Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          w4FwzSMRsVVkqTz91WLu6IXX5PH8dTJtS70Q9Vk+wM0=
Subject key identifier:   AD:8C:CF:F6:B0:44:92:5F:D1:55:85:BA:B9:2A:5B:29:CE:7B:6E:55
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019769299F68AA86615F8CC0F9DE0608B0DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0C09
Signing time:             Fri 13 Jun 2025 12:00:24 +0000
Manifest this update:     Fri 13 Jun 2025 12:00:24 +0000
Manifest next update:     Sat 14 Jun 2025 12:00:24 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: UWSo5Or/Y+z4Z6xoSHp/FSKsGqSLKNsmjwplvRaHwE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 12:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:29:9f:68:aa:86:61:5f:8c:c0:f9:de:06:08:b0:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Jun 13 12:00:24 2025 GMT
            Not After : Jun 14 12:00:24 2025 GMT
        Subject: CN=ad8ccff6b044925fd15585bab92a5b29ce7b6e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7c:2a:02:7c:77:73:20:4a:74:9d:88:c8:6f:
                    27:d9:6a:3a:32:b9:b0:5c:28:b4:5e:13:e1:96:46:
                    16:b6:9e:fd:39:ce:80:3d:5d:ac:ab:cd:7e:91:af:
                    51:80:45:3d:fd:b4:e4:68:0b:cb:8f:8d:a2:16:e4:
                    ec:02:4f:e4:d3:d4:e6:0f:fb:09:94:0e:4c:be:41:
                    10:9d:95:d2:ea:ed:8f:45:b0:69:e1:de:bf:0a:dd:
                    9a:6f:41:fd:58:2c:0e:42:02:cd:a2:7c:8b:7d:a0:
                    4c:fe:d2:9d:7f:f6:67:ba:d9:0f:5f:b0:f3:af:4c:
                    f3:9f:1f:dd:e5:70:82:2c:48:db:70:02:78:1a:33:
                    08:7e:17:75:fc:7c:f8:d9:ec:b4:16:26:cc:8c:88:
                    2f:da:d7:8b:53:9f:44:2b:75:4f:e3:26:62:29:f1:
                    68:fe:32:1f:7c:b0:0a:63:2d:d1:ca:c3:8d:11:6d:
                    6a:84:cd:9b:e7:29:d4:11:e8:7b:5b:a5:2c:32:1d:
                    89:68:cd:a5:c8:10:4e:3d:cd:14:b8:62:54:10:41:
                    b5:2c:31:2d:dc:d8:59:cf:21:7e:ee:ab:51:6d:ba:
                    6b:f9:e3:e7:2c:c9:2a:94:18:4a:1d:16:43:e1:2c:
                    e0:72:4b:4b:fe:a5:4c:85:81:81:65:d9:e7:4c:c3:
                    f5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:8C:CF:F6:B0:44:92:5F:D1:55:85:BA:B9:2A:5B:29:CE:7B:6E:55
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:9e:f9:00:0b:43:3f:12:21:c4:0d:41:e9:0a:19:43:00:3c:
         44:87:02:07:59:b9:a6:57:a8:fe:2c:95:2b:e1:dd:d2:56:56:
         39:64:5e:c1:6a:44:8c:83:8e:83:88:cb:b7:02:7b:2e:6c:29:
         7a:b0:a6:7c:e9:11:31:b9:f7:5e:74:14:9e:0b:ce:d6:d0:d1:
         a3:28:f1:74:38:42:97:bf:0f:64:a2:a7:e9:56:4c:a7:22:77:
         ba:cc:d6:30:04:75:57:06:ac:7f:b4:72:7f:9a:d5:18:d2:a7:
         0b:8b:4a:94:1a:af:69:a1:f9:6f:e1:02:0f:bf:f2:bc:bc:89:
         ea:a4:b2:05:20:2e:b7:08:b9:e6:90:37:32:4e:d1:74:83:70:
         80:67:79:74:e0:7f:79:31:b1:ea:6a:6a:01:be:73:3b:f6:9f:
         31:30:5e:d5:78:cd:fb:c3:6f:40:21:dd:2e:e2:59:6b:c8:d1:
         17:85:99:a4:d7:6a:9f:e5:4c:3a:ed:1f:81:f7:9d:9a:64:9a:
         7a:82:82:af:f7:b3:a1:85:30:91:e3:1d:30:fa:e6:3c:92:af:
         d8:03:18:5d:15:bd:cd:de:2e:1f:c3:16:06:13:2b:27:94:cc:
         94:ac:30:bc:49:80:44:63:3e:ba:1b:fd:8d:75:35:4b:90:ce:
         36:c9:75:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKZ9oqoZhX4zA+d4GCLDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjUwNjEzMTIwMDI0WhcNMjUwNjE0MTIwMDI0WjAzMTEwLwYDVQQD
EyhhZDhjY2ZmNmIwNDQ5MjVmZDE1NTg1YmFiOTJhNWIyOWNlN2I2ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXwqAnx3cyBKdJ2IyG8n2Wo6Mrmw
XCi0XhPhlkYWtp79Oc6APV2sq81+ka9RgEU9/bTkaAvLj42iFuTsAk/k09TmD/sJ
lA5MvkEQnZXS6u2PRbBp4d6/Ct2ab0H9WCwOQgLNonyLfaBM/tKdf/ZnutkPX7Dz
r0zznx/d5XCCLEjbcAJ4GjMIfhd1/Hz42ey0FibMjIgv2teLU59EK3VP4yZiKfFo
/jIffLAKYy3RysONEW1qhM2b5ynUEeh7W6UsMh2JaM2lyBBOPc0UuGJUEEG1LDEt
3NhZzyF+7qtRbbpr+ePnLMkqlBhKHRZD4SzgcktL/qVMhYGBZdnnTMP1UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2Mz/awRJJf0VWFurkqWynOe25VMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjp75AAtD
PxIhxA1B6QoZQwA8RIcCB1m5pleo/iyVK+Hd0lZWOWRewWpEjIOOg4jLtwJ7Lmwp
erCmfOkRMbn3XnQUngvO1tDRoyjxdDhCl78PZKKn6VZMpyJ3uszWMAR1Vwasf7Ry
f5rVGNKnC4tKlBqvaaH5b+ECD7/yvLyJ6qSyBSAutwi55pA3Mk7RdINwgGd5dOB/
eTGx6mpqAb5zO/afMTBe1XjN+8NvQCHdLuJZa8jRF4WZpNdqn+VMOu0fgfedmmSa
eoKCr/ezoYUwkeMdMPrmPJKv2AMYXRW9zd4uH8MWBhMrJ5TMlKwwvEmARGM+uhv9
jXU1S5DONsl12g==
-----END CERTIFICATE-----