Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
File:                     GhgxUqZBpAN71soKarQcukbaV9s.mft (raw, json)
Hash identifier:          seipx29/38opBmjTA5jXGn+kuNOVFhEzJw4F6wpVTeg=
Subject key identifier:   28:53:2A:FD:6E:0F:14:87:E3:0C:24:0F:20:5C:40:5A:64:35:B1:00
Authority key identifier: 1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB
Certificate issuer:       /CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
Certificate serial:       0199FFC844A8F3F2E8BF518C98A4096E6848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
Manifest number:          1006
Signing time:             Mon 20 Oct 2025 04:02:18 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:18 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:18 +0000
Files and hashes:         1: GhgxUqZBpAN71soKarQcukbaV9s.crl (hash: CbhBfpGpDV3bbsIMEGG5zNaSS8+tJjWVuS68Fzhgzk4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:44:a8:f3:f2:e8:bf:51:8c:98:a4:09:6e:68:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
        Validity
            Not Before: Oct 20 04:02:18 2025 GMT
            Not After : Oct 21 04:02:18 2025 GMT
        Subject: CN=28532afd6e0f1487e30c240f205c405a6435b100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b2:df:b3:9e:73:bb:ca:6c:c3:41:47:31:b2:
                    8d:b2:84:d0:c6:f8:55:4e:9c:54:5b:04:8b:05:63:
                    98:8c:ba:7b:69:39:1b:80:ad:c2:61:a5:32:0e:77:
                    55:41:f7:c2:32:27:7c:3c:02:fc:cf:d1:da:f1:fe:
                    77:87:74:73:73:40:fa:82:eb:0d:88:d3:0b:3c:ef:
                    02:dc:cb:28:87:a1:d4:e3:3f:77:cc:36:ba:96:1d:
                    fe:e3:e1:80:28:04:c9:ed:05:eb:ff:af:5e:67:2d:
                    dd:2a:16:b3:09:9d:bd:22:71:30:b0:55:f0:b8:5a:
                    15:d6:71:a1:bf:03:5f:0e:67:c8:19:d1:4f:d6:ba:
                    ee:ba:76:0c:b6:72:46:5d:d3:76:83:68:56:d8:cc:
                    ec:70:e4:88:0c:22:bd:95:2e:de:cc:50:31:5e:75:
                    e4:38:d3:f7:0b:a7:ae:cb:31:f2:ab:51:be:6a:3a:
                    84:05:1a:71:01:6e:69:43:df:59:aa:23:c4:eb:bb:
                    f7:2c:12:26:ee:77:20:77:04:3f:75:5a:69:85:59:
                    6b:98:ff:75:b8:36:5a:61:d7:41:97:de:97:78:64:
                    d8:0a:c9:55:83:05:15:46:62:4c:06:ee:04:c4:f6:
                    1e:40:52:e9:dd:22:89:f7:9f:46:44:8c:7f:9c:d1:
                    cd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:53:2A:FD:6E:0F:14:87:E3:0C:24:0F:20:5C:40:5A:64:35:B1:00
            X509v3 Authority Key Identifier:
                keyid:1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:6f:64:10:87:46:b7:5a:0f:f8:de:77:ad:de:aa:40:d8:60:
         c5:25:1d:9a:0f:42:fb:5b:e6:fc:ce:c8:67:b4:74:8e:88:59:
         d5:b0:db:2e:39:8a:49:3f:6b:61:cc:e6:93:db:9d:c8:c5:8a:
         d0:86:27:25:3a:4b:f2:2f:2f:a4:05:4a:ec:db:84:de:93:b4:
         f9:a9:06:f4:f8:da:7f:26:da:d7:1e:6b:fc:cd:0d:3d:be:3c:
         c1:34:2b:7d:14:f9:1f:54:9d:8c:c0:e8:60:b9:9a:69:0c:b0:
         98:39:da:09:b3:7a:c3:a8:b3:3c:f2:fd:3e:da:0d:7f:7c:11:
         a2:b7:53:c1:29:2c:f8:ab:1a:e5:91:c3:4e:7e:98:27:74:ba:
         fd:52:43:0e:c2:83:f7:2c:8a:8d:f0:4d:47:8b:ed:c4:e3:8d:
         d3:4c:0c:bd:cc:96:3c:f2:cb:3b:6f:a3:96:0d:af:00:1d:2b:
         de:e9:c7:e9:9f:ce:6f:df:18:4a:f3:1b:e8:6e:10:c9:77:e8:
         5a:e4:3c:db:05:08:56:2f:15:5e:9f:37:5a:d5:b9:73:23:a7:
         98:0e:8a:35:b0:62:a3:4c:10:ce:a3:03:5f:55:5f:a4:14:b6:
         45:da:04:e0:b0:74:05:9a:0c:94:e9:ae:5f:dd:2c:eb:25:da:
         1d:c6:53:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yESo8/Lov1GMmKQJbmhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTgzMTUyYTY0MWE0MDM3YmQ2Y2EwYTZhYjQxY2JhNDZk
YTU3ZGIwHhcNMjUxMDIwMDQwMjE4WhcNMjUxMDIxMDQwMjE4WjAzMTEwLwYDVQQD
EygyODUzMmFmZDZlMGYxNDg3ZTMwYzI0MGYyMDVjNDA1YTY0MzViMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrLfs55zu8psw0FHMbKNsoTQxvhV
TpxUWwSLBWOYjLp7aTkbgK3CYaUyDndVQffCMid8PAL8z9Ha8f53h3Rzc0D6gusN
iNMLPO8C3Msoh6HU4z93zDa6lh3+4+GAKATJ7QXr/69eZy3dKhazCZ29InEwsFXw
uFoV1nGhvwNfDmfIGdFP1rruunYMtnJGXdN2g2hW2MzscOSIDCK9lS7ezFAxXnXk
ONP3C6euyzHyq1G+ajqEBRpxAW5pQ99ZqiPE67v3LBIm7ncgdwQ/dVpphVlrmP91
uDZaYddBl96XeGTYCslVgwUVRmJMBu4ExPYeQFLp3SKJ959GRIx/nNHNgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChTKv1uDxSH4wwkDyBcQFpkNbEAMB8GA1UdIwQY
MBaAFBoYMVKmQaQDe9bKCmq0HLpG2lfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMt
NTYyOTRjNzA4ZmFmLzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMtNTYyOTRjNzA4ZmFm
LzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl29kEIdG
t1oP+N53rd6qQNhgxSUdmg9C+1vm/M7IZ7R0johZ1bDbLjmKST9rYczmk9udyMWK
0IYnJTpL8i8vpAVK7NuE3pO0+akG9Pjafyba1x5r/M0NPb48wTQrfRT5H1SdjMDo
YLmaaQywmDnaCbN6w6izPPL9PtoNf3wRordTwSks+Ksa5ZHDTn6YJ3S6/VJDDsKD
9yyKjfBNR4vtxOON00wMvcyWPPLLO2+jlg2vAB0r3unH6Z/Ob98YSvMb6G4QyXfo
WuQ82wUIVi8VXp83WtW5cyOnmA6KNbBio0wQzqMDX1VfpBS2RdoE4LB0BZoMlOmu
X90s6yXaHcZTsw==
-----END CERTIFICATE-----