Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          qa17msyFMKxo+JvQMjEvJeXkWjqhD3JMrmFtVkOrEFY=
Subject key identifier:   70:64:BD:BA:6B:7D:16:1B:06:B0:2D:1E:00:E8:A9:DA:73:81:38:D5
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       01968DA74FA00ECE2E4A8AF857829C27476F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          09A9
Signing time:             Thu 01 May 2025 21:01:14 +0000
Manifest this update:     Thu 01 May 2025 21:01:14 +0000
Manifest next update:     Fri 02 May 2025 21:01:14 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: For8aRBhi9YZKUyd3MzrrtCqx2DRaSC9wFUxutF/iNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 21:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:a7:4f:a0:0e:ce:2e:4a:8a:f8:57:82:9c:27:47:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: May  1 21:01:14 2025 GMT
            Not After : May  2 21:01:14 2025 GMT
        Subject: CN=7064bdba6b7d161b06b02d1e00e8a9da738138d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:14:74:1a:a0:47:e3:60:2f:a9:19:0d:27:9e:
                    85:e7:e1:a4:4b:bd:6a:c1:e7:e9:2e:ce:0f:3a:05:
                    d7:83:1e:87:a8:dc:e7:2b:f9:17:5a:0c:8b:ee:79:
                    e5:e5:91:7a:50:da:b3:1a:a9:89:62:f5:a5:02:ce:
                    38:a6:13:d2:b1:64:3f:3c:47:b9:5e:7e:0a:a9:00:
                    5a:5a:85:f5:db:1e:c8:b8:df:30:ee:f4:f9:ac:e0:
                    9d:86:b3:bf:1f:50:5b:75:ed:4a:8d:22:90:52:b6:
                    4e:9e:1e:ae:80:33:31:60:10:e2:57:b0:60:08:2d:
                    cc:1f:e1:2a:63:22:2c:20:a6:50:6e:9c:ca:c6:a2:
                    eb:2d:45:2c:68:5b:8a:00:ac:4d:03:6b:11:ea:b4:
                    03:5b:c8:3a:d7:0e:15:b3:9f:34:0a:91:62:55:09:
                    1a:bc:a0:44:f7:09:59:71:42:08:71:61:fa:b4:88:
                    14:59:70:5c:48:0e:84:86:1c:02:7f:32:f9:42:61:
                    59:c8:91:a5:04:71:68:ff:11:2e:8d:ff:1a:0a:a2:
                    55:51:de:2a:ae:11:9c:18:7e:28:f3:de:d8:69:0c:
                    04:3a:96:6e:8f:80:e0:e4:53:9e:e5:b2:1b:8a:eb:
                    c8:3e:97:8f:75:b9:6b:14:e2:0c:bb:6c:97:1f:74:
                    af:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:64:BD:BA:6B:7D:16:1B:06:B0:2D:1E:00:E8:A9:DA:73:81:38:D5
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:ac:34:0c:17:d2:e4:1d:cf:c4:5c:98:7f:d0:45:43:25:fd:
         26:6e:bb:05:bb:97:db:2a:7d:c1:06:ad:86:4c:85:d1:62:9b:
         5c:77:eb:d8:bb:38:f4:a6:71:75:b8:ca:9a:11:b3:a5:46:66:
         d3:97:0d:83:49:b4:aa:12:ac:e3:a1:3e:87:bc:14:a6:a3:c4:
         49:0f:6c:17:9f:e6:f6:32:f3:e3:ad:65:cb:48:b4:f8:a2:6f:
         c2:3a:8f:9b:80:a6:04:9c:a0:b0:29:8c:70:49:97:e8:8a:6b:
         a0:70:cf:d6:09:2d:93:a6:b0:ea:f9:ab:56:56:ba:1d:9e:ce:
         0f:47:a1:7e:8c:2b:2a:30:a5:02:48:70:5d:15:b7:28:a4:15:
         cc:9b:55:b3:4b:47:67:f7:78:9e:5d:fc:bb:80:39:a5:e3:2c:
         f1:cf:7e:be:8e:ac:f6:32:7a:b0:ad:31:a6:69:60:33:f0:90:
         c4:e1:ad:bf:61:8a:2b:f9:7a:a7:8c:25:64:6c:62:fa:b6:98:
         71:78:0f:ca:2b:d9:e3:dc:d5:54:9f:d0:13:cf:27:65:d8:3d:
         07:85:f6:83:ca:a8:65:2f:63:81:ae:1d:c3:75:d7:f3:da:89:
         0c:a5:e1:58:1f:bc:83:0e:f9:7b:14:fb:95:18:e4:09:87:ad:
         f6:ce:19:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNp0+gDs4uSor4V4KcJ0dvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwNTAxMjEwMTE0WhcNMjUwNTAyMjEwMTE0WjAzMTEwLwYDVQQD
Eyg3MDY0YmRiYTZiN2QxNjFiMDZiMDJkMWUwMGU4YTlkYTczODEzOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBR0GqBH42AvqRkNJ56F5+GkS71q
wefpLs4POgXXgx6HqNznK/kXWgyL7nnl5ZF6UNqzGqmJYvWlAs44phPSsWQ/PEe5
Xn4KqQBaWoX12x7IuN8w7vT5rOCdhrO/H1Bbde1KjSKQUrZOnh6ugDMxYBDiV7Bg
CC3MH+EqYyIsIKZQbpzKxqLrLUUsaFuKAKxNA2sR6rQDW8g61w4Vs580CpFiVQka
vKBE9wlZcUIIcWH6tIgUWXBcSA6EhhwCfzL5QmFZyJGlBHFo/xEujf8aCqJVUd4q
rhGcGH4o897YaQwEOpZuj4Dg5FOe5bIbiuvIPpePdblrFOIMu2yXH3SvJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBkvbprfRYbBrAtHgDoqdpzgTjVMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqw0DBfS
5B3PxFyYf9BFQyX9Jm67BbuX2yp9wQathkyF0WKbXHfr2Ls49KZxdbjKmhGzpUZm
05cNg0m0qhKs46E+h7wUpqPESQ9sF5/m9jLz461ly0i0+KJvwjqPm4CmBJygsCmM
cEmX6IproHDP1gktk6aw6vmrVla6HZ7OD0ehfowrKjClAkhwXRW3KKQVzJtVs0tH
Z/d4nl38u4A5peMs8c9+vo6s9jJ6sK0xpmlgM/CQxOGtv2GKK/l6p4wlZGxi+raY
cXgPyivZ49zVVJ/QE88nZdg9B4X2g8qoZS9jga4dw3XX89qJDKXhWB+8gw75exT7
lRjkCYet9s4ZNQ==
-----END CERTIFICATE-----