Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
File:                     GGr6K4fO01gj1aLMCghE56FRa_M.mft (raw, json)
Hash identifier:          jSdhYf9hFH8GP45fS7NZ4+lGcWl6I0gPI3g3IrCmSmA=
Subject key identifier:   39:95:5B:53:AD:27:20:71:F9:43:74:ED:ED:F5:0B:32:2C:51:94:3D
Authority key identifier: 18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3
Certificate issuer:       /CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
Certificate serial:       0199FDD950124288C199B38FA31023BEF5B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
Manifest number:          0E43
Signing time:             Sun 19 Oct 2025 19:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:41 +0000
Files and hashes:         1: GGr6K4fO01gj1aLMCghE56FRa_M.crl (hash: FWRfrKJmBDhDNAwlGkwkh31akhEHFljXFok7TqJISvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:50:12:42:88:c1:99:b3:8f:a3:10:23:be:f5:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
        Validity
            Not Before: Oct 19 19:01:41 2025 GMT
            Not After : Oct 20 19:01:41 2025 GMT
        Subject: CN=39955b53ad272071f94374ededf50b322c51943d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:c3:21:90:8f:79:8c:46:50:ec:1f:8f:26:05:
                    15:d6:56:02:fd:fe:39:40:dc:8f:a8:aa:b5:07:ca:
                    b6:37:10:cc:b2:ea:5d:16:4c:f3:57:6d:1c:16:b9:
                    ca:d0:ff:04:5c:39:28:eb:a4:15:fe:aa:87:fb:f5:
                    09:05:6a:9c:ec:da:53:16:1a:81:b1:36:cd:54:22:
                    b6:a6:44:d1:3c:95:84:8b:2b:5b:9e:11:1a:05:c8:
                    ac:0e:26:98:fe:e7:e8:87:5d:34:d8:a5:2a:23:8f:
                    e8:ce:1d:4d:7a:ce:f1:a5:90:5d:7f:13:07:8e:6f:
                    dd:3a:a7:41:5a:8b:d0:74:f7:7d:74:38:c1:2b:5f:
                    08:31:98:b1:a9:bf:cf:e8:35:f5:13:51:22:16:98:
                    97:7c:35:63:99:dc:13:ec:8d:25:00:a2:49:c3:70:
                    cf:8f:35:bb:e2:ac:3b:d2:96:98:eb:9f:d7:c0:0a:
                    c6:46:81:9f:8f:92:ff:e9:88:e8:6b:4c:67:04:c2:
                    f8:d7:ca:e2:18:23:75:fd:f0:cb:b5:48:55:cd:50:
                    b8:09:37:e9:c3:86:e3:7e:9c:5b:82:45:21:1e:ed:
                    92:8b:f3:d2:00:16:c0:4b:39:03:0e:d1:ee:b0:77:
                    60:6e:3b:b3:5a:21:b1:3c:38:8a:11:7a:ff:4e:f0:
                    5b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:95:5B:53:AD:27:20:71:F9:43:74:ED:ED:F5:0B:32:2C:51:94:3D
            X509v3 Authority Key Identifier:
                keyid:18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:15:3e:59:1c:d8:fe:58:41:1b:6c:1e:83:aa:01:a4:0e:83:
         dd:86:5c:27:b1:cc:87:cf:a3:03:93:ac:0e:1f:46:83:68:63:
         04:50:92:12:10:79:c1:bb:90:e8:bf:5c:a3:86:c6:1d:e4:99:
         9c:4d:45:6d:c9:3d:52:a4:2c:ef:a4:54:1b:22:b9:d2:ce:4b:
         98:45:f9:f9:91:b3:99:c2:4e:8e:8c:fa:e5:b4:08:ee:bd:8e:
         74:7f:75:9d:ec:76:01:c5:51:37:1e:b8:22:7c:69:05:b6:80:
         56:ae:5f:18:38:3e:15:c1:a1:45:86:c9:c7:fc:e6:d3:bd:e7:
         05:8f:94:f9:e3:50:d5:d2:bf:5b:4c:04:25:1f:ac:94:ac:36:
         3a:95:85:bd:82:a5:04:ab:88:ce:49:f9:f7:cb:ee:dd:da:97:
         ac:f3:35:08:9f:25:97:5e:b7:ff:a7:89:42:7c:09:aa:93:2d:
         3c:86:03:ee:14:cb:77:3f:49:d1:a6:b1:d8:72:71:39:1d:b6:
         fc:35:0b:b9:be:d2:77:c0:ff:b3:8c:77:50:82:6a:c6:d6:0c:
         b0:4c:25:b8:c0:97:43:fa:cb:dd:57:a1:29:a1:20:2f:d1:6e:
         1b:9f:94:03:1b:08:ae:4c:4c:8a:b4:2a:80:54:06:31:b9:f4:
         8a:d6:01:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92VASQojBmbOPoxAjvvWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NmFmYTJiODdjZWQzNTgyM2Q1YTJjYzBhMDg0NGU3YTE1
MTZiZjMwHhcNMjUxMDE5MTkwMTQxWhcNMjUxMDIwMTkwMTQxWjAzMTEwLwYDVQQD
EygzOTk1NWI1M2FkMjcyMDcxZjk0Mzc0ZWRlZGY1MGIzMjJjNTE5NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8sMhkI95jEZQ7B+PJgUV1lYC/f45
QNyPqKq1B8q2NxDMsupdFkzzV20cFrnK0P8EXDko66QV/qqH+/UJBWqc7NpTFhqB
sTbNVCK2pkTRPJWEiytbnhEaBcisDiaY/ufoh1002KUqI4/ozh1Nes7xpZBdfxMH
jm/dOqdBWovQdPd9dDjBK18IMZixqb/P6DX1E1EiFpiXfDVjmdwT7I0lAKJJw3DP
jzW74qw70paY65/XwArGRoGfj5L/6Yjoa0xnBML418riGCN1/fDLtUhVzVC4CTfp
w4bjfpxbgkUhHu2Si/PSABbASzkDDtHusHdgbjuzWiGxPDiKEXr/TvBbcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmVW1OtJyBx+UN07e31CzIsUZQ9MB8GA1UdIwQY
MBaAFBhq+iuHztNYI9WizAoIROehUWvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgt
NjU1ZDUzNjk4ZmRhLzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgtNjU1ZDUzNjk4ZmRh
LzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBU+WRzY
/lhBG2weg6oBpA6D3YZcJ7HMh8+jA5OsDh9Gg2hjBFCSEhB5wbuQ6L9co4bGHeSZ
nE1Fbck9UqQs76RUGyK50s5LmEX5+ZGzmcJOjoz65bQI7r2OdH91nex2AcVRNx64
InxpBbaAVq5fGDg+FcGhRYbJx/zm073nBY+U+eNQ1dK/W0wEJR+slKw2OpWFvYKl
BKuIzkn598vu3dqXrPM1CJ8ll163/6eJQnwJqpMtPIYD7hTLdz9J0aax2HJxOR22
/DULub7Sd8D/s4x3UIJqxtYMsEwluMCXQ/rL3VehKaEgL9FuG5+UAxsIrkxMirQq
gFQGMbn0itYB7A==
-----END CERTIFICATE-----