Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft
File:                     Gwm9TWooxfH75oPPKs1ei_K65MQ.mft (raw, json)
Hash identifier:          z3P7CSF7/a/6BEiI7PDkrPQakwcN9wKMPjDljhFCOP0=
Subject key identifier:   87:F7:B0:11:D4:05:5F:A9:D3:FB:3E:EC:92:82:ED:9E:0D:EA:0C:2D
Authority key identifier: 1B:09:BD:4D:6A:28:C5:F1:FB:E6:83:CF:2A:CD:5E:8B:F2:BA:E4:C4
Certificate issuer:       /CN=1b09bd4d6a28c5f1fbe683cf2acd5e8bf2bae4c4
Certificate serial:       0199FBEB51108E54BFD59F0A87D5D7F94720
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft
Manifest number:          04AB
Signing time:             Sun 19 Oct 2025 10:02:06 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:06 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:06 +0000
Files and hashes:         1: Gwm9TWooxfH75oPPKs1ei_K65MQ.crl (hash: VV8tVJO+4EigE28rMNJ+rCKT6W8OdpazmRaUOa0Wq9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:51:10:8e:54:bf:d5:9f:0a:87:d5:d7:f9:47:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b09bd4d6a28c5f1fbe683cf2acd5e8bf2bae4c4
        Validity
            Not Before: Oct 19 10:02:06 2025 GMT
            Not After : Oct 20 10:02:06 2025 GMT
        Subject: CN=87f7b011d4055fa9d3fb3eec9282ed9e0dea0c2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:84:80:f8:82:c7:1c:2b:7d:8b:5a:76:1d:f4:
                    3c:9f:cc:a2:1c:78:d1:3f:a6:e7:e0:50:6a:16:f5:
                    f4:11:3e:ff:2b:05:37:62:3a:99:a9:95:60:13:a7:
                    96:14:cd:92:44:aa:37:2f:c9:99:34:9b:4a:13:d9:
                    41:a1:da:0e:ef:9d:cd:b7:1c:9e:fc:c2:df:4a:10:
                    1c:d2:82:8b:b2:d3:60:70:e5:a7:48:2e:f1:54:45:
                    01:3c:2e:27:b0:7d:ac:d2:be:32:f0:4e:69:05:af:
                    35:fd:89:00:b0:f9:d2:2b:c4:1f:fe:b0:52:de:5a:
                    fe:fb:ea:1f:a4:17:11:2d:e5:ff:68:ee:89:42:89:
                    a3:27:cb:97:4a:b9:32:10:a1:25:50:db:91:49:58:
                    69:2c:ac:a6:8d:f7:e6:b5:ed:24:8a:2b:22:3b:88:
                    cd:fe:2a:b1:8d:68:a9:74:61:61:27:4c:8f:e8:7c:
                    4b:48:22:fd:dd:2b:15:42:b8:28:09:b3:ad:bd:7f:
                    42:9e:3c:28:42:8f:8a:71:fc:71:a9:02:cb:48:31:
                    12:b4:e1:51:a7:ef:11:8d:c3:5d:42:0d:f9:54:b5:
                    69:aa:02:cd:d6:c9:d2:9b:b0:ca:4c:fc:b0:70:5b:
                    da:35:02:14:20:9b:e8:3c:32:57:6b:dc:54:20:ce:
                    fa:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:F7:B0:11:D4:05:5F:A9:D3:FB:3E:EC:92:82:ED:9E:0D:EA:0C:2D
            X509v3 Authority Key Identifier:
                keyid:1B:09:BD:4D:6A:28:C5:F1:FB:E6:83:CF:2A:CD:5E:8B:F2:BA:E4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ef:4b:33:99:95:e1:6b:82:73:f5:f6:1b:34:8c:cf:44:1c:
         cb:36:79:59:f3:21:ff:95:22:93:6a:e8:ab:e6:83:c7:60:8b:
         fc:3f:ab:74:e8:19:b5:52:81:35:d9:6e:48:91:4a:29:bd:e3:
         ec:e7:70:8e:13:38:2a:67:23:a8:0c:ff:51:ba:f1:ca:cd:84:
         ce:92:16:49:51:40:10:cf:49:2a:74:27:82:6c:56:87:d5:ab:
         4d:e8:47:13:19:3e:4e:ec:c0:21:56:50:2d:b1:23:b9:c5:89:
         54:6e:7b:38:e5:0f:78:d5:20:8a:0b:6e:e1:04:03:f3:12:d3:
         4e:ce:1f:88:74:87:54:b6:c1:89:15:fa:c0:ab:2b:3b:df:29:
         14:18:8d:e5:1f:27:48:3a:00:26:fa:99:8a:4b:90:a8:65:34:
         c9:77:bf:77:98:1a:da:b9:82:04:87:87:80:6f:99:b9:b5:46:
         8f:85:1d:34:a6:82:29:6d:4c:46:9d:f5:c4:76:44:de:2c:21:
         53:f3:11:4a:51:ac:31:c3:a0:90:fc:28:55:8d:d7:a7:ac:c8:
         08:44:0a:c1:cc:62:e8:76:c5:ce:26:4c:63:87:9e:15:a5:c9:
         b5:a9:f5:eb:35:e6:4f:22:9e:60:66:69:74:48:50:0d:be:47:
         6d:d7:7a:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn761EQjlS/1Z8Kh9XX+UcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDliZDRkNmEyOGM1ZjFmYmU2ODNjZjJhY2Q1ZThiZjJi
YWU0YzQwHhcNMjUxMDE5MTAwMjA2WhcNMjUxMDIwMTAwMjA2WjAzMTEwLwYDVQQD
Eyg4N2Y3YjAxMWQ0MDU1ZmE5ZDNmYjNlZWM5MjgyZWQ5ZTBkZWEwYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4SA+ILHHCt9i1p2HfQ8n8yiHHjR
P6bn4FBqFvX0ET7/KwU3YjqZqZVgE6eWFM2SRKo3L8mZNJtKE9lBodoO753Ntxye
/MLfShAc0oKLstNgcOWnSC7xVEUBPC4nsH2s0r4y8E5pBa81/YkAsPnSK8Qf/rBS
3lr+++ofpBcRLeX/aO6JQomjJ8uXSrkyEKElUNuRSVhpLKymjffmte0kiisiO4jN
/iqxjWipdGFhJ0yP6HxLSCL93SsVQrgoCbOtvX9CnjwoQo+KcfxxqQLLSDEStOFR
p+8RjcNdQg35VLVpqgLN1snSm7DKTPywcFvaNQIUIJvoPDJXa9xUIM76JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIf3sBHUBV+p0/s+7JKC7Z4N6gwtMB8GA1UdIwQY
MBaAFBsJvU1qKMXx++aDzyrNXovyuuTEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NmI1NGMtYjk4MC00ODE3LThkZjYt
ZGNlNzc4MWEyYzVjLzEvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS84NmI1NGMtYjk4MC00ODE3LThkZjYtZGNlNzc4MWEyYzVj
LzEvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+9LM5mV
4WuCc/X2GzSMz0QcyzZ5WfMh/5Uik2roq+aDx2CL/D+rdOgZtVKBNdluSJFKKb3j
7OdwjhM4KmcjqAz/Ubrxys2EzpIWSVFAEM9JKnQngmxWh9WrTehHExk+TuzAIVZQ
LbEjucWJVG57OOUPeNUgigtu4QQD8xLTTs4fiHSHVLbBiRX6wKsrO98pFBiN5R8n
SDoAJvqZikuQqGU0yXe/d5ga2rmCBIeHgG+ZubVGj4UdNKaCKW1MRp31xHZE3iwh
U/MRSlGsMcOgkPwoVY3Xp6zICEQKwcxi6HbFziZMY4eeFaXJtan16zXmTyKeYGZp
dEhQDb5Hbdd6dQ==
-----END CERTIFICATE-----