Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          Gf2giy/ehTyd2ACA21C6mS+Olqv3f0OZ9z4Gr+Od2Bs=
Subject key identifier:   89:56:0A:A6:AB:0E:70:12:8F:53:9D:B3:FF:6D:27:97:04:C8:1E:2D
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       0196BA11D8E2FC0DE6AAAB7A33C928A6AEE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 12:00:53 +0000
Manifest this update:     Sat 10 May 2025 12:00:53 +0000
Manifest next update:     Sun 11 May 2025 12:00:53 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: wvQC6ofP5cave9HZSCgLz3uuX4osZrbpfWR9tWuEVfI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 12:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:11:d8:e2:fc:0d:e6:aa:ab:7a:33:c9:28:a6:ae:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: May 10 12:00:53 2025 GMT
            Not After : May 11 12:00:53 2025 GMT
        Subject: CN=89560aa6ab0e70128f539db3ff6d279704c81e2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:70:59:d1:f9:cb:22:bd:69:96:ab:d2:e2:10:
                    d2:b6:fa:5a:63:aa:08:de:20:da:d4:2a:b9:3c:7f:
                    69:f6:db:9c:59:b3:75:7f:46:5a:8f:ec:aa:f0:06:
                    b0:57:17:9b:f9:98:d7:d3:f2:93:55:2d:09:09:5e:
                    29:ec:50:cc:03:bc:d3:9c:ed:de:b2:ae:bc:5a:a5:
                    37:ff:27:c4:84:d3:39:77:1a:01:66:45:a6:a8:58:
                    40:c5:a9:a7:f6:47:71:db:97:88:20:4a:78:06:d0:
                    f5:0f:90:81:2a:15:7e:ff:65:75:8c:85:58:37:81:
                    50:20:af:2b:77:a0:c5:15:59:e3:f3:ba:60:c6:c3:
                    6c:8e:5a:e0:f0:fb:18:48:aa:d2:41:bf:d0:70:1a:
                    cc:d7:fb:22:d9:c2:e0:70:9d:3f:b3:83:42:e7:2e:
                    b3:b6:21:be:a9:a3:b7:e7:40:0f:5a:0e:b7:4a:27:
                    19:04:d9:ed:75:41:fd:0e:67:aa:c8:1a:da:16:ca:
                    c0:50:9d:12:0a:7b:58:79:3f:87:44:a2:8e:0c:58:
                    8a:73:de:5b:27:40:2f:27:b9:a5:ca:14:ac:7b:d3:
                    a8:34:7d:56:64:e9:5c:11:4d:5c:be:32:d5:ee:8b:
                    75:f1:e4:2d:43:7d:e9:09:4a:14:8b:7d:16:a1:53:
                    c1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:56:0A:A6:AB:0E:70:12:8F:53:9D:B3:FF:6D:27:97:04:C8:1E:2D
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:d5:f8:ab:c0:18:12:ae:b7:99:9c:b8:5e:4c:b1:e4:65:dc:
         d8:2f:ea:f5:17:51:27:ff:1c:61:06:30:8f:f2:5e:2b:ec:13:
         76:f3:98:1b:29:a7:db:31:6b:44:c0:e2:d7:ab:0e:f3:dd:a3:
         82:7b:45:8b:b7:8a:20:69:c4:b4:47:7c:65:5e:6e:06:39:2a:
         1b:73:0d:61:88:dc:80:5a:c9:71:b3:13:a3:25:36:0d:07:e2:
         a7:2e:ac:a3:3b:9e:64:70:71:63:fb:2e:f3:00:55:91:3c:80:
         2d:c1:f7:98:ea:8f:22:be:98:56:8c:ff:1c:3a:f2:c8:51:21:
         ef:dd:ac:9e:12:bf:42:a3:c0:6d:11:d0:90:23:9b:52:b6:a5:
         44:42:61:15:80:61:e6:a8:26:bd:b9:a3:7e:b8:7c:19:99:cb:
         84:20:ef:c0:87:a7:d4:a0:c7:9f:64:a7:24:fd:94:90:5b:2e:
         32:9f:3b:73:8d:11:53:4a:cc:e9:74:96:44:da:75:14:89:4a:
         36:c9:65:62:50:d9:c1:67:df:17:16:1c:33:df:e9:82:76:53:
         36:9c:25:26:0f:e2:0e:f6:6e:9b:68:5d:20:22:95:a7:a1:bc:
         ed:87:a5:c9:01:ad:c9:dd:22:59:be:ab:ef:c2:b4:7f:81:cb:
         4c:fe:d5:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6Edji/A3mqqt6M8kopq7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUwNTEwMTIwMDUzWhcNMjUwNTExMTIwMDUzWjAzMTEwLwYDVQQD
Eyg4OTU2MGFhNmFiMGU3MDEyOGY1MzlkYjNmZjZkMjc5NzA0YzgxZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3BZ0fnLIr1plqvS4hDStvpaY6oI
3iDa1Cq5PH9p9tucWbN1f0Zaj+yq8AawVxeb+ZjX0/KTVS0JCV4p7FDMA7zTnO3e
sq68WqU3/yfEhNM5dxoBZkWmqFhAxamn9kdx25eIIEp4BtD1D5CBKhV+/2V1jIVY
N4FQIK8rd6DFFVnj87pgxsNsjlrg8PsYSKrSQb/QcBrM1/si2cLgcJ0/s4NC5y6z
tiG+qaO350APWg63SicZBNntdUH9DmeqyBraFsrAUJ0SCntYeT+HRKKODFiKc95b
J0AvJ7mlyhSse9OoNH1WZOlcEU1cvjLV7ot18eQtQ33pCUoUi30WoVPBUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlWCqarDnASj1Ods/9tJ5cEyB4tMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqdX4q8AY
Eq63mZy4Xkyx5GXc2C/q9RdRJ/8cYQYwj/JeK+wTdvOYGymn2zFrRMDi16sO892j
gntFi7eKIGnEtEd8ZV5uBjkqG3MNYYjcgFrJcbMToyU2DQfipy6sozueZHBxY/su
8wBVkTyALcH3mOqPIr6YVoz/HDryyFEh792snhK/QqPAbRHQkCObUralREJhFYBh
5qgmvbmjfrh8GZnLhCDvwIen1KDHn2SnJP2UkFsuMp87c40RU0rM6XSWRNp1FIlK
NsllYlDZwWffFxYcM9/pgnZTNpwlJg/iDvZum2hdICKVp6G87YelyQGtyd0iWb6r
78K0f4HLTP7V0w==
-----END CERTIFICATE-----