Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          LY+71F8yDNlwQLJqlI1HQoMo3WfbTBFtDJqhhCECZy0=
Subject key identifier:   68:AE:C3:23:81:84:48:4F:32:1B:E0:2C:0F:77:52:9B:AA:51:5E:3C
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       0199FC590893F793AB200D40BBC6EFDC28C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:57 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:57 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:57 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: TSb6HXuYFG8NdP1nSuI3WxM5h2A9ILw1MmoXSkPwZo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:08:93:f7:93:ab:20:0d:40:bb:c6:ef:dc:28:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Oct 19 12:01:57 2025 GMT
            Not After : Oct 20 12:01:57 2025 GMT
        Subject: CN=68aec3238184484f321be02c0f77529baa515e3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d8:07:a9:b7:99:66:21:fe:1b:88:b1:c7:65:
                    2e:3e:dc:1c:33:b0:45:75:e9:93:1f:8a:5d:85:08:
                    69:3b:c3:38:26:61:62:41:52:99:f4:aa:66:06:c5:
                    0a:54:24:55:2b:13:fb:e1:38:93:0a:e7:c7:eb:87:
                    e6:33:18:b3:ba:29:87:57:be:ee:41:fa:65:59:76:
                    c5:76:ca:2d:79:c2:9a:fe:15:60:60:28:a0:f1:db:
                    bb:07:c7:56:b0:9c:e5:8c:f9:8a:47:c0:df:1f:20:
                    23:db:a1:f9:03:e6:7c:95:4c:25:c8:98:1f:f5:cd:
                    fc:a2:6b:c3:82:a0:c1:e2:0c:6b:54:86:6d:29:0c:
                    fe:26:bc:3b:56:4b:40:45:b9:41:69:6c:07:73:48:
                    f8:8c:3e:e6:ea:e0:a2:86:b2:e5:66:b0:3f:d7:0c:
                    b5:69:72:f9:ce:b3:5e:66:32:b7:1c:e6:09:f0:f2:
                    4e:17:52:2e:3b:07:45:39:92:7a:d7:3c:12:5f:60:
                    49:2a:85:76:58:d8:39:6c:a1:84:36:dc:51:b6:31:
                    52:ac:14:94:09:b7:c3:b2:85:66:d6:e7:47:4b:25:
                    6c:06:71:e1:f7:a1:5b:af:9b:be:7a:36:8e:a9:82:
                    72:6d:9f:3c:3f:21:69:b2:63:45:d0:2e:9f:68:54:
                    e7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:AE:C3:23:81:84:48:4F:32:1B:E0:2C:0F:77:52:9B:AA:51:5E:3C
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:67:73:d0:8e:a5:7c:b4:bc:09:f2:93:ec:0d:dc:d8:09:cd:
         fd:ad:38:88:f9:7f:f3:65:c0:e9:9e:08:a4:49:81:08:8b:f3:
         58:eb:a9:08:80:3a:9b:ab:56:c9:e7:f3:7d:7e:fa:fc:5f:4c:
         74:22:20:c3:5d:e5:80:f6:60:c6:4e:bc:dc:62:62:f4:e9:34:
         75:81:5f:82:95:27:5d:2b:81:5d:f6:c3:8f:ff:69:d0:ab:70:
         b4:3d:78:e8:37:55:12:ae:23:63:c9:d3:d7:f5:c8:9a:c6:01:
         b4:4e:a0:db:bd:18:ba:5c:74:33:f0:14:d3:59:90:b9:de:14:
         19:a2:bf:02:01:e7:20:da:7f:39:41:3c:10:4f:7a:bc:ba:2b:
         2d:9d:f8:97:49:0d:75:ec:c2:22:39:77:88:47:c5:d3:cf:9b:
         23:d1:39:58:ab:dc:53:28:29:9b:4c:28:f8:69:0f:fd:d4:6e:
         ce:a2:eb:4b:22:9d:41:d4:18:34:ef:59:dd:7a:14:ee:e4:1a:
         5e:89:72:1c:d7:fd:63:4c:0c:a5:fd:14:a2:8c:f8:4c:78:8f:
         ca:76:ad:26:10:42:c8:c7:1e:0a:b9:f4:f9:fd:74:e0:0a:fb:
         10:da:4e:93:57:e2:6c:fe:39:e1:aa:60:dd:00:55:a8:f0:79:
         c2:c9:ac:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WQiT95OrIA1Au8bv3CjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUxMDE5MTIwMTU3WhcNMjUxMDIwMTIwMTU3WjAzMTEwLwYDVQQD
Eyg2OGFlYzMyMzgxODQ0ODRmMzIxYmUwMmMwZjc3NTI5YmFhNTE1ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdgHqbeZZiH+G4ixx2UuPtwcM7BF
demTH4pdhQhpO8M4JmFiQVKZ9KpmBsUKVCRVKxP74TiTCufH64fmMxizuimHV77u
QfplWXbFdsotecKa/hVgYCig8du7B8dWsJzljPmKR8DfHyAj26H5A+Z8lUwlyJgf
9c38omvDgqDB4gxrVIZtKQz+Jrw7VktARblBaWwHc0j4jD7m6uCihrLlZrA/1wy1
aXL5zrNeZjK3HOYJ8PJOF1IuOwdFOZJ61zwSX2BJKoV2WNg5bKGENtxRtjFSrBSU
CbfDsoVm1udHSyVsBnHh96Fbr5u+ejaOqYJybZ88PyFpsmNF0C6faFTnMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiuwyOBhEhPMhvgLA93UpuqUV48MB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu2dz0I6l
fLS8CfKT7A3c2AnN/a04iPl/82XA6Z4IpEmBCIvzWOupCIA6m6tWyefzfX76/F9M
dCIgw13lgPZgxk683GJi9Ok0dYFfgpUnXSuBXfbDj/9p0KtwtD146DdVEq4jY8nT
1/XImsYBtE6g270Yulx0M/AU01mQud4UGaK/AgHnINp/OUE8EE96vLorLZ34l0kN
dezCIjl3iEfF08+bI9E5WKvcUygpm0wo+GkP/dRuzqLrSyKdQdQYNO9Z3XoU7uQa
XolyHNf9Y0wMpf0Uooz4THiPynatJhBCyMceCrn0+f104Ar7ENpOk1fibP454apg
3QBVqPB5wsmsBQ==
-----END CERTIFICATE-----