:3c:52:
         60:2c:63:1e:28:e2:c1:80:8d:4d:51:8e:fb:8e:93:8e:43:f4:
         5c:94:a2:e9:1e:fd:78:a6:ed:71:9f:b1:e9:de:93:1e:db:fd:
         fa:a7:c9:ad:24:55:26:b8:21:9a:9f:4b:d6:04:49:e1:de:bf:
         b8:a2:84:f1:18:78:b5:ca:b1:09:a9:03:3b:21:ac:df:b2:32:
         f2:6a:6e:70:0a:9b:91:04:5c:72:ac:09:a4:e8:79:08:bf:40:
         81:98:93:20:d6:18:e2:18:14:4d:99:93:00:32:45:5f:a4:92:
         a3:5a:d0:7f:ed:4a:83:64:ce:21:fa:17:ba:f7:77:04:21:20:
         17:94:3c:d4:86:3f:1c:ab:ea:cd:47:df:b6:77:26:4a:42:36:
         7c:c8:fa:92:0e:63:e4:4a:6c:fc:b5:ca:f7:c1:9d:4c:2a:8b:
         ed:b6:b4:01:b3:6b:ce:08:c0:a3:35:fe:91:b9:79:72:9e:18:
         80:fa:61:11:39:6a:85:e2:48:84:bc:ed:a4:b5:d7:85:38:6e:
         06:f0:14:d5:01:dd:c5:12:76:6b:67:d7:6f:e6:e6:d2:57:5e:
         dd:28:e3:6e:d9:f0:a0:73:7c:de:da:de:65:f3:08:9e:a1:ff:
         2c:2e:23:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3tbLo3E2psbMVdmb90yC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNTEwMDEwMTAwWhcNMjUwNTExMDEwMTAwWjAzMTEwLwYDVQQD
EyhlZGUyMzM0OTcxOTExMDk5NGE3YWFlMWZiODVkZGQzZTNjMDZiMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE6NHWYv4mmO7f1v5Y4+ReLkepXJ
DCG91Vim9renLMQ0t68VCH/gbsdGRgI820d4Co/TSIEVDMNHTkQFGlOYlg/nTrgT
DfYgyTqgwTYz0BxV/aAhcsLN0B3r3LRIxSnDLIM6lT/QoR6Kht5AHtuqEkk/dSzc
01FdVBQHc6eKl9i0a9Qruorf3l3qfBAR9lwde9vvYdEWVpNk/sLEaGHBbI/jHpNL
YvT3VtZw9NDoV7Z0X4n0W4B7UzfxdmzYKUE3qPHvJaVRpE4SpO4pcDqCo7M5FZYx
kaJa9ELuf0+i0NHIO7QUIXxKPHSZDD5Y30KfOfT4sIx5EZBJnsZxA2fNvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3iM0lxkRCZSnquH7hd3T48BrDYMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDhPKfkm
Vr4ZA6men86POTxSYCxjHijiwYCNTVGO+46TjkP0XJSi6R79eKbtcZ+x6d6THtv9
+qfJrSRVJrghmp9L1gRJ4d6/uKKE8Rh4tcqxCakDOyGs37Iy8mpucAqbkQRccqwJ
pOh5CL9AgZiTINYY4hgUTZmTADJFX6SSo1rQf+1Kg2TOIfoXuvd3BCEgF5Q81IY/
HKvqzUfftncmSkI2fMj6kg5j5Eps/LXK98GdTCqL7ba0AbNrzgjAozX+kbl5cp4Y
gPphETlqheJIhLztpLXXhThuBvAU1QHdxRJ2a2fXb+bm0lde3SjjbtnwoHN83tre
ZfMInqH/LC4jVQ==
-----END CERTIFICATE-----