Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          vZqxCmdVqrjsWQmRDAVmE1cR4KoF1zIiMTKJJAUJTno=
Subject key identifier:   47:25:D5:4D:CD:6D:C2:57:DE:21:3B:07:1E:BC:4D:10:E7:D9:DD:1E
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       0198D473AE8CC9185A6A3B3B040F8769BFE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:03:27 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:27 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:27 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: W5drw6w27YcTRBhbIrlG0A8IBAN57B+38CEVTqnniYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:ae:8c:c9:18:5a:6a:3b:3b:04:0f:87:69:bf:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Aug 23 01:03:27 2025 GMT
            Not After : Aug 24 01:03:27 2025 GMT
        Subject: CN=4725d54dcd6dc257de213b071ebc4d10e7d9dd1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:58:72:e2:3c:2c:24:a0:0a:2a:37:59:1e:f3:
                    86:31:a5:61:01:6a:aa:2d:8f:72:4f:55:9f:b4:b4:
                    88:17:b7:e7:6c:5a:ee:cc:36:73:09:ce:93:1b:ac:
                    bf:a6:be:7b:54:a4:9c:00:c4:df:f5:20:ba:57:9a:
                    0e:20:f9:1a:8c:a8:e9:76:62:39:3a:bd:44:7b:31:
                    68:a4:7a:01:65:a9:ac:91:78:36:dc:e8:1c:f5:a5:
                    4a:26:db:7b:75:c3:a6:38:7e:bb:b6:d7:68:90:e5:
                    13:6f:c6:28:66:5c:73:b0:1e:c6:2a:48:a7:52:fe:
                    8c:27:98:2c:69:1d:bc:81:ff:67:86:f5:40:74:03:
                    78:a7:b4:93:a2:6c:5f:0f:48:74:17:5e:59:72:15:
                    f3:41:89:34:21:f1:76:83:11:80:91:c3:ab:f2:84:
                    6e:41:ae:e4:5f:f9:e1:2f:02:12:c5:aa:41:de:d7:
                    99:f7:3a:ea:5b:2b:1b:87:b0:25:d6:da:0c:32:08:
                    91:2a:2c:29:18:58:59:52:da:af:76:3f:62:72:41:
                    cf:ff:d3:97:df:5d:85:df:8c:94:fe:85:4d:da:94:
                    db:c4:9a:a0:d5:4a:49:b1:aa:18:96:a8:5d:14:b6:
                    5d:80:9a:55:9a:8c:4f:64:72:56:e0:32:c6:3a:af:
                    4f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:25:D5:4D:CD:6D:C2:57:DE:21:3B:07:1E:BC:4D:10:E7:D9:DD:1E
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:d6:f1:09:0f:5d:5a:e4:e7:96:e5:80:41:3a:ba:89:36:af:
         19:75:8e:e2:be:f5:19:8c:04:75:e3:bc:fc:50:52:e7:af:65:
         ff:7e:da:62:49:5e:53:f6:6d:c3:45:6e:72:29:d3:d2:ec:08:
         78:df:9c:e6:af:82:0d:00:71:50:f6:de:a6:c0:44:ca:b1:99:
         07:fd:6c:c9:b1:71:04:45:af:38:ca:df:75:46:ea:63:2c:25:
         1a:7f:8b:50:e9:41:51:16:ba:9e:5b:22:cf:5e:8f:a3:89:b1:
         d1:f0:a3:bc:50:96:e8:31:4a:d1:95:2c:23:44:01:0f:87:2a:
         94:36:03:13:bf:98:6f:a7:bb:2d:c5:9d:e1:82:ee:97:80:86:
         59:e6:45:7a:fe:5d:d6:e5:94:16:09:99:34:7a:3c:26:92:93:
         7d:5d:a0:2e:eb:f3:c5:1a:f7:d4:c3:ab:dd:20:75:f9:f1:d4:
         63:40:ba:c0:f9:3e:ee:ee:66:11:ca:d1:6c:48:a9:46:59:7a:
         45:02:4f:9a:bf:63:53:01:95:b5:2a:de:e5:ec:85:da:b0:8f:
         9e:a4:42:ab:07:77:e6:00:5b:cf:cc:93:d1:77:12:09:0c:b5:
         2b:b9:39:81:72:5d:81:77:78:a3:2a:c5:c2:24:ad:2c:de:07:
         33:c4:fd:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc66MyRhaajs7BA+Hab/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUwODIzMDEwMzI3WhcNMjUwODI0MDEwMzI3WjAzMTEwLwYDVQQD
Eyg0NzI1ZDU0ZGNkNmRjMjU3ZGUyMTNiMDcxZWJjNGQxMGU3ZDlkZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolhy4jwsJKAKKjdZHvOGMaVhAWqq
LY9yT1WftLSIF7fnbFruzDZzCc6TG6y/pr57VKScAMTf9SC6V5oOIPkajKjpdmI5
Or1EezFopHoBZamskXg23Ogc9aVKJtt7dcOmOH67ttdokOUTb8YoZlxzsB7GKkin
Uv6MJ5gsaR28gf9nhvVAdAN4p7STomxfD0h0F15ZchXzQYk0IfF2gxGAkcOr8oRu
Qa7kX/nhLwISxapB3teZ9zrqWysbh7Al1toMMgiRKiwpGFhZUtqvdj9ickHP/9OX
312F34yU/oVN2pTbxJqg1UpJsaoYlqhdFLZdgJpVmoxPZHJW4DLGOq9PVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcl1U3NbcJX3iE7Bx68TRDn2d0eMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptbxCQ9d
WuTnluWAQTq6iTavGXWO4r71GYwEdeO8/FBS569l/37aYkleU/Ztw0VucinT0uwI
eN+c5q+CDQBxUPbepsBEyrGZB/1sybFxBEWvOMrfdUbqYywlGn+LUOlBURa6nlsi
z16Po4mx0fCjvFCW6DFK0ZUsI0QBD4cqlDYDE7+Yb6e7LcWd4YLul4CGWeZFev5d
1uWUFgmZNHo8JpKTfV2gLuvzxRr31MOr3SB1+fHUY0C6wPk+7u5mEcrRbEipRll6
RQJPmr9jUwGVtSre5eyF2rCPnqRCqwd35gBbz8yT0XcSCQy1K7k5gXJdgXd4oyrF
wiStLN4HM8T9ZQ==
-----END CERTIFICATE-----