Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
File:                     GhgxUqZBpAN71soKarQcukbaV9s.mft (raw, json)
Hash identifier:          Fz8x95TV2wbWB+DFX3wO2bLSkdG6JxV61l0pK15r5Ws=
Subject key identifier:   14:B6:96:FF:EC:C1:79:2C:90:13:AA:ED:8F:2B:F3:BF:00:E1:22:88
Authority key identifier: 1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB
Certificate issuer:       /CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
Certificate serial:       0197B6A16859B5AAADD3BAE3DC92592031CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
Manifest number:          0ED7
Signing time:             Sat 28 Jun 2025 13:02:00 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:00 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:00 +0000
Files and hashes:         1: GhgxUqZBpAN71soKarQcukbaV9s.crl (hash: UwcR7ppEv2Jjn1AjD/m3Ud9xQ4tQnF53wOQMzjLI1vM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:68:59:b5:aa:ad:d3:ba:e3:dc:92:59:20:31:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
        Validity
            Not Before: Jun 28 13:02:00 2025 GMT
            Not After : Jun 29 13:02:00 2025 GMT
        Subject: CN=14b696ffecc1792c9013aaed8f2bf3bf00e12288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:9a:cd:02:f8:c1:5d:53:48:41:9e:24:64:89:
                    1e:03:e0:41:08:dc:78:47:33:81:3b:a4:9c:94:7a:
                    8d:b4:59:8a:d4:d0:2e:24:05:8d:83:54:ac:aa:86:
                    a8:41:9b:a0:9b:92:60:d1:27:39:d9:7a:1f:8a:17:
                    43:2e:bd:58:3b:8e:39:af:55:6c:20:4a:8c:11:e3:
                    ef:2f:1d:e5:df:8f:cc:31:78:b2:11:5f:81:52:33:
                    ca:cc:3e:50:9f:51:c6:f7:0a:c4:71:cd:47:5b:02:
                    44:c8:13:d7:d4:7d:76:73:55:24:08:6c:3e:ff:e5:
                    35:d7:37:ae:69:02:b3:33:32:a6:54:1b:ad:b2:ae:
                    42:f3:4c:9a:6b:92:24:78:a3:d9:02:cb:30:06:a7:
                    f9:a6:c7:3b:d6:8f:ef:66:4d:bc:5f:02:5b:1d:c3:
                    de:ce:3f:e2:50:2a:98:03:e4:ea:9c:02:a7:44:f7:
                    36:8c:3e:82:8c:c5:05:1d:39:b5:38:ae:89:33:73:
                    38:54:63:a6:35:86:14:2f:fc:8f:39:f1:73:28:53:
                    9f:d7:35:15:82:b1:c1:92:6b:03:62:b2:49:11:ad:
                    cd:66:16:6e:a0:3e:d3:33:d0:28:58:29:bb:5b:9b:
                    79:12:e2:f4:c6:13:e5:8a:c5:9f:70:21:95:3e:76:
                    83:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:B6:96:FF:EC:C1:79:2C:90:13:AA:ED:8F:2B:F3:BF:00:E1:22:88
            X509v3 Authority Key Identifier:
                keyid:1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f5:a2:51:1a:fb:87:dc:e5:34:95:d7:62:1c:fb:c2:57:d7:
         02:64:3d:95:66:22:3c:6f:00:a8:46:4b:a1:a5:38:8e:77:6f:
         db:69:3b:ea:00:35:9f:8e:48:1f:59:57:ad:2d:c5:4f:d8:5b:
         1e:52:02:f4:9e:31:87:b7:28:31:16:cb:03:84:f9:92:6a:25:
         2f:03:ca:fa:9f:8e:59:7d:a9:3c:ba:bd:3b:48:80:5f:1b:c6:
         45:c7:a5:7c:23:df:af:11:7c:64:ac:4e:8b:13:48:a3:eb:13:
         30:a1:1d:28:3f:fe:d0:78:49:5f:07:18:54:d3:f3:1c:f5:8f:
         57:2c:3a:6d:e2:7a:c6:5e:c6:90:eb:05:0a:cf:e3:64:c3:40:
         4f:f0:61:00:99:ef:b9:e6:ce:4e:fa:a2:54:07:22:10:2a:cc:
         96:62:0a:63:89:67:3f:bf:62:ca:d0:04:79:a3:fb:be:78:bb:
         a7:5f:fa:63:09:b5:54:92:7d:d3:9b:8a:11:75:d1:67:80:da:
         89:11:2e:8d:45:90:3c:92:c5:38:ad:f9:55:11:9e:f7:53:45:
         0a:2f:38:e1:cf:2a:52:9c:25:03:a9:a1:bb:1c:60:df:8f:b3:
         e2:45:50:6c:d0:ae:64:1a:56:53:c0:92:36:f3:b6:4b:ca:52:
         f3:77:06:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oWhZtaqt07rj3JJZIDHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTgzMTUyYTY0MWE0MDM3YmQ2Y2EwYTZhYjQxY2JhNDZk
YTU3ZGIwHhcNMjUwNjI4MTMwMjAwWhcNMjUwNjI5MTMwMjAwWjAzMTEwLwYDVQQD
EygxNGI2OTZmZmVjYzE3OTJjOTAxM2FhZWQ4ZjJiZjNiZjAwZTEyMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JrNAvjBXVNIQZ4kZIkeA+BBCNx4
RzOBO6SclHqNtFmK1NAuJAWNg1SsqoaoQZugm5Jg0Sc52XofihdDLr1YO445r1Vs
IEqMEePvLx3l34/MMXiyEV+BUjPKzD5Qn1HG9wrEcc1HWwJEyBPX1H12c1UkCGw+
/+U11zeuaQKzMzKmVButsq5C80yaa5IkeKPZAsswBqf5psc71o/vZk28XwJbHcPe
zj/iUCqYA+TqnAKnRPc2jD6CjMUFHTm1OK6JM3M4VGOmNYYUL/yPOfFzKFOf1zUV
grHBkmsDYrJJEa3NZhZuoD7TM9AoWCm7W5t5EuL0xhPlisWfcCGVPnaDeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBS2lv/swXkskBOq7Y8r878A4SKIMB8GA1UdIwQY
MBaAFBoYMVKmQaQDe9bKCmq0HLpG2lfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMt
NTYyOTRjNzA4ZmFmLzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMtNTYyOTRjNzA4ZmFm
LzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPWiURr7
h9zlNJXXYhz7wlfXAmQ9lWYiPG8AqEZLoaU4jndv22k76gA1n45IH1lXrS3FT9hb
HlIC9J4xh7coMRbLA4T5kmolLwPK+p+OWX2pPLq9O0iAXxvGRcelfCPfrxF8ZKxO
ixNIo+sTMKEdKD/+0HhJXwcYVNPzHPWPVyw6beJ6xl7GkOsFCs/jZMNAT/BhAJnv
uebOTvqiVAciECrMlmIKY4lnP79iytAEeaP7vni7p1/6Ywm1VJJ905uKEXXRZ4Da
iREujUWQPJLFOK35VRGe91NFCi844c8qUpwlA6mhuxxg34+z4kVQbNCuZBpWU8CS
NvO2S8pS83cGVA==
-----END CERTIFICATE-----