Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
File:                     GGr6K4fO01gj1aLMCghE56FRa_M.mft (raw, json)
Hash identifier:          Ddo42A+Mb9hviibkaR2yz0RXHdgBByu8EBaGhiizPOg=
Subject key identifier:   3A:ED:F1:00:9D:62:02:1E:38:C6:29:71:58:B3:CA:2D:16:B4:70:43
Authority key identifier: 18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3
Certificate issuer:       /CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
Certificate serial:       0197B89062DC1DDF095AD844AB21473CF313
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
Manifest number:          0D16
Signing time:             Sat 28 Jun 2025 22:02:39 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:39 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:39 +0000
Files and hashes:         1: GGr6K4fO01gj1aLMCghE56FRa_M.crl (hash: Jty/PlhR6PHpsgaEByZKpuCSzWOe6my0Wd3V7Kkty+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:62:dc:1d:df:09:5a:d8:44:ab:21:47:3c:f3:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=186afa2b87ced35823d5a2cc0a0844e7a1516bf3
        Validity
            Not Before: Jun 28 22:02:39 2025 GMT
            Not After : Jun 29 22:02:39 2025 GMT
        Subject: CN=3aedf1009d62021e38c6297158b3ca2d16b47043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:05:5c:7f:75:d6:f2:cf:94:74:1e:41:4f:f6:
                    0e:e0:da:1f:02:71:9d:b6:ae:a7:b0:24:65:80:ac:
                    61:ad:ba:4f:30:65:a8:1f:28:d4:f4:30:02:35:29:
                    f6:79:f8:d7:6d:98:81:ca:9d:47:c2:2f:54:a1:2f:
                    11:2b:a4:5b:7d:8c:49:00:49:64:e9:cf:4b:23:fa:
                    ee:d2:dd:ab:24:44:be:1d:91:fe:a9:29:7b:d3:85:
                    94:b4:31:e4:d1:12:2b:8e:3b:65:fc:09:e3:62:d1:
                    b6:2d:dd:dd:07:a1:57:5a:22:7b:90:06:4a:d0:08:
                    5f:c6:06:e0:94:0f:9c:6e:ba:cb:71:05:c3:f8:14:
                    3e:24:5b:ec:99:b8:5f:81:63:d4:a7:7c:a1:87:5c:
                    2c:22:91:2e:6f:df:5a:c9:22:ab:2a:75:55:29:b7:
                    15:dc:c0:7b:0c:b0:8a:1d:bc:03:2e:c3:95:36:dc:
                    8a:4a:74:37:03:78:06:6f:cc:84:86:72:57:7d:6c:
                    2e:42:2f:aa:10:1b:b0:90:b6:fb:d9:ab:15:d5:4d:
                    c0:71:f2:64:88:de:22:c1:3b:e3:d6:27:d4:37:fa:
                    2d:8b:b9:44:0d:8b:39:8b:9d:05:1a:54:bd:f1:1d:
                    24:08:d4:bb:eb:a6:d3:c0:4e:16:7f:74:6d:6a:e3:
                    27:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:ED:F1:00:9D:62:02:1E:38:C6:29:71:58:B3:CA:2D:16:B4:70:43
            X509v3 Authority Key Identifier:
                keyid:18:6A:FA:2B:87:CE:D3:58:23:D5:A2:CC:0A:08:44:E7:A1:51:6B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GGr6K4fO01gj1aLMCghE56FRa_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/efb13b-5dbc-411b-b238-655d53698fda/1/GGr6K4fO01gj1aLMCghE56FRa_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:a4:2a:e3:ee:79:ea:c9:aa:3d:88:78:ff:1e:81:0d:e9:c9:
         6c:44:14:3a:84:24:91:6f:ff:a7:42:ee:11:82:6a:c8:6f:ff:
         d8:60:79:30:35:65:60:33:c3:f7:f5:52:52:94:98:47:ff:5e:
         be:8e:0a:04:e0:91:eb:c5:68:10:22:9d:0b:c1:55:0a:26:ca:
         e3:57:60:34:5b:64:cc:26:ab:9a:e8:bb:ab:62:4d:7b:41:96:
         83:ec:2f:e5:a4:02:4c:cf:db:02:02:06:a7:bd:af:6c:41:b4:
         af:b6:d9:0d:f7:9d:10:c4:b1:c0:91:c9:d1:da:45:6c:31:b3:
         52:98:a2:f9:54:b6:ac:8a:3a:40:97:1d:6e:8f:a9:27:7d:4b:
         69:6c:f5:05:21:c9:54:40:48:eb:c3:c3:d2:75:59:10:40:01:
         a9:e0:94:d6:8d:e6:68:44:83:f9:c8:a3:1e:36:d9:4f:1f:67:
         43:9d:30:fc:39:9f:4f:c1:55:66:96:2e:c6:37:39:e4:25:82:
         e8:96:09:05:83:9a:69:d9:6a:ff:8e:39:5e:dd:c1:8f:92:be:
         f8:c0:da:8b:92:83:da:6e:f2:02:e7:de:c3:8c:7d:11:45:bd:
         a5:ca:9f:8f:9f:7f:86:47:de:69:88:f1:7c:4a:84:92:20:05:
         6d:03:c1:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kGLcHd8JWthEqyFHPPMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NmFmYTJiODdjZWQzNTgyM2Q1YTJjYzBhMDg0NGU3YTE1
MTZiZjMwHhcNMjUwNjI4MjIwMjM5WhcNMjUwNjI5MjIwMjM5WjAzMTEwLwYDVQQD
EygzYWVkZjEwMDlkNjIwMjFlMzhjNjI5NzE1OGIzY2EyZDE2YjQ3MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgVcf3XW8s+UdB5BT/YO4NofAnGd
tq6nsCRlgKxhrbpPMGWoHyjU9DACNSn2efjXbZiByp1Hwi9UoS8RK6RbfYxJAElk
6c9LI/ru0t2rJES+HZH+qSl704WUtDHk0RIrjjtl/AnjYtG2Ld3dB6FXWiJ7kAZK
0AhfxgbglA+cbrrLcQXD+BQ+JFvsmbhfgWPUp3yhh1wsIpEub99aySKrKnVVKbcV
3MB7DLCKHbwDLsOVNtyKSnQ3A3gGb8yEhnJXfWwuQi+qEBuwkLb72asV1U3AcfJk
iN4iwTvj1ifUN/oti7lEDYs5i50FGlS98R0kCNS766bTwE4Wf3RtauMnCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrt8QCdYgIeOMYpcVizyi0WtHBDMB8GA1UdIwQY
MBaAFBhq+iuHztNYI9WizAoIROehUWvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgt
NjU1ZDUzNjk4ZmRhLzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lZmIxM2ItNWRiYy00MTFiLWIyMzgtNjU1ZDUzNjk4ZmRh
LzEvR0dyNks0Zk8wMWdqMWFMTUNnaEU1NkZSYV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqQq4+55
6smqPYh4/x6BDenJbEQUOoQkkW//p0LuEYJqyG//2GB5MDVlYDPD9/VSUpSYR/9e
vo4KBOCR68VoECKdC8FVCibK41dgNFtkzCarmui7q2JNe0GWg+wv5aQCTM/bAgIG
p72vbEG0r7bZDfedEMSxwJHJ0dpFbDGzUpii+VS2rIo6QJcdbo+pJ31LaWz1BSHJ
VEBI68PD0nVZEEABqeCU1o3maESD+cijHjbZTx9nQ50w/DmfT8FVZpYuxjc55CWC
6JYJBYOaadlq/445Xt3Bj5K++MDai5KD2m7yAufew4x9EUW9pcqfj59/hkfeaYjx
fEqEkiAFbQPBwQ==
-----END CERTIFICATE-----