Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          BzPch4iz2ZpZWY+MNw9B08iA855JjknRUkR5c7GkCXc=
Subject key identifier:   07:03:BF:64:FB:5F:D0:42:79:0D:D8:2B:29:E1:B3:C6:F9:22:62:8D
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       0198D4DFF929E77AE41D3E75B4F0E864C5FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:01:44 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:44 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:44 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: 4X6JeRCgn1j+BtvbTrUpPs2wAXXX33+PEiHhrP8bbxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:f9:29:e7:7a:e4:1d:3e:75:b4:f0:e8:64:c5:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Aug 23 03:01:44 2025 GMT
            Not After : Aug 24 03:01:44 2025 GMT
        Subject: CN=0703bf64fb5fd042790dd82b29e1b3c6f922628d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:85:14:e6:e5:40:44:64:0b:81:a7:76:55:7d:
                    b7:37:43:4c:d8:e1:c4:d3:ef:05:a5:ff:4a:8d:61:
                    df:a9:c7:eb:ef:cf:64:1d:b0:2a:c6:00:b4:88:8d:
                    45:ed:97:8b:28:56:3e:85:f3:93:42:09:48:cb:0b:
                    08:f8:2a:4b:65:ca:86:b0:7e:2b:9e:bb:34:6d:15:
                    88:cf:e9:25:f7:09:05:04:21:08:d9:e0:78:5b:be:
                    52:54:5d:38:13:83:b4:0b:8c:49:2f:61:54:b4:05:
                    dc:6b:f2:b1:2f:8d:a9:63:83:b3:6e:f3:32:21:f7:
                    b5:b4:29:8b:2b:a6:65:32:72:fd:84:9b:25:f7:64:
                    1b:2e:de:1d:ea:40:67:e1:f7:a0:ca:22:67:b4:91:
                    a0:d8:6a:72:ba:cc:83:61:cc:00:bb:f3:0e:18:61:
                    78:1d:65:f8:56:ed:42:f2:ba:76:d0:e0:c5:24:8c:
                    1d:a3:4e:59:67:87:d5:99:5d:63:5b:c6:e1:57:be:
                    3f:4b:a0:f1:79:d0:98:ee:7b:15:e3:50:79:d1:09:
                    1f:e9:88:35:23:0d:4d:7a:e8:6f:57:b9:3c:03:b8:
                    c2:99:65:fd:01:14:a6:11:2f:0c:26:50:d8:80:2e:
                    19:da:6b:7e:6b:7b:b3:ff:b9:ba:27:11:28:1e:4f:
                    43:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:03:BF:64:FB:5F:D0:42:79:0D:D8:2B:29:E1:B3:C6:F9:22:62:8D
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:e5:84:0e:9a:ab:8a:ce:4b:88:40:e1:d9:c4:90:d0:3a:bd:
         24:4c:4b:78:7d:d7:79:0e:94:9b:34:8f:ed:55:6e:e2:2b:16:
         5f:e4:32:c1:93:e1:6d:a7:e7:6b:c4:f6:3b:a5:63:19:97:8f:
         df:af:5c:11:52:09:f4:12:23:b4:fc:b8:9f:c5:90:e8:28:02:
         6d:03:e9:5f:0c:d6:ef:49:47:67:cd:c3:34:75:12:de:5e:7a:
         05:87:5f:de:07:6a:02:dc:86:19:76:1c:7e:af:7c:52:14:0b:
         c6:28:85:98:e0:b1:15:a0:78:d0:7d:f1:dd:c9:32:fb:00:00:
         8a:c0:ac:86:3e:5c:ea:a1:1a:5f:ec:36:13:85:bb:23:cb:de:
         7d:fc:e9:fa:51:5d:04:d2:a5:7d:db:c3:74:ce:93:76:13:ae:
         d7:a9:07:7a:9a:a2:8f:6f:11:a0:33:ab:ce:47:bb:c3:97:1b:
         23:03:0c:fe:a9:68:93:72:f9:a0:9f:92:76:3b:ab:57:a2:d6:
         a0:22:5d:c2:07:08:8e:72:46:55:3f:4b:4f:f7:24:7e:71:d0:
         ae:31:0c:ab:9a:d6:85:da:23:84:ae:40:0e:b7:60:ba:ba:5a:
         23:90:94:02:9f:e2:43:d5:cb:29:b6:b4:eb:97:65:81:e4:6a:
         51:82:db:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3/kp53rkHT51tPDoZMX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUwODIzMDMwMTQ0WhcNMjUwODI0MDMwMTQ0WjAzMTEwLwYDVQQD
EygwNzAzYmY2NGZiNWZkMDQyNzkwZGQ4MmIyOWUxYjNjNmY5MjI2MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64UU5uVARGQLgad2VX23N0NM2OHE
0+8Fpf9KjWHfqcfr789kHbAqxgC0iI1F7ZeLKFY+hfOTQglIywsI+CpLZcqGsH4r
nrs0bRWIz+kl9wkFBCEI2eB4W75SVF04E4O0C4xJL2FUtAXca/KxL42pY4OzbvMy
Ife1tCmLK6ZlMnL9hJsl92QbLt4d6kBn4fegyiJntJGg2GpyusyDYcwAu/MOGGF4
HWX4Vu1C8rp20ODFJIwdo05ZZ4fVmV1jW8bhV74/S6DxedCY7nsV41B50Qkf6Yg1
Iw1NeuhvV7k8A7jCmWX9ARSmES8MJlDYgC4Z2mt+a3uz/7m6JxEoHk9DNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcDv2T7X9BCeQ3YKynhs8b5ImKNMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAueWEDpqr
is5LiEDh2cSQ0Dq9JExLeH3XeQ6UmzSP7VVu4isWX+QywZPhbafna8T2O6VjGZeP
369cEVIJ9BIjtPy4n8WQ6CgCbQPpXwzW70lHZ83DNHUS3l56BYdf3gdqAtyGGXYc
fq98UhQLxiiFmOCxFaB40H3x3cky+wAAisCshj5c6qEaX+w2E4W7I8veffzp+lFd
BNKlfdvDdM6TdhOu16kHepqij28RoDOrzke7w5cbIwMM/qlok3L5oJ+SdjurV6LW
oCJdwgcIjnJGVT9LT/ckfnHQrjEMq5rWhdojhK5ADrdgurpaI5CUAp/iQ9XLKba0
65dlgeRqUYLbzw==
-----END CERTIFICATE-----