Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
File:                     gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json)
Hash identifier:          PnIhBP+NUzaS18VUPebSa4roT74oWviaINUlgjrZii0=
Subject key identifier:   50:B7:7D:B1:5B:05:7D:50:8A:3C:2F:67:A1:2D:7A:C1:DC:76:0E:33
Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23
Certificate issuer:       /CN=813a42838d2e45ed5dad4114606d9729a6501d23
Certificate serial:       019895246FC22FF7005F886B7EC064D94E1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
Manifest number:          0E87
Signing time:             Sun 10 Aug 2025 18:00:49 +0000
Manifest this update:     Sun 10 Aug 2025 18:00:49 +0000
Manifest next update:     Mon 11 Aug 2025 18:00:49 +0000
Files and hashes:         1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: j89+GH7mHCN30Wz++Q7jmAjQjmWdf9sQXAKsh+KT3AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:24:6f:c2:2f:f7:00:5f:88:6b:7e:c0:64:d9:4e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23
        Validity
            Not Before: Aug 10 18:00:49 2025 GMT
            Not After : Aug 11 18:00:49 2025 GMT
        Subject: CN=50b77db15b057d508a3c2f67a12d7ac1dc760e33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fd:93:9a:eb:c1:b5:3e:57:c9:e4:35:ec:70:
                    a2:07:c3:eb:c2:9d:5b:c1:f9:2b:57:90:dd:af:00:
                    31:ab:45:35:fa:57:20:cc:10:53:7e:d0:6f:c3:f1:
                    ac:85:11:8f:54:88:9f:8e:34:30:bc:01:d6:a4:d7:
                    9b:19:88:6d:17:df:c1:05:df:03:bf:14:a7:9a:70:
                    30:ad:3f:fb:79:2d:5e:22:ab:37:81:d0:63:67:8f:
                    84:03:37:1a:83:22:a2:e9:29:e7:f9:d5:0f:79:95:
                    97:2a:ae:d9:7a:50:75:5a:30:c5:d6:cc:5d:35:66:
                    ff:52:30:ae:3c:19:21:a8:4c:89:bd:bc:9b:bf:f6:
                    d7:21:1e:66:2f:3d:fd:d2:cb:ec:f5:82:c1:bf:52:
                    c4:a7:5e:b5:9e:7e:b7:8f:a8:ed:ed:cc:81:c1:e1:
                    0c:c7:6a:8d:0e:f0:ae:70:bc:8d:90:4f:f0:b9:49:
                    5a:0f:39:94:c1:75:0f:3e:dc:97:5b:1d:1a:1c:ad:
                    ea:80:48:28:55:c3:a6:5b:a7:a4:7b:60:34:b0:ba:
                    77:a1:e0:81:64:4a:99:d0:1e:76:d0:0c:ba:4e:e2:
                    db:cd:0b:fd:5f:60:83:e5:dd:4c:e0:f4:77:2a:b5:
                    31:56:22:02:59:ea:e6:0a:86:ab:44:c9:7e:89:7f:
                    11:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:B7:7D:B1:5B:05:7D:50:8A:3C:2F:67:A1:2D:7A:C1:DC:76:0E:33
            X509v3 Authority Key Identifier:
                keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:39:4f:a3:c8:83:c3:5e:6c:3d:47:c5:c8:9f:d7:b1:87:fb:
         cd:c7:ab:57:34:b0:87:fc:22:4c:fc:ff:ee:81:6e:e7:1e:20:
         2c:69:68:40:05:e4:41:21:04:d1:d8:32:af:47:13:80:4b:49:
         67:9e:f5:44:3e:92:45:1b:57:f8:67:4a:d2:bf:b7:da:9c:c6:
         8c:0c:65:e2:e3:91:c0:c3:e0:cf:ca:f1:bc:ea:e9:5c:6c:87:
         10:6e:4a:ff:c4:09:d7:18:a2:50:93:04:42:9b:d0:65:4d:4f:
         92:5e:91:09:2f:60:27:97:ba:59:6b:03:33:3d:5e:96:3d:bf:
         61:bc:f2:91:ca:4a:07:64:aa:83:5e:0d:59:b0:36:a8:06:c2:
         cd:ce:11:de:20:df:d8:6c:32:17:a3:85:8a:a8:fa:90:d8:39:
         42:fc:3f:6e:05:9f:c3:84:b1:f3:87:14:cc:59:94:67:1f:bc:
         95:2a:52:2f:a5:57:76:99:0b:65:c6:90:17:85:53:9b:2d:58:
         db:f1:f5:95:45:2a:df:54:a2:50:8b:86:24:be:81:80:86:a1:
         eb:d4:36:82:d6:ce:4b:16:b8:b7:2e:de:a7:7e:1b:e3:a1:51:
         46:33:8a:1f:e3:3b:7d:c6:7f:66:e9:6f:a9:2a:e6:24:6b:94:
         4c:ce:e5:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVJG/CL/cAX4hrfsBk2U4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1
MDFkMjMwHhcNMjUwODEwMTgwMDQ5WhcNMjUwODExMTgwMDQ5WjAzMTEwLwYDVQQD
Eyg1MGI3N2RiMTViMDU3ZDUwOGEzYzJmNjdhMTJkN2FjMWRjNzYwZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf2TmuvBtT5XyeQ17HCiB8Prwp1b
wfkrV5DdrwAxq0U1+lcgzBBTftBvw/GshRGPVIifjjQwvAHWpNebGYhtF9/BBd8D
vxSnmnAwrT/7eS1eIqs3gdBjZ4+EAzcagyKi6Snn+dUPeZWXKq7ZelB1WjDF1sxd
NWb/UjCuPBkhqEyJvbybv/bXIR5mLz390svs9YLBv1LEp161nn63j6jt7cyBweEM
x2qNDvCucLyNkE/wuUlaDzmUwXUPPtyXWx0aHK3qgEgoVcOmW6eke2A0sLp3oeCB
ZEqZ0B520Ay6TuLbzQv9X2CD5d1M4PR3KrUxViICWermCoarRMl+iX8R3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFC3fbFbBX1QijwvZ6EtesHcdg4zMB8GA1UdIwQY
MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct
NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz
LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzlPo8iD
w15sPUfFyJ/XsYf7zcerVzSwh/wiTPz/7oFu5x4gLGloQAXkQSEE0dgyr0cTgEtJ
Z571RD6SRRtX+GdK0r+32pzGjAxl4uORwMPgz8rxvOrpXGyHEG5K/8QJ1xiiUJME
QpvQZU1Pkl6RCS9gJ5e6WWsDMz1elj2/YbzykcpKB2Sqg14NWbA2qAbCzc4R3iDf
2GwyF6OFiqj6kNg5Qvw/bgWfw4Sx84cUzFmUZx+8lSpSL6VXdpkLZcaQF4VTmy1Y
2/H1lUUq31SiUIuGJL6BgIah69Q2gtbOSxa4ty7ep34b46FRRjOKH+M7fcZ/Zulv
qSrmJGuUTM7lYQ==
-----END CERTIFICATE-----