Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
File:                     GyceKuYih3VSuJ28R016EwWEpI4.mft (raw, json)
Hash identifier:          MJ7gvIANYhuidiIfMFtB0AASTL/Xe339JTKjsDasGdw=
Subject key identifier:   6D:0D:87:13:01:37:3C:0B:F0:82:D8:9C:C6:2C:9B:46:9B:26:9F:83
Authority key identifier: 1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E
Certificate issuer:       /CN=1b271e2ae622877552b89dbc474d7a130584a48e
Certificate serial:       019A4DE1D78622CBB2F041C7489F3C7A8B78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
Manifest number:          0B19
Signing time:             Tue 04 Nov 2025 08:00:37 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:37 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:37 +0000
Files and hashes:         1: GyceKuYih3VSuJ28R016EwWEpI4.crl (hash: EvgK9iuv2nvspC3iDdGUoyTbieBOBMgLWKbO0Jp1XpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:d7:86:22:cb:b2:f0:41:c7:48:9f:3c:7a:8b:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b271e2ae622877552b89dbc474d7a130584a48e
        Validity
            Not Before: Nov  4 08:00:37 2025 GMT
            Not After : Nov  5 08:00:37 2025 GMT
        Subject: CN=6d0d871301373c0bf082d89cc62c9b469b269f83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:08:89:da:3a:2b:16:7f:5a:13:34:6e:df:6b:
                    93:2a:3f:1b:83:e5:b4:b8:11:4f:93:c4:ad:f2:31:
                    d6:4d:45:7c:a7:7d:23:cf:5b:8e:ac:83:5b:c7:3b:
                    ce:8c:a5:ac:e5:59:e5:b4:0f:08:27:76:a9:b6:49:
                    52:2e:bf:01:16:11:6c:31:a9:c7:8e:ad:24:4c:b5:
                    20:67:e2:57:14:a6:48:c5:92:c8:35:8d:66:8e:f1:
                    15:f4:6c:a2:b6:c7:95:74:bd:b8:3f:bf:18:0d:bd:
                    8a:f8:2e:f9:1d:77:aa:a9:1a:18:ac:a7:7d:2f:c5:
                    1b:dd:ed:85:b5:b5:8e:eb:0c:5b:26:c0:81:1c:44:
                    7e:84:28:59:dd:28:84:f2:11:14:8b:97:78:22:91:
                    04:57:6a:b1:59:0b:96:da:a4:05:f0:4a:41:2a:eb:
                    5c:e5:af:d3:32:03:b4:f2:d7:61:77:dc:c4:c8:21:
                    21:48:1a:bb:91:d3:76:11:12:56:83:3e:35:cb:2d:
                    93:ee:12:f4:56:5a:06:d6:0a:20:bf:cb:58:1f:c2:
                    73:28:16:bb:c8:16:91:54:d6:37:ad:5a:0e:a1:6f:
                    43:e4:b8:5d:69:f1:80:b2:6e:7a:e4:a3:37:ab:b6:
                    a7:b4:48:db:dc:ab:91:a2:67:71:9a:b0:e3:a5:35:
                    21:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:0D:87:13:01:37:3C:0B:F0:82:D8:9C:C6:2C:9B:46:9B:26:9F:83
            X509v3 Authority Key Identifier:
                keyid:1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:08:de:03:e8:4c:c0:a5:17:bd:90:50:35:67:ce:d5:57:8e:
         2b:8e:1f:7c:b8:ff:c7:9c:a9:56:b4:3d:9d:9f:cf:7c:71:69:
         65:a5:68:bc:2d:1c:65:5a:0f:d5:26:a1:75:23:27:f1:4b:94:
         8d:b5:23:0b:1f:bd:6b:10:a3:a6:3f:ea:ca:7a:54:08:af:f0:
         65:31:2f:59:38:e3:84:3f:89:4f:93:f9:47:d6:2d:d1:57:f5:
         32:81:14:2c:44:11:47:46:a4:12:39:09:ff:26:96:a8:62:3b:
         75:51:b6:fd:2b:2d:97:88:81:f0:3f:60:78:c7:74:22:94:b4:
         f1:62:90:8b:67:9d:92:66:4f:49:81:6a:52:4e:98:ec:fe:0f:
         70:1e:60:01:23:77:3c:1b:53:54:ef:10:eb:ea:e1:2a:27:84:
         cf:84:6e:47:9e:2e:c4:48:aa:8d:62:0a:3e:f3:05:6c:cf:9a:
         30:90:e9:99:a2:4a:c5:a6:92:dc:77:07:ff:ab:6e:c5:b3:8f:
         4f:8a:e7:b1:fb:7a:e4:87:58:20:f5:fb:ae:be:64:2a:45:55:
         b1:1c:18:c7:54:92:9e:4b:ba:f5:49:08:ff:c8:fc:6a:08:c1:
         89:83:b1:22:57:6c:68:9b:2d:6e:1e:6c:72:6b:0d:39:71:45:
         3c:b0:56:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4deGIsuy8EHHSJ88eot4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjcxZTJhZTYyMjg3NzU1MmI4OWRiYzQ3NGQ3YTEzMDU4
NGE0OGUwHhcNMjUxMTA0MDgwMDM3WhcNMjUxMTA1MDgwMDM3WjAzMTEwLwYDVQQD
Eyg2ZDBkODcxMzAxMzczYzBiZjA4MmQ4OWNjNjJjOWI0NjliMjY5ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AiJ2jorFn9aEzRu32uTKj8bg+W0
uBFPk8St8jHWTUV8p30jz1uOrINbxzvOjKWs5VnltA8IJ3aptklSLr8BFhFsManH
jq0kTLUgZ+JXFKZIxZLINY1mjvEV9GyitseVdL24P78YDb2K+C75HXeqqRoYrKd9
L8Ub3e2FtbWO6wxbJsCBHER+hChZ3SiE8hEUi5d4IpEEV2qxWQuW2qQF8EpBKutc
5a/TMgO08tdhd9zEyCEhSBq7kdN2ERJWgz41yy2T7hL0VloG1gogv8tYH8JzKBa7
yBaRVNY3rVoOoW9D5LhdafGAsm565KM3q7antEjb3KuRomdxmrDjpTUhNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0NhxMBNzwL8ILYnMYsm0abJp+DMB8GA1UdIwQY
MBaAFBsnHirmIod1UridvEdNehMFhKSOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYt
MWM4ZWQzNmQyNTY2LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYtMWM4ZWQzNmQyNTY2
LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVwjeA+hM
wKUXvZBQNWfO1VeOK44ffLj/x5ypVrQ9nZ/PfHFpZaVovC0cZVoP1SahdSMn8UuU
jbUjCx+9axCjpj/qynpUCK/wZTEvWTjjhD+JT5P5R9Yt0Vf1MoEULEQRR0akEjkJ
/yaWqGI7dVG2/Sstl4iB8D9geMd0IpS08WKQi2edkmZPSYFqUk6Y7P4PcB5gASN3
PBtTVO8Q6+rhKieEz4RuR54uxEiqjWIKPvMFbM+aMJDpmaJKxaaS3HcH/6tuxbOP
T4rnsft65IdYIPX7rr5kKkVVsRwYx1SSnku69UkI/8j8agjBiYOxIldsaJstbh5s
cmsNOXFFPLBWmQ==
-----END CERTIFICATE-----