Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          KFOgEZ14lrTdDSKTIUFyGJuVZCbLUxCY57pRLzIVpR0=
Subject key identifier:   C8:44:2B:EC:F6:EF:14:FB:04:AD:98:D1:CB:13:71:72:4C:6F:BF:9D
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       0196B3D91B1BA88D03155807CD951BAAA722
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          152C
Signing time:             Fri 09 May 2025 07:01:11 +0000
Manifest this update:     Fri 09 May 2025 07:01:11 +0000
Manifest next update:     Sat 10 May 2025 07:01:11 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: OY3Llp6ruYuhzJOlf/GXIMgV9x3m05VxDr8XEywrhmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:d9:1b:1b:a8:8d:03:15:58:07:cd:95:1b:aa:a7:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: May  9 07:01:11 2025 GMT
            Not After : May 10 07:01:11 2025 GMT
        Subject: CN=c8442becf6ef14fb04ad98d1cb1371724c6fbf9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fb:9f:a3:4c:03:50:45:2e:ac:48:56:d5:f5:
                    ca:08:65:db:b9:53:b8:76:72:a6:ae:3d:96:19:2f:
                    33:1c:9b:ea:33:33:cf:23:d6:9e:55:f9:e9:03:85:
                    f4:83:59:73:9b:a7:dc:ba:93:ab:52:0b:f5:74:68:
                    3a:8c:e3:4e:02:ed:f4:6c:f8:7c:2f:71:d1:e1:d0:
                    26:ca:7f:ff:6f:b5:eb:07:c4:5e:7e:e2:7c:c2:fd:
                    d1:4b:71:d0:03:17:09:af:25:c6:75:33:2b:fd:0f:
                    a6:15:36:de:d1:45:26:cc:7a:d0:43:37:64:af:1f:
                    31:cb:69:0b:a0:bc:5c:7f:b6:63:17:0d:15:de:8a:
                    d4:25:a7:cc:88:a5:42:ee:f9:a4:94:b3:5a:66:51:
                    6a:22:50:c0:c4:3d:33:fc:29:16:42:d0:64:ae:b8:
                    c6:c3:47:76:7a:3e:c1:89:c9:df:d2:1d:f7:79:4a:
                    c2:f6:e0:32:e0:a3:21:62:1e:5c:44:27:cf:4b:5b:
                    cc:0a:a4:33:d3:ab:7b:68:c9:96:50:22:11:dc:95:
                    fa:b9:01:a6:1b:52:5e:92:39:da:55:a9:93:73:24:
                    6e:8d:c8:64:c1:ec:aa:e5:8f:61:1e:16:5f:4d:e8:
                    2e:90:62:84:54:57:18:2d:6e:68:63:fb:23:30:20:
                    33:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:44:2B:EC:F6:EF:14:FB:04:AD:98:D1:CB:13:71:72:4C:6F:BF:9D
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:b9:63:81:15:6b:6d:62:fe:aa:50:8b:b4:6d:b7:3c:cd:50:
         e1:3e:a3:b1:17:c3:30:d1:a5:6f:c2:f2:76:c0:42:2c:b3:03:
         67:92:95:f6:82:9f:30:60:7b:02:03:3a:f1:23:4e:31:94:78:
         a9:58:63:c9:cd:31:f8:89:6e:ba:e2:d4:2d:3c:65:47:aa:2f:
         11:f0:f9:9b:5f:7b:dd:a3:63:be:35:a0:40:ae:d9:74:8a:ec:
         a6:d8:ab:5c:11:08:36:b0:9c:3d:13:e2:db:85:3c:16:d3:73:
         0b:77:23:42:ea:f7:0b:9d:50:31:2e:4c:d5:81:33:8c:61:02:
         d9:51:e2:96:f3:69:e1:86:2a:52:40:84:5b:81:9f:98:dc:0a:
         25:f3:62:90:8c:41:a5:c2:cb:3d:f2:c6:30:2d:43:ed:87:8f:
         78:91:50:8b:ff:1d:e4:b2:4d:72:4d:f0:0a:d2:6f:00:ac:9b:
         df:b0:76:6f:99:a0:f4:17:1e:f0:62:ad:d7:72:29:d1:0d:07:
         53:2a:41:d7:be:64:72:55:33:15:cd:20:f2:54:f4:e9:8a:77:
         2d:64:23:8d:b5:22:45:7f:97:b7:85:09:e9:05:cd:1c:b4:9a:
         77:28:11:29:ad:7e:b1:85:e2:d9:ea:28:81:d6:a5:9a:aa:27:
         93:9c:cd:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaz2RsbqI0DFVgHzZUbqqciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNTA5MDcwMTExWhcNMjUwNTEwMDcwMTExWjAzMTEwLwYDVQQD
EyhjODQ0MmJlY2Y2ZWYxNGZiMDRhZDk4ZDFjYjEzNzE3MjRjNmZiZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvufo0wDUEUurEhW1fXKCGXbuVO4
dnKmrj2WGS8zHJvqMzPPI9aeVfnpA4X0g1lzm6fcupOrUgv1dGg6jONOAu30bPh8
L3HR4dAmyn//b7XrB8RefuJ8wv3RS3HQAxcJryXGdTMr/Q+mFTbe0UUmzHrQQzdk
rx8xy2kLoLxcf7ZjFw0V3orUJafMiKVC7vmklLNaZlFqIlDAxD0z/CkWQtBkrrjG
w0d2ej7Bicnf0h33eUrC9uAy4KMhYh5cRCfPS1vMCqQz06t7aMmWUCIR3JX6uQGm
G1JekjnaVamTcyRujchkweyq5Y9hHhZfTegukGKEVFcYLW5oY/sjMCAzPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhEK+z27xT7BK2Y0csTcXJMb7+dMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrljgRVr
bWL+qlCLtG23PM1Q4T6jsRfDMNGlb8LydsBCLLMDZ5KV9oKfMGB7AgM68SNOMZR4
qVhjyc0x+IluuuLULTxlR6ovEfD5m1973aNjvjWgQK7ZdIrsptirXBEINrCcPRPi
24U8FtNzC3cjQur3C51QMS5M1YEzjGEC2VHilvNp4YYqUkCEW4GfmNwKJfNikIxB
pcLLPfLGMC1D7YePeJFQi/8d5LJNck3wCtJvAKyb37B2b5mg9Bce8GKt13Ip0Q0H
UypB175kclUzFc0g8lT06Yp3LWQjjbUiRX+Xt4UJ6QXNHLSadygRKa1+sYXi2eoo
gdalmqonk5zNAw==
-----END CERTIFICATE-----