Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          inQtAw/AccAseNEfPt3HG6j4+ZkzzmV5SNmrZx2hCAQ=
Subject key identifier:   BB:70:C4:39:89:5A:C1:D5:05:3D:53:0D:84:E6:2F:E8:EB:3C:89:1B
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       0197B8FD8D7523FB7ADBA51197ACBE0BF560
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          15B3
Signing time:             Sun 29 Jun 2025 00:01:53 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:53 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:53 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: f6cSPxbDWuaa3l7enIwvIwquRif7RT13BKRDunUZ2AA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:8d:75:23:fb:7a:db:a5:11:97:ac:be:0b:f5:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Jun 29 00:01:53 2025 GMT
            Not After : Jun 30 00:01:53 2025 GMT
        Subject: CN=bb70c439895ac1d5053d530d84e62fe8eb3c891b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ff:4b:52:44:e5:c7:dd:31:52:78:2a:65:f5:
                    a3:0f:ea:14:00:e2:46:c2:f6:86:e5:cc:78:ed:92:
                    b3:97:18:d0:50:bf:23:57:fc:78:38:1b:8d:cd:f4:
                    10:d3:ce:e4:fd:65:b9:10:8c:95:84:1b:6e:2f:38:
                    61:cf:36:1d:24:dd:e1:3d:1c:8a:3d:c0:8f:31:be:
                    be:11:e9:24:b3:46:13:63:29:a7:ed:62:cf:b6:26:
                    eb:7c:0c:c8:7a:62:92:f4:04:f7:39:82:dd:d6:e9:
                    66:8e:7e:20:19:80:6e:fe:49:5d:56:2b:a2:60:8f:
                    9c:73:0e:8e:d5:7f:33:4f:6c:86:48:e9:9a:61:6f:
                    2d:0f:23:7a:48:66:e1:80:82:d4:6b:5d:ca:dd:ca:
                    a6:e3:14:91:d3:6d:1e:43:7d:94:96:f5:30:85:fe:
                    e4:f7:20:51:9d:49:23:6c:de:6e:2b:a6:32:83:81:
                    88:b9:61:19:f7:f2:a6:28:25:92:b4:22:27:6b:11:
                    2f:fd:4f:92:49:6f:6e:59:8f:79:62:f1:cb:de:65:
                    02:16:c0:e9:ad:5c:1e:7f:7d:93:44:b0:07:32:86:
                    96:6b:10:7e:c5:44:b5:b0:3f:21:b7:54:39:28:b1:
                    62:a6:d8:aa:4e:c6:3a:7b:62:5c:f3:df:be:47:00:
                    09:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:70:C4:39:89:5A:C1:D5:05:3D:53:0D:84:E6:2F:E8:EB:3C:89:1B
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:64:19:29:0c:6a:93:80:03:6f:06:39:26:93:df:b9:bb:bd:
         27:3d:6e:03:48:3c:52:fd:7f:40:75:38:22:42:ea:56:0e:14:
         0f:c7:86:40:b3:f9:3d:b3:7f:92:d1:cb:dd:d2:86:32:e8:ae:
         9e:91:16:50:bf:43:c8:65:00:72:57:3d:ab:5e:04:dd:f0:4d:
         35:9d:c0:b1:22:c4:c6:98:1e:17:60:13:c5:e5:e6:cb:e6:8c:
         18:9e:e1:f2:53:8f:4e:af:5c:5e:7c:44:3a:0c:7a:e2:94:fb:
         1f:b2:e8:3a:dc:48:01:91:92:66:94:44:26:9d:53:18:2f:71:
         1f:b3:25:41:07:79:5a:17:dd:cf:cb:b4:f0:30:80:33:69:1a:
         22:a0:2d:24:18:69:e9:41:f4:1b:0b:85:44:ad:8f:98:84:30:
         65:48:f5:44:46:71:1f:42:58:cd:7e:34:43:2d:54:1c:06:6e:
         29:b4:89:db:28:44:9c:e6:ad:11:07:a8:9b:4c:8a:a5:2a:9f:
         c7:39:b5:fc:69:48:d6:8d:90:a4:b9:77:c7:56:25:df:cc:a5:
         8c:f9:18:08:29:ec:9a:50:13:ac:15:91:9d:9a:05:b2:d6:50:
         b5:20:8f:dd:59:d5:17:e9:f2:db:fb:07:fb:c1:4a:61:01:d7:
         f6:99:a8:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/Y11I/t626URl6y+C/VgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUwNjI5MDAwMTUzWhcNMjUwNjMwMDAwMTUzWjAzMTEwLwYDVQQD
EyhiYjcwYzQzOTg5NWFjMWQ1MDUzZDUzMGQ4NGU2MmZlOGViM2M4OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv9LUkTlx90xUngqZfWjD+oUAOJG
wvaG5cx47ZKzlxjQUL8jV/x4OBuNzfQQ087k/WW5EIyVhBtuLzhhzzYdJN3hPRyK
PcCPMb6+Eekks0YTYymn7WLPtibrfAzIemKS9AT3OYLd1ulmjn4gGYBu/kldViui
YI+ccw6O1X8zT2yGSOmaYW8tDyN6SGbhgILUa13K3cqm4xSR020eQ32UlvUwhf7k
9yBRnUkjbN5uK6Yyg4GIuWEZ9/KmKCWStCInaxEv/U+SSW9uWY95YvHL3mUCFsDp
rVwef32TRLAHMoaWaxB+xUS1sD8ht1Q5KLFiptiqTsY6e2Jc89++RwAJzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtwxDmJWsHVBT1TDYTmL+jrPIkbMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWQZKQxq
k4ADbwY5JpPfubu9Jz1uA0g8Uv1/QHU4IkLqVg4UD8eGQLP5PbN/ktHL3dKGMuiu
npEWUL9DyGUAclc9q14E3fBNNZ3AsSLExpgeF2ATxeXmy+aMGJ7h8lOPTq9cXnxE
Ogx64pT7H7LoOtxIAZGSZpREJp1TGC9xH7MlQQd5Whfdz8u08DCAM2kaIqAtJBhp
6UH0GwuFRK2PmIQwZUj1REZxH0JYzX40Qy1UHAZuKbSJ2yhEnOatEQeom0yKpSqf
xzm1/GlI1o2QpLl3x1Yl38yljPkYCCnsmlATrBWRnZoFstZQtSCP3VnVF+ny2/sH
+8FKYQHX9pmotQ==
-----END CERTIFICATE-----