Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          G2ikNnrKpHCBfQST9Z4LSGpmSvxXBEhmYBfLcGIlW7I=
Subject key identifier:   6B:C8:F2:EE:F6:5A:34:FF:0E:7A:A3:2A:9C:7E:5B:93:CC:25:77:6B
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       0196C1CAE5BB34A6A19AB8CBA16B72165D76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          1533
Signing time:             Mon 12 May 2025 00:00:21 +0000
Manifest this update:     Mon 12 May 2025 00:00:21 +0000
Manifest next update:     Tue 13 May 2025 00:00:21 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: 7Jp9mO4kig2+AJTq56huoisLEU9InPHaartOMwHtUEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:ca:e5:bb:34:a6:a1:9a:b8:cb:a1:6b:72:16:5d:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: May 12 00:00:21 2025 GMT
            Not After : May 13 00:00:21 2025 GMT
        Subject: CN=6bc8f2eef65a34ff0e7aa32a9c7e5b93cc25776b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2d:95:f3:93:77:41:61:38:aa:21:47:56:42:
                    f9:7d:6f:bc:18:b5:13:36:d6:b0:48:c1:0e:97:7c:
                    8f:fe:ba:9d:9a:47:d7:02:2a:bf:3e:d9:88:8d:00:
                    2e:d9:df:b9:36:f3:b0:e3:0a:3e:db:8e:ef:80:7d:
                    bb:cf:71:6f:bb:f0:04:ae:c8:2d:87:01:0b:72:fb:
                    ac:7e:f4:16:5f:bf:45:5f:0b:a4:fa:d0:c5:f6:e8:
                    b7:d2:d8:7a:30:1c:08:cf:9c:0d:d2:bd:2d:ba:23:
                    49:bb:8e:18:57:e7:68:72:16:ca:05:7d:48:4b:06:
                    a7:3f:88:b7:5f:bc:56:c2:34:9e:a2:e1:2f:06:73:
                    99:9a:57:bb:36:0d:43:88:9b:55:da:ee:bc:3a:08:
                    f4:c0:22:74:30:4d:90:98:36:a8:91:49:9a:62:1c:
                    17:14:79:86:0a:30:8c:75:63:9f:67:77:13:8a:b9:
                    39:4d:48:45:84:fa:63:18:82:92:50:e1:dc:81:92:
                    9c:46:ed:41:48:d7:a4:53:f9:9d:fb:76:ae:5c:09:
                    37:40:a6:71:13:dc:74:28:8e:61:6b:49:bc:8c:20:
                    fe:ae:14:14:d0:57:06:ed:2d:55:60:25:69:bd:bf:
                    f1:86:c4:eb:40:0c:b1:17:c9:42:c0:6c:33:8d:e7:
                    3c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:C8:F2:EE:F6:5A:34:FF:0E:7A:A3:2A:9C:7E:5B:93:CC:25:77:6B
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:75:6d:3f:b7:79:e6:6b:55:df:57:15:99:85:b8:e3:97:47:
         8a:ca:8e:9e:b3:fa:57:65:e4:53:81:27:e9:73:7f:9b:e7:94:
         fc:fb:f9:ba:91:6c:e5:e7:33:f1:ce:b8:d8:b5:fd:e6:69:79:
         90:e9:75:74:6f:4e:7c:30:7b:9b:b4:11:a3:00:f2:7c:01:94:
         58:39:6d:c0:e9:e5:f7:86:18:98:1c:08:9b:0b:a5:c1:16:ac:
         5c:e9:f5:c9:5e:7b:a9:7f:90:63:c7:e4:52:65:89:76:6e:b9:
         6d:41:c7:5c:8f:e0:e1:90:54:e1:7f:5b:98:f1:5e:7d:a9:ac:
         6d:8c:14:f0:0d:8f:e4:b2:b8:48:fa:f2:86:0e:7a:b6:52:81:
         5b:0d:ee:42:6d:f2:f1:bf:e9:dc:c7:fd:7c:86:2b:bd:01:20:
         79:b7:a8:75:92:b3:01:3c:dc:cd:52:ec:34:89:25:ec:74:db:
         f4:59:33:f3:ef:74:d0:8e:c8:89:9e:c6:23:52:70:b7:0c:d2:
         a4:11:d2:77:ed:76:1b:ac:af:38:99:bc:c5:24:90:a6:a0:91:
         3f:01:b5:8e:42:f4:07:ac:ec:41:18:04:de:d6:11:53:b4:99:
         4c:23:e2:d8:e7:67:89:10:40:b3:d3:34:bb:db:59:a9:35:b4:
         63:90:40:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbByuW7NKahmrjLoWtyFl12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUwNTEyMDAwMDIxWhcNMjUwNTEzMDAwMDIxWjAzMTEwLwYDVQQD
Eyg2YmM4ZjJlZWY2NWEzNGZmMGU3YWEzMmE5YzdlNWI5M2NjMjU3NzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC2V85N3QWE4qiFHVkL5fW+8GLUT
NtawSMEOl3yP/rqdmkfXAiq/PtmIjQAu2d+5NvOw4wo+247vgH27z3Fvu/AErsgt
hwELcvusfvQWX79FXwuk+tDF9ui30th6MBwIz5wN0r0tuiNJu44YV+dochbKBX1I
SwanP4i3X7xWwjSeouEvBnOZmle7Ng1DiJtV2u68Ogj0wCJ0ME2QmDaokUmaYhwX
FHmGCjCMdWOfZ3cTirk5TUhFhPpjGIKSUOHcgZKcRu1BSNekU/md+3auXAk3QKZx
E9x0KI5ha0m8jCD+rhQU0FcG7S1VYCVpvb/xhsTrQAyxF8lCwGwzjec8FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvI8u72WjT/DnqjKpx+W5PMJXdrMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknVtP7d5
5mtV31cVmYW445dHisqOnrP6V2XkU4En6XN/m+eU/Pv5upFs5ecz8c642LX95ml5
kOl1dG9OfDB7m7QRowDyfAGUWDltwOnl94YYmBwImwulwRasXOn1yV57qX+QY8fk
UmWJdm65bUHHXI/g4ZBU4X9bmPFefamsbYwU8A2P5LK4SPryhg56tlKBWw3uQm3y
8b/p3Mf9fIYrvQEgebeodZKzATzczVLsNIkl7HTb9Fkz8+900I7IiZ7GI1JwtwzS
pBHSd+12G6yvOJm8xSSQpqCRPwG1jkL0B6zsQRgE3tYRU7SZTCPi2OdniRBAs9M0
u9tZqTW0Y5BAtg==
-----END CERTIFICATE-----