Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
File:                     GGr6K4fO01gj1aLMCghE56FRa_M.mft (raw, json)
Hash identifier:          0MvDxPLaHQRrChPUwkn2D0uIHWq6k5ovFJhffnb4e8g=
Subject key identifier:   69:C4:D3:E1:88:D2:12:FB:FC:3E:61:D8:17:B5:34:AD:EE:84:70:8B
Authority key identifier: 18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3
Certificate issuer:       /CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
Certificate serial:       0196BF6F9BA8FC1F2188B0812C137728FC76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
Manifest number:          0C95
Signing time:             Sun 11 May 2025 13:01:24 +0000
Manifest this update:     Sun 11 May 2025 13:01:24 +0000
Manifest next update:     Mon 12 May 2025 13:01:24 +0000
Files and hashes:         1: GGr6K4fO01gj1aLMCghE56FRa_M.crl (hash: jc/PsboYjS4TMbEyGBT8/0QgeOYUUqO8VQLnpe8fn5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6f:9b:a8:fc:1f:21:88:b0:81:2c:13:77:28:fc:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
        Validity
            Not Before: May 11 13:01:24 2025 GMT
            Not After : May 12 13:01:24 2025 GMT
        Subject: CN=69c4d3e188d212fbfc3e61d817b534adee84708b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7a:07:20:00:fc:d7:74:73:c7:6e:c6:e1:2b:
                    86:95:7c:69:d0:c7:0b:01:45:ec:2c:4c:59:5b:00:
                    47:0c:9f:aa:97:bb:c2:ee:40:c7:4b:22:00:7b:79:
                    9d:9b:0b:45:58:1e:80:f1:1e:41:70:ec:f6:cb:ad:
                    54:ad:07:f8:b0:1a:c8:e6:ab:3f:b9:9d:8f:f2:e2:
                    c1:dc:24:a2:95:1f:67:17:27:b0:d3:ac:4e:31:63:
                    cf:ae:87:bb:9d:0a:1c:95:4c:00:ed:26:89:62:f1:
                    01:b6:5a:ef:5a:50:89:54:aa:5b:91:bf:5d:9d:b9:
                    f8:2f:20:38:73:f5:27:82:e8:55:f1:15:6c:49:4c:
                    e0:e3:e0:b7:5f:3c:bd:2c:99:f1:23:92:a0:d6:e7:
                    b8:ec:83:09:bb:aa:2a:b1:dd:52:85:ce:6d:ac:d9:
                    0d:dd:6b:9e:eb:fa:88:08:28:47:18:30:95:62:c6:
                    2c:e8:10:85:7d:e5:06:e4:56:0e:63:1d:87:33:bf:
                    90:de:0c:76:dc:8a:b7:e1:78:8b:55:90:e6:16:41:
                    3d:a7:7e:10:e4:d1:dd:95:35:58:8e:17:1a:98:18:
                    fe:a3:40:50:0b:b7:7e:1e:15:03:09:fa:a2:7d:82:
                    6c:6e:77:91:10:b5:5f:fc:0b:47:46:03:ac:4a:b0:
                    f0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:C4:D3:E1:88:D2:12:FB:FC:3E:61:D8:17:B5:34:AD:EE:84:70:8B
            X509v3 Authority Key Identifier:
                keyid:18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:b9:17:60:cd:bd:3b:7d:1e:6f:7c:3a:69:2f:09:b6:a8:9f:
         eb:4c:bf:78:f6:f5:70:90:e6:3b:79:f8:84:6c:69:2c:44:1d:
         a3:d1:c5:01:cc:03:fb:4f:f8:e4:43:06:cb:69:dd:01:70:b8:
         af:33:fc:91:fc:18:d8:a8:b7:f1:62:14:e6:b0:33:68:f4:9b:
         8b:16:34:3e:8f:60:6e:e0:42:c4:e6:2e:45:d9:e8:ae:60:fb:
         04:a8:aa:ee:5f:b5:a4:60:35:dc:7c:f6:6f:e5:b5:e3:75:b1:
         cc:31:0c:0f:d4:b9:f3:d0:1f:12:b1:6e:32:e0:49:5b:e1:8e:
         e4:8f:65:2f:7d:5b:de:42:af:ef:09:f3:bf:71:f9:89:7a:27:
         1d:ce:27:af:e3:b1:a9:4d:e4:44:39:1b:3f:35:68:cb:36:1f:
         90:a0:41:b1:19:44:3e:88:58:3e:a3:3c:96:85:cd:e1:86:60:
         3e:d9:e1:e5:9c:9e:dc:61:7a:4e:5f:00:c9:8a:c4:08:ab:88:
         a0:c0:8b:51:3c:42:b6:03:0f:9d:5c:49:21:f8:bf:5a:80:13:
         e2:8d:23:d7:b9:c7:1a:59:c3:a3:8e:e0:88:4b:d8:05:e1:c9:
         2d:2b:27:54:85:30:8a:ee:6a:4a:d5:83:9b:58:d1:6e:81:ae:
         b0:d2:e2:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/b5uo/B8hiLCBLBN3KPx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NmFmYTJiODdjZWQzNTgyM2Q1YTJjYzBhMDg0NGU3YTE1
MTZiZjMwHhcNMjUwNTExMTMwMTI0WhcNMjUwNTEyMTMwMTI0WjAzMTEwLwYDVQQD
Eyg2OWM0ZDNlMTg4ZDIxMmZiZmMzZTYxZDgxN2I1MzRhZGVlODQ3MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHoHIAD813Rzx27G4SuGlXxp0McL
AUXsLExZWwBHDJ+ql7vC7kDHSyIAe3mdmwtFWB6A8R5BcOz2y61UrQf4sBrI5qs/
uZ2P8uLB3CSilR9nFyew06xOMWPProe7nQoclUwA7SaJYvEBtlrvWlCJVKpbkb9d
nbn4LyA4c/UnguhV8RVsSUzg4+C3Xzy9LJnxI5Kg1ue47IMJu6oqsd1Shc5trNkN
3Wue6/qICChHGDCVYsYs6BCFfeUG5FYOYx2HM7+Q3gx23Iq34XiLVZDmFkE9p34Q
5NHdlTVYjhcamBj+o0BQC7d+HhUDCfqifYJsbneRELVf/AtHRgOsSrDwMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnE0+GI0hL7/D5h2Be1NK3uhHCLMB8GA1UdIwQY
MBaAFBhq+iuHztNYI9WizAoIROehUWvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgt
NjU1ZDUzNjk4ZmRhLzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgtNjU1ZDUzNjk4ZmRh
LzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADbkXYM29
O30eb3w6aS8Jtqif60y/ePb1cJDmO3n4hGxpLEQdo9HFAcwD+0/45EMGy2ndAXC4
rzP8kfwY2Ki38WIU5rAzaPSbixY0Po9gbuBCxOYuRdnormD7BKiq7l+1pGA13Hz2
b+W143WxzDEMD9S589AfErFuMuBJW+GO5I9lL31b3kKv7wnzv3H5iXonHc4nr+Ox
qU3kRDkbPzVoyzYfkKBBsRlEPohYPqM8loXN4YZgPtnh5Zye3GF6Tl8AyYrECKuI
oMCLUTxCtgMPnVxJIfi/WoAT4o0j17nHGlnDo47giEvYBeHJLSsnVIUwiu5qStWD
m1jRboGusNLiFQ==
-----END CERTIFICATE-----