Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          Yxz5DAHeNcAOwYmECIh/A+b4rCLYKimY0io8e8zazEw=
Subject key identifier:   10:4D:D5:E7:59:01:A6:FD:F8:CB:8C:3C:AF:07:C9:F5:6B:D7:FC:81
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       0198D65FB382C2E4549688C3D482599D73AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:00:52 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:52 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:52 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: dHDLMQ8VJfJvmTsSNlU136Pvgj4naP/XrJA486TMlys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:b3:82:c2:e4:54:96:88:c3:d4:82:59:9d:73:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Aug 23 10:00:52 2025 GMT
            Not After : Aug 24 10:00:52 2025 GMT
        Subject: CN=104dd5e75901a6fdf8cb8c3caf07c9f56bd7fc81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:1b:33:1b:72:d3:ee:14:7b:cb:39:b9:b2:81:
                    b5:21:06:ce:18:fc:73:3b:bd:cb:80:2d:6e:8e:c4:
                    4a:3f:00:91:62:b9:60:6e:d8:9c:70:e2:d7:b1:b6:
                    f4:e3:0a:49:00:ea:f1:ab:1f:3a:99:60:83:4a:12:
                    95:06:de:a7:67:e5:84:e9:27:b5:95:ab:b9:a3:d3:
                    43:9e:d0:f1:f9:4b:c4:f7:df:60:23:33:14:69:3b:
                    b2:3c:9d:b3:fa:4c:62:5a:de:00:5e:cd:ef:ef:91:
                    19:a1:4c:61:69:a8:8d:c2:eb:ef:5b:ef:48:b4:f0:
                    fb:ef:64:7b:2c:88:43:8e:8b:d0:2b:bf:be:eb:27:
                    ce:6c:5f:e0:a9:ef:80:40:1f:59:b4:d6:a7:79:d6:
                    b9:ce:ce:d7:85:18:08:b3:33:1b:d1:79:e9:75:e7:
                    2e:18:64:96:a9:52:cf:e1:be:d0:e2:25:b0:c8:b5:
                    8a:5e:fd:52:7c:8c:9f:07:c2:59:db:06:63:62:ed:
                    27:dc:70:20:4e:6e:ef:28:f6:6c:d5:72:5b:ff:35:
                    d8:aa:29:7b:54:76:8d:ad:22:14:4b:54:fc:dd:c6:
                    0d:54:66:37:52:eb:e7:3e:b4:e9:ec:be:a6:ac:d7:
                    bd:83:ca:fa:19:84:4b:b6:4f:aa:f9:3c:17:13:f4:
                    ef:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:4D:D5:E7:59:01:A6:FD:F8:CB:8C:3C:AF:07:C9:F5:6B:D7:FC:81
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:b0:9f:04:59:67:5b:e2:57:11:4e:5f:a8:58:06:52:bc:e2:
         05:bb:70:49:2e:3a:d2:41:c0:b0:6a:31:ef:97:5a:f5:6b:2c:
         9f:91:31:8d:34:da:aa:4f:b5:c6:27:54:1a:af:2b:2b:47:4d:
         b0:79:dc:4a:de:b5:c0:de:e7:60:f7:6c:77:dd:25:43:b0:3c:
         2b:a4:fd:66:ab:f7:c2:7d:eb:7f:59:e6:2e:20:64:3c:91:76:
         50:fe:a9:08:e3:42:cb:0a:c4:ac:6b:34:88:b5:5b:0c:64:29:
         18:75:99:40:ce:dd:9b:37:53:ed:9f:b8:4a:43:14:7c:10:8b:
         48:ff:23:8a:bf:7f:31:d2:15:4a:28:f3:ad:e7:f3:9b:0e:e7:
         a4:e9:7f:f1:38:fc:ae:56:96:39:d4:f4:e1:02:59:b9:7b:c6:
         f5:10:d8:86:53:67:07:b1:ca:f6:07:ce:32:2e:37:47:7b:c4:
         00:71:9b:5c:37:2b:85:58:77:8c:c0:db:0b:7b:37:e6:15:77:
         62:2a:94:01:92:1f:90:9d:50:f4:94:73:38:ad:0a:15:78:08:
         b7:60:dc:2b:1f:b1:c5:e0:91:26:81:62:35:33:89:b8:f9:49:
         5f:59:e3:e6:0c:19:e5:90:05:85:63:a3:b3:b9:6c:e4:3f:4d:
         41:f5:32:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX7OCwuRUlojD1IJZnXOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwODIzMTAwMDUyWhcNMjUwODI0MTAwMDUyWjAzMTEwLwYDVQQD
EygxMDRkZDVlNzU5MDFhNmZkZjhjYjhjM2NhZjA3YzlmNTZiZDdmYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBszG3LT7hR7yzm5soG1IQbOGPxz
O73LgC1ujsRKPwCRYrlgbticcOLXsbb04wpJAOrxqx86mWCDShKVBt6nZ+WE6Se1
lau5o9NDntDx+UvE999gIzMUaTuyPJ2z+kxiWt4AXs3v75EZoUxhaaiNwuvvW+9I
tPD772R7LIhDjovQK7++6yfObF/gqe+AQB9ZtNaneda5zs7XhRgIszMb0Xnpdecu
GGSWqVLP4b7Q4iWwyLWKXv1SfIyfB8JZ2wZjYu0n3HAgTm7vKPZs1XJb/zXYqil7
VHaNrSIUS1T83cYNVGY3UuvnPrTp7L6mrNe9g8r6GYRLtk+q+TwXE/Tv8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBN1edZAab9+MuMPK8HyfVr1/yBMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbCfBFln
W+JXEU5fqFgGUrziBbtwSS460kHAsGox75da9Wssn5ExjTTaqk+1xidUGq8rK0dN
sHncSt61wN7nYPdsd90lQ7A8K6T9Zqv3wn3rf1nmLiBkPJF2UP6pCONCywrErGs0
iLVbDGQpGHWZQM7dmzdT7Z+4SkMUfBCLSP8jir9/MdIVSijzrefzmw7npOl/8Tj8
rlaWOdT04QJZuXvG9RDYhlNnB7HK9gfOMi43R3vEAHGbXDcrhVh3jMDbC3s35hV3
YiqUAZIfkJ1Q9JRzOK0KFXgIt2DcKx+xxeCRJoFiNTOJuPlJX1nj5gwZ5ZAFhWOj
s7ls5D9NQfUySg==
-----END CERTIFICATE-----