Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          AUbpjeAqyiw7VNosdXob420vL0VCRrGOClDgMTM3MRo=
Subject key identifier:   31:47:32:73:01:D6:AE:9A:D1:76:9A:CD:32:0D:13:5D:78:6C:FC:38
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       0197B8FCBC0E1857CC7D747F5CE1F4D38D0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          15B3
Signing time:             Sun 29 Jun 2025 00:01:00 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:00 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:00 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: DkAH4/XfjVsDRiAmaakpS7PaHvnceG68wOehP43iPFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fc:bc:0e:18:57:cc:7d:74:7f:5c:e1:f4:d3:8d:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Jun 29 00:01:00 2025 GMT
            Not After : Jun 30 00:01:00 2025 GMT
        Subject: CN=3147327301d6ae9ad1769acd320d135d786cfc38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:af:7d:db:5f:94:26:ea:80:2c:01:60:02:38:
                    b4:54:89:15:ba:2d:b1:f6:8e:1b:42:8f:9d:be:6b:
                    95:47:7d:28:53:61:20:23:63:37:ae:52:b7:10:65:
                    81:e4:98:30:d3:87:71:7e:6a:41:a1:d8:cb:0a:ce:
                    aa:58:67:8e:67:77:c3:d3:74:2b:a6:c8:ff:7c:90:
                    04:fe:e0:28:fa:82:04:73:25:79:a7:97:cc:7d:27:
                    22:9b:e9:af:71:7b:c9:e7:57:8b:a1:db:6f:ff:6e:
                    d3:8c:f4:d1:d6:f1:db:cc:0c:a7:95:53:69:f4:fb:
                    65:cf:73:ee:b9:fd:32:a0:64:9d:3f:0a:4b:00:d6:
                    44:65:af:5a:62:bd:31:4f:de:61:ef:f9:4f:78:fe:
                    58:d0:58:13:03:08:44:e4:b5:76:da:49:3e:ac:b9:
                    9d:d2:e4:cd:19:1c:31:a6:be:b4:29:c0:e7:e5:d5:
                    02:eb:41:a9:53:4f:36:1f:47:11:4f:3f:47:ec:45:
                    d6:0c:b8:7c:2a:d1:b6:d7:b7:dd:11:b8:5b:7f:4d:
                    b9:00:61:44:d4:7f:1f:19:d4:ed:e0:7b:be:6a:f1:
                    0a:b7:a8:21:0d:50:b4:37:4a:6e:18:64:25:68:9c:
                    02:50:10:1b:74:37:04:81:c4:49:1e:af:22:dd:b2:
                    1e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:47:32:73:01:D6:AE:9A:D1:76:9A:CD:32:0D:13:5D:78:6C:FC:38
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:d5:e5:ae:93:28:b5:3b:a0:01:fb:34:5d:35:6f:03:30:5b:
         d8:d0:8e:6c:c4:77:31:cb:21:15:d2:a1:86:15:82:7e:5f:71:
         0d:28:bc:5e:88:85:80:48:f5:5f:15:76:80:09:38:dc:45:18:
         65:e8:c5:81:b2:30:fa:b9:b3:5c:61:f5:eb:0d:65:a4:50:85:
         6e:c4:91:e9:6f:96:bc:61:f4:48:9a:29:f1:c8:4c:97:6d:3f:
         85:af:a2:1d:72:53:d1:9f:b5:60:e5:c7:d6:10:ab:95:a8:23:
         9b:7f:25:32:31:6d:f4:47:8e:e7:89:c9:40:fe:ce:75:67:10:
         00:55:f0:44:78:50:97:44:fd:98:74:66:cc:de:f1:87:01:0d:
         6d:7e:64:a0:54:25:16:7a:62:a2:b7:1e:2c:c7:59:ff:22:6a:
         35:55:ec:e0:ed:38:a8:35:c4:e3:66:39:10:9a:a4:61:1b:d4:
         ac:2f:3f:ef:11:23:b0:35:52:7d:48:08:3f:7c:11:6b:30:00:
         b0:36:f2:a6:0a:da:6c:ec:f5:9a:3f:db:43:4a:8c:be:b1:e9:
         a6:e0:6e:a0:ce:1c:4e:42:12:73:f0:f6:cd:b9:3f:c0:54:bf:
         b2:ae:41:09:7b:20:03:0d:dc:95:30:48:e8:4e:e1:de:13:86:
         35:2a:66:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/LwOGFfMfXR/XOH0040NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUwNjI5MDAwMTAwWhcNMjUwNjMwMDAwMTAwWjAzMTEwLwYDVQQD
EygzMTQ3MzI3MzAxZDZhZTlhZDE3NjlhY2QzMjBkMTM1ZDc4NmNmYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra9921+UJuqALAFgAji0VIkVui2x
9o4bQo+dvmuVR30oU2EgI2M3rlK3EGWB5Jgw04dxfmpBodjLCs6qWGeOZ3fD03Qr
psj/fJAE/uAo+oIEcyV5p5fMfScim+mvcXvJ51eLodtv/27TjPTR1vHbzAynlVNp
9Ptlz3Puuf0yoGSdPwpLANZEZa9aYr0xT95h7/lPeP5Y0FgTAwhE5LV22kk+rLmd
0uTNGRwxpr60KcDn5dUC60GpU082H0cRTz9H7EXWDLh8KtG217fdEbhbf025AGFE
1H8fGdTt4Hu+avEKt6ghDVC0N0puGGQlaJwCUBAbdDcEgcRJHq8i3bIeuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFHMnMB1q6a0XaazTINE114bPw4MB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATtXlrpMo
tTugAfs0XTVvAzBb2NCObMR3McshFdKhhhWCfl9xDSi8XoiFgEj1XxV2gAk43EUY
ZejFgbIw+rmzXGH16w1lpFCFbsSR6W+WvGH0SJop8chMl20/ha+iHXJT0Z+1YOXH
1hCrlagjm38lMjFt9EeO54nJQP7OdWcQAFXwRHhQl0T9mHRmzN7xhwENbX5koFQl
FnpiorceLMdZ/yJqNVXs4O04qDXE42Y5EJqkYRvUrC8/7xEjsDVSfUgIP3wRazAA
sDbypgrabOz1mj/bQ0qMvrHppuBuoM4cTkISc/D2zbk/wFS/sq5BCXsgAw3clTBI
6E7h3hOGNSpmdA==
-----END CERTIFICATE-----