Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
File:                     G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json)
Hash identifier:          Xqa0A7cSaSAZJyPtOpfZA3T4DuZDTQSZaWyzAINcDM8=
Subject key identifier:   18:17:E8:CD:3F:B6:7A:C1:95:1D:94:BB:E2:5B:03:0C:68:9B:FC:88
Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6
Certificate issuer:       /CN=1b934577cb49d8d231b74c550726f3387e026cf6
Certificate serial:       0198D472864FCD3B1FE1A43089D6408BF5A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:02:11 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:11 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:11 +0000
Files and hashes:         1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: f23q/OVc4+W+jERY6RRN6gPVsHIfMD4nXNHSVl/Xuuo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:86:4f:cd:3b:1f:e1:a4:30:89:d6:40:8b:f5:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6
        Validity
            Not Before: Aug 23 01:02:11 2025 GMT
            Not After : Aug 24 01:02:11 2025 GMT
        Subject: CN=1817e8cd3fb67ac1951d94bbe25b030c689bfc88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:2a:fd:b1:b7:6b:0e:39:26:e0:0f:bf:8f:e6:
                    0e:af:5f:aa:eb:12:5f:30:ff:b7:45:fb:db:d9:09:
                    c1:5c:3b:ca:ce:41:31:87:fe:cf:f4:f6:e7:35:97:
                    4d:4f:2c:92:90:7a:a9:42:39:10:8a:9a:81:6d:e6:
                    4b:da:ba:f3:63:75:ea:a6:e1:e5:d3:ad:34:8d:6b:
                    a6:b5:29:fb:3c:49:8a:9a:c3:cd:19:d1:31:f9:04:
                    a4:04:f8:96:63:c5:65:f8:1b:d5:5e:f6:c0:f9:be:
                    42:a3:e3:a8:61:03:bf:c6:da:e6:27:5e:ce:5d:e2:
                    eb:f9:79:d3:d9:e3:a3:d4:73:d9:cb:fd:4c:e0:c0:
                    42:b7:0a:c4:8f:3e:03:67:db:2d:3d:a1:25:8b:83:
                    45:08:f1:ec:a2:b0:9b:5d:0b:a0:ae:43:1e:b2:52:
                    e5:82:8c:5f:9d:51:4e:2d:33:7a:be:7a:00:40:60:
                    ec:fa:37:5c:56:58:20:6a:9f:c9:80:5d:c0:04:7a:
                    f9:51:ce:88:ea:56:a2:18:a9:6b:cb:e2:e8:55:97:
                    08:53:d4:28:53:0e:43:59:d2:73:f4:6b:62:b6:d9:
                    4d:47:13:6b:7b:d8:61:58:90:f3:b6:0d:f4:d3:4a:
                    0f:2a:64:88:57:b7:ae:a7:ee:ab:6c:00:c3:d0:5f:
                    83:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:17:E8:CD:3F:B6:7A:C1:95:1D:94:BB:E2:5B:03:0C:68:9B:FC:88
            X509v3 Authority Key Identifier:
                keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:04:c4:67:65:0a:e8:3d:db:c2:c5:6d:e6:a4:d1:df:15:68:
         6b:7c:7a:68:a4:e4:aa:44:10:01:49:41:da:d1:4f:d7:22:11:
         41:14:9c:50:24:7a:31:87:2f:ff:43:a8:bb:f8:d6:95:2c:c2:
         f0:a4:6f:7a:c2:8d:97:73:ff:db:46:e4:23:d0:4f:aa:26:47:
         a1:20:32:8b:96:e7:d2:d9:37:7e:eb:6a:c1:31:e4:4a:c7:ca:
         58:a2:5e:22:06:82:26:ed:df:76:f4:93:40:45:5a:be:83:d6:
         c7:05:cc:db:bc:59:49:68:67:5d:bc:95:f5:6f:d4:ff:24:2b:
         f7:35:7e:f3:59:bc:ab:03:a6:39:14:45:3e:54:16:02:8b:1e:
         37:2a:41:56:bb:b7:06:77:d4:d4:da:5c:1d:10:86:b2:71:98:
         8b:97:63:2c:96:55:d0:09:2b:a1:cf:b3:a7:40:3c:95:8e:ed:
         a9:6c:5b:f2:8b:e5:01:9a:74:63:1c:df:8d:99:e0:e3:1c:21:
         00:17:9e:9d:9a:63:75:cb:9f:62:ef:a3:d7:ea:ce:cd:15:33:
         82:94:62:88:95:e5:a5:48:7b:f4:0f:bd:7a:c5:fc:ea:cd:83:
         be:10:21:d3:e5:3e:8f:86:30:6a:75:ac:c9:10:65:75:05:6d:
         02:51:80:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcoZPzTsf4aQwidZAi/WmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw
MjZjZjYwHhcNMjUwODIzMDEwMjExWhcNMjUwODI0MDEwMjExWjAzMTEwLwYDVQQD
EygxODE3ZThjZDNmYjY3YWMxOTUxZDk0YmJlMjViMDMwYzY4OWJmYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ir9sbdrDjkm4A+/j+YOr1+q6xJf
MP+3Rfvb2QnBXDvKzkExh/7P9PbnNZdNTyySkHqpQjkQipqBbeZL2rrzY3XqpuHl
0600jWumtSn7PEmKmsPNGdEx+QSkBPiWY8Vl+BvVXvbA+b5Co+OoYQO/xtrmJ17O
XeLr+XnT2eOj1HPZy/1M4MBCtwrEjz4DZ9stPaEli4NFCPHsorCbXQugrkMeslLl
goxfnVFOLTN6vnoAQGDs+jdcVlggap/JgF3ABHr5Uc6I6laiGKlry+LoVZcIU9Qo
Uw5DWdJz9GtittlNRxNre9hhWJDztg3000oPKmSIV7eup+6rbADD0F+D5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgX6M0/tnrBlR2Uu+JbAwxom/yIMB8GA1UdIwQY
MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt
MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh
LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARATEZ2UK
6D3bwsVt5qTR3xVoa3x6aKTkqkQQAUlB2tFP1yIRQRScUCR6MYcv/0Oou/jWlSzC
8KRvesKNl3P/20bkI9BPqiZHoSAyi5bn0tk3futqwTHkSsfKWKJeIgaCJu3fdvST
QEVavoPWxwXM27xZSWhnXbyV9W/U/yQr9zV+81m8qwOmORRFPlQWAoseNypBVru3
BnfU1NpcHRCGsnGYi5djLJZV0Akroc+zp0A8lY7tqWxb8ovlAZp0YxzfjZng4xwh
ABeenZpjdcufYu+j1+rOzRUzgpRiiJXlpUh79A+9esX86s2DvhAh0+U+j4YwanWs
yRBldQVtAlGAPg==
-----END CERTIFICATE-----