Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          sGr7Yh+j8o3hZ/W3AGeYge2pAw7XSjRxUY9OfArRjZ4=
Subject key identifier:   A1:18:24:6F:E6:19:AF:C0:95:B6:98:E4:A4:53:72:F7:6F:0F:B0:97
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       01988BB31A97D836E81612E94A1D42A35D70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 22:00:27 +0000
Manifest this update:     Fri 08 Aug 2025 22:00:27 +0000
Manifest next update:     Sat 09 Aug 2025 22:00:27 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: Y13sTOgX/K1LHeYcW8JDDj2xIB84bCg5n1kNfGFUOeA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:b3:1a:97:d8:36:e8:16:12:e9:4a:1d:42:a3:5d:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Aug  8 22:00:27 2025 GMT
            Not After : Aug  9 22:00:27 2025 GMT
        Subject: CN=a118246fe619afc095b698e4a45372f76f0fb097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:fa:81:8b:55:5c:1f:3f:27:26:a6:a5:66:f8:
                    4d:1e:3f:28:25:e4:2c:d9:2b:4b:16:68:28:e3:17:
                    5e:df:2e:02:57:54:1d:99:ee:2f:89:89:06:75:89:
                    5c:93:ee:f8:c5:61:ca:a7:85:b1:fa:7b:f3:39:e7:
                    ee:23:9a:0d:28:43:38:55:b8:d9:f9:61:a2:17:f1:
                    b1:b7:fb:91:e6:eb:8e:6a:15:13:ce:58:be:32:70:
                    9d:01:4a:07:76:3b:8f:b7:a6:0a:2c:ef:af:09:12:
                    84:b8:74:39:4d:a9:90:2d:cc:c2:8c:f5:b0:9e:33:
                    c1:d2:a0:12:fa:39:70:a5:93:4d:f5:76:1b:e3:a4:
                    ba:78:54:90:6e:e0:1d:85:32:62:54:a7:a1:2d:dd:
                    22:7c:6f:e3:3a:75:f2:fa:29:f9:9c:34:c6:83:6b:
                    30:51:44:b7:8b:1f:3b:16:65:a7:9e:91:30:78:ab:
                    4e:df:8b:8d:77:e2:28:f9:41:68:51:d8:68:8b:8a:
                    dc:9d:d6:10:7e:80:50:36:24:54:1d:56:82:5c:05:
                    30:83:1c:b3:73:74:b2:4d:b7:9d:a1:27:cd:ed:a9:
                    52:85:d4:2f:87:ad:f5:a1:8d:67:1d:03:1c:45:13:
                    b9:7a:fe:cf:a9:e6:4e:0b:46:0c:84:38:c6:ef:78:
                    0e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:18:24:6F:E6:19:AF:C0:95:B6:98:E4:A4:53:72:F7:6F:0F:B0:97
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:aa:30:d7:67:58:fb:4f:91:b4:ed:c1:c4:2c:56:c5:0a:eb:
         ac:25:5b:7b:2d:51:5e:fa:5f:d6:73:c0:64:a4:5a:85:db:e7:
         c1:7c:8f:9c:e4:79:8d:46:b3:8c:32:b7:cc:bc:55:c0:72:d3:
         09:b7:4a:3c:a2:90:e5:2c:fe:d7:bd:69:0e:db:c2:af:e4:f5:
         2c:cc:58:7d:56:61:dd:f7:f4:40:d4:3c:c0:5f:f0:62:7e:63:
         95:11:36:04:a1:e1:7b:2d:cb:b5:43:65:d4:41:a1:80:0d:b1:
         d7:b1:bd:24:aa:63:cd:54:b9:3c:19:ee:50:e1:2c:85:e1:4f:
         ec:e5:b4:c3:a4:ef:40:3c:ae:2e:7a:54:ca:94:2e:88:c0:0b:
         6d:66:64:c7:18:a0:d5:9d:6c:fb:fd:3d:d7:f4:1a:e0:e4:18:
         64:18:d4:1f:c3:f3:42:6d:ba:05:17:bd:f4:4f:a2:fa:a4:2c:
         dd:cb:72:2a:19:9f:6f:29:01:8e:b6:de:64:91:8e:81:f5:8f:
         0d:7c:bc:0a:70:67:81:e0:43:00:6f:7d:aa:14:79:3f:ea:df:
         10:b1:1c:7b:ad:ce:60:e3:80:90:61:6f:c8:29:dc:76:9b:c5:
         9b:36:81:16:f4:9e:fd:8a:bd:9a:1f:4c:a1:c8:78:00:da:37:
         b4:e9:8d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLsxqX2DboFhLpSh1Co11wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUwODA4MjIwMDI3WhcNMjUwODA5MjIwMDI3WjAzMTEwLwYDVQQD
EyhhMTE4MjQ2ZmU2MTlhZmMwOTViNjk4ZTRhNDUzNzJmNzZmMGZiMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/qBi1VcHz8nJqalZvhNHj8oJeQs
2StLFmgo4xde3y4CV1Qdme4viYkGdYlck+74xWHKp4Wx+nvzOefuI5oNKEM4VbjZ
+WGiF/Gxt/uR5uuOahUTzli+MnCdAUoHdjuPt6YKLO+vCRKEuHQ5TamQLczCjPWw
njPB0qAS+jlwpZNN9XYb46S6eFSQbuAdhTJiVKehLd0ifG/jOnXy+in5nDTGg2sw
UUS3ix87FmWnnpEweKtO34uNd+Io+UFoUdhoi4rcndYQfoBQNiRUHVaCXAUwgxyz
c3SyTbedoSfN7alShdQvh631oY1nHQMcRRO5ev7PqeZOC0YMhDjG73gOYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEYJG/mGa/AlbaY5KRTcvdvD7CXMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqow12dY
+0+RtO3BxCxWxQrrrCVbey1RXvpf1nPAZKRahdvnwXyPnOR5jUazjDK3zLxVwHLT
CbdKPKKQ5Sz+171pDtvCr+T1LMxYfVZh3ff0QNQ8wF/wYn5jlRE2BKHhey3LtUNl
1EGhgA2x17G9JKpjzVS5PBnuUOEsheFP7OW0w6TvQDyuLnpUypQuiMALbWZkxxig
1Z1s+/091/Qa4OQYZBjUH8PzQm26BRe99E+i+qQs3ctyKhmfbykBjrbeZJGOgfWP
DXy8CnBngeBDAG99qhR5P+rfELEce63OYOOAkGFvyCncdpvFmzaBFvSe/Yq9mh9M
och4ANo3tOmNxg==
-----END CERTIFICATE-----