Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          2VEKm7ucCDy2Li1uYopyroYQKzLcBzQUOo4nj0MsHAs=
Subject key identifier:   0C:9B:97:4B:14:89:B2:1D:21:6D:8D:BD:4D:E9:4A:F6:7E:B5:B8:D7
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       0197B6A11291C9A8179B34CAA62C3FDF07DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:38 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:38 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:38 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: 6r5TFOb5PopVOeYN6E0PXiLI3ZAYbfIRnPv8SNbQiR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:12:91:c9:a8:17:9b:34:ca:a6:2c:3f:df:07:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Jun 28 13:01:38 2025 GMT
            Not After : Jun 29 13:01:38 2025 GMT
        Subject: CN=0c9b974b1489b21d216d8dbd4de94af67eb5b8d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8b:94:97:2a:8d:ed:76:4b:4e:40:fd:27:bb:
                    51:62:e8:51:a7:74:54:03:bd:00:ae:7c:53:a8:98:
                    ee:39:c5:87:f6:01:60:16:55:a8:17:07:2c:eb:7a:
                    6d:7f:bf:8f:72:f0:2e:5d:ee:17:f8:dd:9b:3a:80:
                    64:18:91:dc:33:25:b1:3a:d8:5c:b9:18:98:8a:c2:
                    47:65:78:1a:a1:31:53:0e:af:70:bd:5c:6c:85:ca:
                    80:d5:56:0f:1a:65:ed:60:5b:52:a4:36:bd:6f:3c:
                    6b:d3:4e:19:2b:a0:1d:d0:73:8c:b6:c8:f1:6a:9e:
                    8c:88:d2:5d:57:24:d4:c5:34:0a:48:ed:a9:40:e2:
                    a5:49:03:54:55:8d:d7:4d:38:3b:ba:c0:fd:38:1a:
                    34:18:bf:94:d0:38:71:6d:cb:15:8a:79:de:41:e8:
                    99:fc:8e:c9:c2:eb:40:f0:dd:48:3a:a7:36:22:9b:
                    56:75:48:d7:53:ce:33:fd:e6:17:2a:26:bc:ed:37:
                    6a:e7:39:5d:d5:1d:56:fb:be:05:f4:ed:87:9a:b0:
                    37:10:b4:4a:e7:30:97:97:68:d5:55:f0:fe:a8:12:
                    7b:cf:c5:2a:84:35:39:9c:c9:5f:32:18:ad:01:22:
                    db:d3:19:50:b4:e8:f6:c5:22:20:5e:36:ce:d4:0a:
                    8b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9B:97:4B:14:89:B2:1D:21:6D:8D:BD:4D:E9:4A:F6:7E:B5:B8:D7
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:50:dc:49:f6:f2:8d:ab:f1:64:3c:97:66:2b:67:ec:6c:ac:
         cb:57:07:5e:7a:4b:3a:7e:c0:49:11:55:41:db:fb:13:8f:f8:
         95:8e:99:13:70:3c:f7:10:96:3c:3e:09:a0:7b:09:01:0d:a4:
         a4:cb:0f:ae:cd:8b:c5:05:ba:18:1b:df:5d:4a:8e:c7:34:0f:
         0e:51:1b:e4:b8:3d:24:33:39:62:3f:28:2e:b3:3f:ba:99:09:
         d7:be:d0:f9:29:fe:d0:63:bf:54:f0:6a:bc:57:45:58:33:db:
         b1:27:2f:32:57:a4:9c:79:58:72:de:1a:48:8c:d7:c2:0b:5b:
         ea:1f:70:82:c4:51:55:6e:ec:d1:80:ff:43:f3:0f:b5:38:d6:
         46:ca:bc:29:ce:75:1f:e0:00:b5:42:aa:92:90:16:65:2a:e6:
         f2:ac:1b:e7:e0:b1:d0:c2:b2:35:2a:3a:88:8a:20:12:d5:16:
         d1:26:a3:4d:30:37:b9:84:f7:98:0f:4f:6e:08:b1:da:4b:f4:
         93:d0:4e:ff:25:66:32:af:6a:94:47:58:00:f8:d7:64:d2:02:
         98:03:eb:e1:fa:8c:58:02:e2:a0:b6:51:3b:06:cd:1b:58:91:
         9e:e4:1b:84:c3:55:e5:27:fa:98:7a:11:24:e2:87:ae:63:e3:
         91:36:76:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRKRyagXmzTKpiw/3wfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNjI4MTMwMTM4WhcNMjUwNjI5MTMwMTM4WjAzMTEwLwYDVQQD
EygwYzliOTc0YjE0ODliMjFkMjE2ZDhkYmQ0ZGU5NGFmNjdlYjViOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApouUlyqN7XZLTkD9J7tRYuhRp3RU
A70ArnxTqJjuOcWH9gFgFlWoFwcs63ptf7+PcvAuXe4X+N2bOoBkGJHcMyWxOthc
uRiYisJHZXgaoTFTDq9wvVxshcqA1VYPGmXtYFtSpDa9bzxr004ZK6Ad0HOMtsjx
ap6MiNJdVyTUxTQKSO2pQOKlSQNUVY3XTTg7usD9OBo0GL+U0DhxbcsVinneQeiZ
/I7JwutA8N1IOqc2IptWdUjXU84z/eYXKia87Tdq5zld1R1W+74F9O2HmrA3ELRK
5zCXl2jVVfD+qBJ7z8UqhDU5nMlfMhitASLb0xlQtOj2xSIgXjbO1AqLOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAybl0sUibIdIW2NvU3pSvZ+tbjXMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC1DcSfby
javxZDyXZitn7Gysy1cHXnpLOn7ASRFVQdv7E4/4lY6ZE3A89xCWPD4JoHsJAQ2k
pMsPrs2LxQW6GBvfXUqOxzQPDlEb5Lg9JDM5Yj8oLrM/upkJ177Q+Sn+0GO/VPBq
vFdFWDPbsScvMleknHlYct4aSIzXwgtb6h9wgsRRVW7s0YD/Q/MPtTjWRsq8Kc51
H+AAtUKqkpAWZSrm8qwb5+Cx0MKyNSo6iIogEtUW0SajTTA3uYT3mA9Pbgix2kv0
k9BO/yVmMq9qlEdYAPjXZNICmAPr4fqMWALioLZROwbNG1iRnuQbhMNV5Sf6mHoR
JOKHrmPjkTZ2sA==
-----END CERTIFICATE-----