Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          QqoykGZLxZ0CnebvjUIQM8QDXuj2q5JGP6v2UC2ewqg=
Subject key identifier:   BA:CF:C4:05:C7:EA:AD:BD:B5:CB:C7:C6:27:2D:64:F8:A4:5B:AA:06
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019768BC021FD13EA5A9F76E1EDFE1A594C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0A6F
Signing time:             Fri 13 Jun 2025 10:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:41 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: DwiTuP+ffc6u4fuDXk42fdZpfFFiFTTzQ2ggF9Q13bI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bc:02:1f:d1:3e:a5:a9:f7:6e:1e:df:e1:a5:94:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Jun 13 10:00:41 2025 GMT
            Not After : Jun 14 10:00:41 2025 GMT
        Subject: CN=bacfc405c7eaadbdb5cbc7c6272d64f8a45baa06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d1:dd:4a:7d:f8:3e:ac:e4:03:d1:da:9f:e7:
                    dc:7c:0b:b2:ab:c5:2c:d9:11:55:cd:6b:fa:e5:f6:
                    30:3b:43:c7:f4:5f:3b:82:8c:a5:58:2d:6a:3f:ee:
                    8e:db:8c:45:75:09:d6:d6:f2:78:d6:b8:30:a0:ea:
                    99:73:0f:18:c4:13:07:c9:af:12:39:ea:61:4d:8a:
                    23:4f:ec:76:ca:d8:9c:af:08:cb:d4:43:28:df:7c:
                    79:ba:17:3c:f5:d8:f1:e8:7d:b8:17:9c:f9:31:b3:
                    8a:36:ee:7d:fe:a5:de:ee:9e:0c:0c:b2:fb:a4:f8:
                    80:50:77:56:97:7b:9d:5e:da:d3:d1:36:4e:a8:c1:
                    38:b6:81:ec:17:91:1b:7f:7d:ad:9b:d0:2c:43:2f:
                    83:a6:a8:d2:54:ef:fa:de:3e:e5:76:64:fd:15:7b:
                    e1:8b:8d:a1:93:5d:7a:6c:13:d0:05:6f:a6:27:28:
                    3f:68:2e:c0:a8:7f:73:4c:90:50:0e:2f:f2:37:86:
                    55:73:69:4c:84:d4:2f:b4:84:ca:aa:16:25:27:a2:
                    41:de:88:d1:30:78:c2:63:85:11:0f:ac:47:b1:64:
                    e6:62:b5:a2:80:57:66:32:78:8a:2a:ef:a0:d3:e3:
                    25:c4:b5:5c:6f:b2:07:5d:5b:ed:fc:48:14:dd:a2:
                    87:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:CF:C4:05:C7:EA:AD:BD:B5:CB:C7:C6:27:2D:64:F8:A4:5B:AA:06
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:bf:18:8c:be:2f:66:9f:0c:e5:eb:e3:64:2b:5b:f6:a5:fd:
         2c:85:26:f8:94:74:05:3d:1e:5e:c8:c1:f2:b0:52:ab:38:45:
         a3:9a:87:a7:58:05:39:cc:84:6b:55:fe:80:39:51:78:d7:87:
         dd:3c:8c:21:bb:37:7f:4b:ba:d8:25:35:f9:15:30:9a:1c:24:
         c0:90:3a:77:39:42:fa:74:ce:6e:35:98:cc:f0:2d:e7:5d:67:
         c7:21:d6:15:ca:9b:a3:c5:bd:d5:df:05:3b:ae:02:71:57:c7:
         08:77:08:87:39:51:05:53:88:eb:59:18:92:d3:39:22:a1:9e:
         b6:61:90:d9:e1:a6:9f:1c:39:e6:06:14:fe:2d:fb:67:93:f0:
         18:eb:8d:2a:1f:22:2c:ed:96:7a:47:f0:47:51:50:39:db:8a:
         67:57:09:83:a1:d5:c6:84:a3:ff:e9:42:1c:a5:5f:68:9d:d4:
         89:23:22:d9:dd:a1:1d:de:b3:79:1d:c5:c8:be:87:19:53:18:
         77:bd:d7:a6:a9:94:4c:d7:a5:16:21:eb:ac:ac:01:24:68:4c:
         8f:05:81:bf:03:b2:c8:f6:bc:a6:f9:27:db:f6:1c:3e:61:af:
         92:b2:5b:05:39:5b:b8:39:dd:a7:62:ac:55:8c:e9:a0:b6:5d:
         d7:08:93:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdovAIf0T6lqfduHt/hpZTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjUwNjEzMTAwMDQxWhcNMjUwNjE0MTAwMDQxWjAzMTEwLwYDVQQD
EyhiYWNmYzQwNWM3ZWFhZGJkYjVjYmM3YzYyNzJkNjRmOGE0NWJhYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9HdSn34PqzkA9Han+fcfAuyq8Us
2RFVzWv65fYwO0PH9F87goylWC1qP+6O24xFdQnW1vJ41rgwoOqZcw8YxBMHya8S
OephTYojT+x2yticrwjL1EMo33x5uhc89djx6H24F5z5MbOKNu59/qXe7p4MDLL7
pPiAUHdWl3udXtrT0TZOqME4toHsF5Ebf32tm9AsQy+DpqjSVO/63j7ldmT9FXvh
i42hk116bBPQBW+mJyg/aC7AqH9zTJBQDi/yN4ZVc2lMhNQvtITKqhYlJ6JB3ojR
MHjCY4URD6xHsWTmYrWigFdmMniKKu+g0+MlxLVcb7IHXVvt/EgU3aKH4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrPxAXH6q29tcvHxictZPikW6oGMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJr8YjL4v
Zp8M5evjZCtb9qX9LIUm+JR0BT0eXsjB8rBSqzhFo5qHp1gFOcyEa1X+gDlReNeH
3TyMIbs3f0u62CU1+RUwmhwkwJA6dzlC+nTObjWYzPAt511nxyHWFcqbo8W91d8F
O64CcVfHCHcIhzlRBVOI61kYktM5IqGetmGQ2eGmnxw55gYU/i37Z5PwGOuNKh8i
LO2WekfwR1FQOduKZ1cJg6HVxoSj/+lCHKVfaJ3UiSMi2d2hHd6zeR3FyL6HGVMY
d73XpqmUTNelFiHrrKwBJGhMjwWBvwOyyPa8pvkn2/YcPmGvkrJbBTlbuDndp2Ks
VYzpoLZd1wiTgg==
-----END CERTIFICATE-----