Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
File:                     G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json)
Hash identifier:          /an5HDENiQ1UB4eUJh0Sh/fMlF7x5DfEP5CQ63YhvRU=
Subject key identifier:   F3:30:59:59:5D:7E:3C:4A:59:0C:7A:9E:08:90:E5:E0:85:C7:EE:3A
Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6
Certificate issuer:       /CN=1b934577cb49d8d231b74c550726f3387e026cf6
Certificate serial:       0197B88F4E10BF55CA0C88B0713116F0DCDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 22:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:28 +0000
Files and hashes:         1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: xJz9R18mJ/UNQDAq6cD2CPqsys5FqVH5uXngej2baAA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:4e:10:bf:55:ca:0c:88:b0:71:31:16:f0:dc:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6
        Validity
            Not Before: Jun 28 22:01:28 2025 GMT
            Not After : Jun 29 22:01:28 2025 GMT
        Subject: CN=f33059595d7e3c4a590c7a9e0890e5e085c7ee3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ff:e6:4e:9b:99:9d:5a:2b:1f:e1:c8:dd:ac:
                    16:f3:e3:ec:dc:c7:10:92:c5:33:40:db:07:68:d3:
                    b4:a9:41:32:b9:5e:ae:8d:65:6f:c7:01:df:70:73:
                    c0:e8:ac:fc:5e:35:11:89:17:d9:be:c1:b0:1c:ea:
                    9c:62:6e:6c:39:f6:e2:31:68:9c:1c:0e:9a:a7:c2:
                    4b:3e:2b:74:88:0f:43:67:c6:b7:58:8f:24:62:69:
                    aa:a0:d4:4b:7b:28:4a:fb:b4:7d:ab:6c:ea:a5:55:
                    39:fa:e5:34:7d:16:99:8d:2a:d5:6d:4c:19:7d:21:
                    37:af:24:98:41:28:0f:fe:36:9b:51:cc:2d:e9:1f:
                    e2:d8:45:3f:bb:10:97:b7:f9:68:ca:1f:4b:54:ad:
                    68:fa:cc:cd:c4:0f:00:92:10:49:58:f5:56:9b:7a:
                    8e:6c:d6:71:e0:3b:74:1b:4b:44:cd:a7:95:76:ab:
                    2d:5c:9c:4a:ef:42:94:00:3d:8d:23:60:00:e3:c9:
                    ce:44:aa:de:80:50:6f:91:3c:19:e2:6b:b4:b5:22:
                    0f:0b:95:bc:b6:dc:81:32:2c:77:28:00:c2:36:8f:
                    23:6b:bd:9f:3e:9b:0c:e3:eb:91:17:01:c1:6d:c1:
                    99:30:4b:71:71:98:c4:71:44:10:74:8c:a4:3e:21:
                    b3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:30:59:59:5D:7E:3C:4A:59:0C:7A:9E:08:90:E5:E0:85:C7:EE:3A
            X509v3 Authority Key Identifier:
                keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:e4:9c:ad:de:09:47:78:74:95:04:5a:7d:f9:4c:41:55:fd:
         9e:fb:c1:ae:b1:c6:09:c2:5b:bc:cd:2a:b6:7c:e6:a5:ec:ea:
         a1:5e:47:e0:fd:e5:2d:10:00:35:42:69:41:6f:d5:f3:1b:ac:
         67:58:e8:67:d9:a7:a2:4a:17:e4:61:aa:fd:88:f5:b4:7a:ca:
         c0:e3:79:6d:80:ca:80:80:a8:49:93:2f:ae:d3:1e:74:ba:66:
         4d:a0:20:04:a7:e7:95:f6:fb:a4:a3:60:c9:0e:f4:4f:f3:0f:
         aa:8f:12:38:86:63:a3:03:fe:92:43:99:34:8d:09:32:52:41:
         7c:35:1b:5a:59:70:49:e3:35:8e:63:a7:2c:e4:a4:ef:dc:7c:
         22:4e:8b:81:2d:9d:35:ec:66:2a:9b:fc:b7:f0:a8:21:e8:ae:
         2c:b0:53:19:7a:b7:99:77:47:ab:ac:24:e4:6f:86:82:cd:82:
         46:f8:2e:85:07:b4:9b:a6:dd:71:33:a5:28:02:5d:fe:a6:bd:
         28:7c:9b:af:72:d6:a3:43:d2:97:bb:b3:a1:9d:64:95:87:87:
         50:03:0c:09:74:93:a0:43:88:85:d2:e8:3a:e3:df:ce:fa:41:
         f4:31:1a:9d:0e:f3:8e:91:8a:49:1c:73:82:23:7f:7b:12:82:
         0c:ca:db:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j04Qv1XKDIiwcTEW8NzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw
MjZjZjYwHhcNMjUwNjI4MjIwMTI4WhcNMjUwNjI5MjIwMTI4WjAzMTEwLwYDVQQD
EyhmMzMwNTk1OTVkN2UzYzRhNTkwYzdhOWUwODkwZTVlMDg1YzdlZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx//mTpuZnVorH+HI3awW8+Ps3McQ
ksUzQNsHaNO0qUEyuV6ujWVvxwHfcHPA6Kz8XjURiRfZvsGwHOqcYm5sOfbiMWic
HA6ap8JLPit0iA9DZ8a3WI8kYmmqoNRLeyhK+7R9q2zqpVU5+uU0fRaZjSrVbUwZ
fSE3rySYQSgP/jabUcwt6R/i2EU/uxCXt/loyh9LVK1o+szNxA8AkhBJWPVWm3qO
bNZx4Dt0G0tEzaeVdqstXJxK70KUAD2NI2AA48nORKregFBvkTwZ4mu0tSIPC5W8
ttyBMix3KADCNo8ja72fPpsM4+uRFwHBbcGZMEtxcZjEcUQQdIykPiGznQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMwWVldfjxKWQx6ngiQ5eCFx+46MB8GA1UdIwQY
MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt
MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh
LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeScrd4J
R3h0lQRafflMQVX9nvvBrrHGCcJbvM0qtnzmpezqoV5H4P3lLRAANUJpQW/V8xus
Z1joZ9mnokoX5GGq/Yj1tHrKwON5bYDKgICoSZMvrtMedLpmTaAgBKfnlfb7pKNg
yQ70T/MPqo8SOIZjowP+kkOZNI0JMlJBfDUbWllwSeM1jmOnLOSk79x8Ik6LgS2d
NexmKpv8t/CoIeiuLLBTGXq3mXdHq6wk5G+Ggs2CRvguhQe0m6bdcTOlKAJd/qa9
KHybr3LWo0PSl7uzoZ1klYeHUAMMCXSToEOIhdLoOuPfzvpB9DEanQ7zjpGKSRxz
giN/exKCDMrbCg==
-----END CERTIFICATE-----