Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          2n3nwsw+zI1Y3cf1Qr32M3lT1miqqFG7mIvSjjJipoo=
Subject key identifier:   1F:50:4F:9A:77:6F:EE:47:5B:EF:7C:FD:DE:67:30:9B:D2:86:18:5D
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019A4F62A0DA4FB2DA4C4750022C12648341
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0B9B
Signing time:             Tue 04 Nov 2025 15:00:54 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:54 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:54 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: VmcXXf1MRgVFeOetBsWNntF8bLTGf+xYso4Q9usNMx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:a0:da:4f:b2:da:4c:47:50:02:2c:12:64:83:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Nov  4 15:00:54 2025 GMT
            Not After : Nov  5 15:00:54 2025 GMT
        Subject: CN=1f504f9a776fee475bef7cfdde67309bd286185d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9d:8e:d1:08:15:3d:dc:57:b5:cf:c0:ac:06:
                    f2:fb:4a:37:32:c9:cf:1c:ef:d2:fc:86:23:ac:b2:
                    fe:66:8b:5d:7e:4e:cd:45:04:32:4c:e4:0a:8c:68:
                    da:8b:ae:d6:96:01:3a:c1:11:66:74:94:de:fc:a7:
                    8a:dc:6b:2b:c3:18:aa:92:b3:cb:c4:8b:0f:83:47:
                    b0:ab:ae:db:f2:14:71:6c:b8:f0:8f:ee:88:c2:0c:
                    a5:49:ea:8b:c8:0b:96:06:8e:81:df:e7:6a:c8:03:
                    78:05:79:8c:c5:04:13:8f:6e:cc:27:40:20:72:1b:
                    8a:06:a5:f1:7b:d1:0f:78:d6:29:e2:ba:62:24:6c:
                    18:4d:8e:f5:87:91:42:c3:aa:2f:74:a0:43:20:a0:
                    22:61:3d:3f:71:85:85:65:28:a7:9a:4e:0e:c6:a5:
                    98:e5:78:3a:bb:7d:1e:c7:f2:ac:8a:63:7b:df:95:
                    d3:e8:b7:bd:dd:78:f9:26:58:10:45:7c:a1:a7:e8:
                    93:87:0d:57:fe:2e:a8:ed:e8:99:fc:41:f2:c4:08:
                    71:0c:4b:7f:7b:ec:f9:16:06:63:84:89:16:98:b9:
                    b0:81:39:0c:70:03:38:f1:ed:79:74:b1:eb:1b:7e:
                    e8:a2:b3:69:de:1e:71:09:0a:11:b3:ce:1b:59:a8:
                    cb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:50:4F:9A:77:6F:EE:47:5B:EF:7C:FD:DE:67:30:9B:D2:86:18:5D
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:53:90:df:66:e9:67:42:d0:6f:50:98:65:95:cc:c3:0e:f6:
         3d:76:06:71:a1:c2:e9:40:14:51:b0:73:ef:c8:80:eb:e5:ad:
         c7:04:2b:c8:de:9a:bb:82:e2:1f:63:8d:4a:2b:71:5b:66:0b:
         12:73:fd:30:b1:64:ab:c5:bb:d6:27:19:5e:08:fe:fa:9b:69:
         a5:6f:97:ab:a8:72:1a:60:10:db:39:ad:23:0e:63:f5:5c:17:
         31:86:68:65:21:64:a9:75:3c:cb:40:f9:da:3e:8c:8f:cb:bf:
         2f:32:b3:23:60:75:75:88:9d:eb:5e:cf:7e:71:08:50:56:f6:
         53:90:ee:ef:20:0e:02:b5:e5:4a:7f:97:35:3f:54:ec:3f:f4:
         70:1b:cd:6e:cd:36:cc:55:61:a5:18:53:96:92:f6:ed:83:b8:
         fb:bb:ff:ae:9a:ea:e0:1a:23:c1:22:36:d6:95:25:e6:20:90:
         8a:17:5e:4a:8f:9a:1b:20:d4:06:78:21:4c:5b:d0:91:5d:f9:
         86:f7:58:ed:28:8d:5a:21:30:a7:16:d5:b7:9d:13:ce:f8:63:
         f7:e9:a4:20:9c:11:02:39:e9:75:31:2f:25:38:d8:bd:d5:65:
         2c:08:3b:3b:c8:33:7a:99:e2:cf:8b:e5:bd:b3:ee:e0:f3:3d:
         af:61:65:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYqDaT7LaTEdQAiwSZINBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUxMTA0MTUwMDU0WhcNMjUxMTA1MTUwMDU0WjAzMTEwLwYDVQQD
EygxZjUwNGY5YTc3NmZlZTQ3NWJlZjdjZmRkZTY3MzA5YmQyODYxODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ2O0QgVPdxXtc/ArAby+0o3MsnP
HO/S/IYjrLL+Zotdfk7NRQQyTOQKjGjai67WlgE6wRFmdJTe/KeK3GsrwxiqkrPL
xIsPg0ewq67b8hRxbLjwj+6IwgylSeqLyAuWBo6B3+dqyAN4BXmMxQQTj27MJ0Ag
chuKBqXxe9EPeNYp4rpiJGwYTY71h5FCw6ovdKBDIKAiYT0/cYWFZSinmk4OxqWY
5Xg6u30ex/KsimN735XT6Le93Xj5JlgQRXyhp+iThw1X/i6o7eiZ/EHyxAhxDEt/
e+z5FgZjhIkWmLmwgTkMcAM48e15dLHrG37oorNp3h5xCQoRs84bWajLRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9QT5p3b+5HW+98/d5nMJvShhhdMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC1OQ32bp
Z0LQb1CYZZXMww72PXYGcaHC6UAUUbBz78iA6+WtxwQryN6au4LiH2ONSitxW2YL
EnP9MLFkq8W71icZXgj++ptppW+Xq6hyGmAQ2zmtIw5j9VwXMYZoZSFkqXU8y0D5
2j6Mj8u/LzKzI2B1dYid617PfnEIUFb2U5Du7yAOArXlSn+XNT9U7D/0cBvNbs02
zFVhpRhTlpL27YO4+7v/rprq4BojwSI21pUl5iCQihdeSo+aGyDUBnghTFvQkV35
hvdY7SiNWiEwpxbVt50Tzvhj9+mkIJwRAjnpdTEvJTjYvdVlLAg7O8gzepniz4vl
vbPu4PM9r2Fl+A==
-----END CERTIFICATE-----