Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          6MaDUHWly+X2azj8nvdTXf2KOdMJHe7oXo6W08EENKM=
Subject key identifier:   37:DF:36:CD:A9:FF:12:15:2A:76:D3:FA:AE:FA:7B:E1:F5:18:1A:D9
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       0198D4E04EEAF2A8D4D0A94E41FE24B5D268
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 03:02:06 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:06 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:06 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: Q2wbhHhxL/aUbg2zm0NCJmZbr/AO/ybZIomgv7/ZRY4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:4e:ea:f2:a8:d4:d0:a9:4e:41:fe:24:b5:d2:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Aug 23 03:02:06 2025 GMT
            Not After : Aug 24 03:02:06 2025 GMT
        Subject: CN=37df36cda9ff12152a76d3faaefa7be1f5181ad9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3e:83:bf:7e:23:4f:1c:38:75:cb:61:cc:1e:
                    a9:63:ec:00:05:11:65:1e:05:cf:99:95:28:b4:48:
                    81:4e:f3:f5:92:ca:b1:fb:af:29:56:2d:81:b6:f8:
                    b1:57:92:b7:52:de:6f:7b:d3:b3:55:05:ce:5f:09:
                    b5:24:c9:8b:5f:c9:9c:8e:29:2f:5a:47:d3:01:c8:
                    bf:19:70:bc:be:33:8d:b3:32:96:c8:b8:10:fb:ed:
                    76:47:20:f9:b5:d7:30:74:f1:4f:a5:fb:82:a9:42:
                    26:07:d3:dd:5f:81:31:73:16:ad:3c:e0:97:53:24:
                    b6:43:33:04:b1:eb:23:99:74:f6:b9:39:5b:a8:79:
                    31:94:d4:93:72:26:50:0f:e5:b7:28:44:10:f3:e0:
                    5a:13:14:5b:ed:36:28:d2:91:12:79:bd:a1:5f:c7:
                    f1:76:89:a0:87:8c:e1:a8:fe:90:b9:88:30:fc:e2:
                    bd:4d:6f:1f:95:0f:80:6f:34:58:9c:19:44:a9:14:
                    95:7a:2f:77:4e:ce:4b:88:77:ac:39:a8:e4:5e:42:
                    0c:fd:4f:3e:2e:d6:62:c7:0a:1a:4a:04:12:01:a2:
                    5f:11:fa:5c:a6:b9:e9:d1:da:4f:68:9f:5c:13:55:
                    37:11:16:85:ff:a1:ec:d7:47:d6:c2:5f:76:6f:4c:
                    c4:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:DF:36:CD:A9:FF:12:15:2A:76:D3:FA:AE:FA:7B:E1:F5:18:1A:D9
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d7:35:2e:a2:dc:3d:78:17:0f:ec:f0:01:d2:97:d6:41:6e:
         82:99:e0:b0:91:62:5e:1a:fc:7b:be:a0:62:f2:8e:b5:da:cb:
         8f:62:68:c0:50:9b:06:81:30:5c:dd:a6:ab:eb:f6:59:8e:43:
         fb:68:c6:74:92:48:83:5e:aa:05:c6:f8:18:a1:b4:fd:3e:82:
         c2:f8:4c:7b:dc:fd:2e:d3:48:ee:90:e2:c9:ef:64:80:09:5f:
         f1:ed:06:9c:6e:8e:01:b1:50:a1:5e:df:32:b8:03:5e:5c:fe:
         31:33:9e:80:14:c9:25:48:87:59:b9:77:d0:68:01:b5:5d:57:
         a1:1e:6e:0a:c1:c0:2e:f7:b6:b9:02:e3:27:f0:4d:b8:9c:aa:
         64:89:6f:40:9a:73:35:cc:e4:a3:f8:6c:6a:0f:b9:54:29:ae:
         05:42:1d:f3:23:a7:4c:af:74:36:1b:ec:0d:72:58:b1:67:8e:
         ab:f0:69:68:0d:59:5b:e7:f5:45:ef:b7:11:8e:e2:50:a0:10:
         e9:19:3d:a8:3b:16:60:4c:18:ec:32:08:ab:06:34:3a:e8:50:
         26:a3:1a:2a:1b:ff:d2:76:d8:dc:25:87:11:53:e5:87:8f:b3:
         7d:e4:2d:c4:a8:3d:e2:14:cb:66:69:77:4c:ca:8b:d1:e6:94:
         75:93:50:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4E7q8qjU0KlOQf4ktdJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUwODIzMDMwMjA2WhcNMjUwODI0MDMwMjA2WjAzMTEwLwYDVQQD
EygzN2RmMzZjZGE5ZmYxMjE1MmE3NmQzZmFhZWZhN2JlMWY1MTgxYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj6Dv34jTxw4dcthzB6pY+wABRFl
HgXPmZUotEiBTvP1ksqx+68pVi2BtvixV5K3Ut5ve9OzVQXOXwm1JMmLX8mcjikv
WkfTAci/GXC8vjONszKWyLgQ++12RyD5tdcwdPFPpfuCqUImB9PdX4ExcxatPOCX
UyS2QzMEsesjmXT2uTlbqHkxlNSTciZQD+W3KEQQ8+BaExRb7TYo0pESeb2hX8fx
domgh4zhqP6QuYgw/OK9TW8flQ+AbzRYnBlEqRSVei93Ts5LiHesOajkXkIM/U8+
LtZixwoaSgQSAaJfEfpcprnp0dpPaJ9cE1U3ERaF/6Hs10fWwl92b0zEtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDffNs2p/xIVKnbT+q76e+H1GBrZMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9c1LqLc
PXgXD+zwAdKX1kFugpngsJFiXhr8e76gYvKOtdrLj2JowFCbBoEwXN2mq+v2WY5D
+2jGdJJIg16qBcb4GKG0/T6CwvhMe9z9LtNI7pDiye9kgAlf8e0GnG6OAbFQoV7f
MrgDXlz+MTOegBTJJUiHWbl30GgBtV1XoR5uCsHALve2uQLjJ/BNuJyqZIlvQJpz
Nczko/hsag+5VCmuBUId8yOnTK90NhvsDXJYsWeOq/BpaA1ZW+f1Re+3EY7iUKAQ
6Rk9qDsWYEwY7DIIqwY0OuhQJqMaKhv/0nbY3CWHEVPlh4+zfeQtxKg94hTLZml3
TMqL0eaUdZNQAA==
-----END CERTIFICATE-----