Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
File:                     GGr6K4fO01gj1aLMCghE56FRa_M.mft (raw, json)
Hash identifier:          607A7+wo9ZkHt/4XCLSpw31CFErzxbRyCkVoAKeb3l0=
Subject key identifier:   19:A8:57:50:92:22:D9:66:B8:AB:B6:F3:34:95:35:DF:B2:01:7E:2F
Authority key identifier: 18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3
Certificate issuer:       /CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
Certificate serial:       0198D6611EA5FF5F135A084ED6C75488BCD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
Manifest number:          0DAA
Signing time:             Sat 23 Aug 2025 10:02:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:25 +0000
Files and hashes:         1: GGr6K4fO01gj1aLMCghE56FRa_M.crl (hash: 75qGzEKCpGbphK2xkkh8qAJqoFJ5VKLwFcuFr7jSSBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1e:a5:ff:5f:13:5a:08:4e:d6:c7:54:88:bc:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
        Validity
            Not Before: Aug 23 10:02:25 2025 GMT
            Not After : Aug 24 10:02:25 2025 GMT
        Subject: CN=19a857509222d966b8abb6f3349535dfb2017e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:6a:2e:07:b1:00:33:70:e4:b6:1e:bb:75:ad:
                    52:a6:d3:ee:d9:cc:e7:db:fe:8b:e5:25:81:53:95:
                    64:86:98:aa:02:d6:15:c0:a6:e0:b3:89:2f:8f:66:
                    8e:79:eb:e8:0d:ec:c3:9e:73:64:39:c1:3a:31:d5:
                    c6:6a:62:73:ec:df:6d:e4:c6:21:dd:d3:a1:bb:b5:
                    00:93:a5:c3:37:b4:98:33:a9:c5:e5:1f:e0:79:12:
                    ce:37:44:fa:78:cd:e7:bb:bf:83:5f:f8:ea:f5:ff:
                    34:af:bf:16:3d:a8:f0:92:72:99:dc:f7:18:84:30:
                    16:68:34:ea:f0:99:ff:bf:22:a9:c0:51:b8:cf:0e:
                    21:11:6d:0d:67:ce:37:13:7a:32:d8:ed:6a:55:4a:
                    d9:5f:6f:be:e4:f2:63:e4:d2:eb:de:22:9b:3d:e8:
                    7f:2a:e7:92:ef:28:67:41:87:9a:68:61:55:77:0c:
                    7a:f4:dd:ba:99:a7:73:41:08:17:b1:44:17:30:98:
                    e7:b5:fc:06:fc:ba:f9:10:2b:77:92:c5:29:f8:19:
                    92:31:63:e3:22:5e:3d:8f:48:3d:06:07:81:7f:8c:
                    c0:c6:a7:dc:f3:c5:66:41:d1:8d:10:cd:76:76:16:
                    1e:22:88:0a:98:3e:8f:1d:1c:d0:85:1f:93:1f:34:
                    65:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A8:57:50:92:22:D9:66:B8:AB:B6:F3:34:95:35:DF:B2:01:7E:2F
            X509v3 Authority Key Identifier:
                keyid:18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:e8:21:30:05:5b:c6:ee:c3:a8:19:d0:83:f3:16:96:7a:1a:
         3c:67:b3:c0:7f:9a:45:ca:f6:e7:80:59:e8:ab:95:69:6b:d2:
         c0:e6:3a:13:ad:bd:86:bb:43:32:3d:29:ef:47:3e:e5:f4:38:
         80:80:02:96:47:c6:3c:0f:7c:93:e6:0e:ad:e7:c1:61:b6:12:
         e3:a8:2b:3b:7e:45:14:15:c4:a4:e1:e5:fd:1c:bc:f0:55:c2:
         0f:16:13:cb:19:54:b3:ed:10:cb:e6:9a:6f:22:50:7a:2d:4e:
         e6:df:5c:00:1e:43:3b:fc:87:9b:c1:d4:72:75:3d:a1:e9:ca:
         21:4e:dd:64:01:40:76:3d:84:e9:3f:c3:89:07:0a:28:0a:e2:
         45:a5:c2:ae:35:d8:00:15:82:10:21:2e:df:29:12:76:be:22:
         ad:ce:b3:68:13:f9:75:dd:e3:95:5b:10:09:37:d7:39:d6:3d:
         12:5a:fa:dd:73:61:c1:20:f4:e9:6f:2e:7c:d8:1f:7d:34:26:
         9f:42:00:ac:da:71:42:d6:69:76:e8:e8:0e:62:2b:78:41:e8:
         41:41:87:38:04:54:6b:14:da:ac:34:9c:9e:51:96:85:2a:d0:
         f1:a1:fb:69:fc:fe:8d:30:64:04:32:58:4e:36:fe:40:4c:9e:
         5b:f4:63:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYR6l/18TWghO1sdUiLzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NmFmYTJiODdjZWQzNTgyM2Q1YTJjYzBhMDg0NGU3YTE1
MTZiZjMwHhcNMjUwODIzMTAwMjI1WhcNMjUwODI0MTAwMjI1WjAzMTEwLwYDVQQD
EygxOWE4NTc1MDkyMjJkOTY2YjhhYmI2ZjMzNDk1MzVkZmIyMDE3ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2ouB7EAM3Dkth67da1SptPu2czn
2/6L5SWBU5VkhpiqAtYVwKbgs4kvj2aOeevoDezDnnNkOcE6MdXGamJz7N9t5MYh
3dOhu7UAk6XDN7SYM6nF5R/geRLON0T6eM3nu7+DX/jq9f80r78WPajwknKZ3PcY
hDAWaDTq8Jn/vyKpwFG4zw4hEW0NZ843E3oy2O1qVUrZX2++5PJj5NLr3iKbPeh/
KueS7yhnQYeaaGFVdwx69N26madzQQgXsUQXMJjntfwG/Lr5ECt3ksUp+BmSMWPj
Il49j0g9BgeBf4zAxqfc88VmQdGNEM12dhYeIogKmD6PHRzQhR+THzRlMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmoV1CSItlmuKu28zSVNd+yAX4vMB8GA1UdIwQY
MBaAFBhq+iuHztNYI9WizAoIROehUWvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgt
NjU1ZDUzNjk4ZmRhLzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgtNjU1ZDUzNjk4ZmRh
LzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlughMAVb
xu7DqBnQg/MWlnoaPGezwH+aRcr254BZ6KuVaWvSwOY6E629hrtDMj0p70c+5fQ4
gIAClkfGPA98k+YOrefBYbYS46grO35FFBXEpOHl/Ry88FXCDxYTyxlUs+0Qy+aa
byJQei1O5t9cAB5DO/yHm8HUcnU9oenKIU7dZAFAdj2E6T/DiQcKKAriRaXCrjXY
ABWCECEu3ykSdr4irc6zaBP5dd3jlVsQCTfXOdY9Elr63XNhwSD06W8ufNgffTQm
n0IArNpxQtZpdujoDmIreEHoQUGHOARUaxTarDScnlGWhSrQ8aH7afz+jTBkBDJY
Tjb+QEyeW/Rjqw==
-----END CERTIFICATE-----