Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
File:                     Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft (raw, json)
Hash identifier:          DNS2EL4iuXQ59D5PMr94lJzQ4pM8KmqGH8qTg8QRv1A=
Subject key identifier:   0A:43:9C:59:00:57:D2:C8:1D:D0:04:02:B4:26:DF:EA:4F:E2:F1:F2
Authority key identifier: 1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
Certificate issuer:       /CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Certificate serial:       019776E57FA397FA3F66C5180CE4C27FBFE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
Manifest number:          15A2
Signing time:             Mon 16 Jun 2025 04:00:41 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:41 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:41 +0000
Files and hashes:         1: Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl (hash: 8g62UAy8NvvAMAyJBZ+F58Lc/LQd0wlvKX/6q/ECMBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:7f:a3:97:fa:3f:66:c5:18:0c:e4:c2:7f:bf:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
        Validity
            Not Before: Jun 16 04:00:41 2025 GMT
            Not After : Jun 17 04:00:41 2025 GMT
        Subject: CN=0a439c590057d2c81dd00402b426dfea4fe2f1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:79:02:5d:56:b2:66:34:a0:e1:e2:35:85:61:
                    0f:5c:77:d7:04:d7:31:59:6d:b4:b9:38:cf:7f:8f:
                    12:e5:db:04:16:0b:b6:2c:10:c0:ec:ac:7c:fc:47:
                    da:af:4a:3b:e2:40:9a:e2:8e:a0:8f:45:8f:c9:f1:
                    53:7b:46:5e:7e:f1:cc:84:63:f8:4e:da:48:f5:b0:
                    95:df:04:ff:d8:88:cd:e9:f3:25:10:ff:53:ef:c6:
                    fa:80:4b:33:73:04:37:a9:3f:7b:56:e9:f5:05:2b:
                    12:25:d6:41:5e:d3:20:0c:5e:77:0e:37:4c:4e:e6:
                    d6:ad:18:6d:94:ac:4e:0f:9b:af:42:43:03:44:24:
                    31:b5:51:10:3a:76:48:75:3f:7e:9b:0b:e8:36:08:
                    00:72:21:b0:31:20:2a:a0:d8:47:1c:82:0c:fe:7a:
                    7a:ef:7b:f9:f9:cd:f1:af:1e:b2:54:c9:9f:f4:5a:
                    52:d7:b6:99:12:92:89:f4:5d:67:40:fb:89:05:3e:
                    1d:56:e0:02:64:f5:01:1f:0c:2e:37:21:93:4f:69:
                    97:fb:47:c9:60:b3:71:bf:61:2f:87:0d:e3:3d:0c:
                    fa:f2:f9:e3:5e:9b:45:f1:cc:e7:c5:c6:97:39:4c:
                    e9:85:a5:e6:cc:dd:f4:14:97:96:4f:ee:4f:1f:91:
                    5a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:43:9C:59:00:57:D2:C8:1D:D0:04:02:B4:26:DF:EA:4F:E2:F1:F2
            X509v3 Authority Key Identifier:
                keyid:1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:62:6c:89:9e:10:51:bc:2d:d3:d3:5e:75:75:f3:0e:41:21:
         23:43:72:25:97:12:34:bc:94:b2:28:53:72:c1:2b:a5:3f:0c:
         d9:d2:19:87:7f:0e:df:77:40:f2:f0:b4:92:80:69:dc:24:6c:
         ee:f8:78:b7:06:a5:fe:b5:23:b7:65:5d:73:ee:d5:b9:ac:06:
         f2:8a:df:9d:04:51:a5:d8:6e:3c:e3:5a:4c:69:11:6b:0b:38:
         ff:36:cd:b7:21:4e:8f:e9:70:e3:84:34:a7:a1:09:d0:cb:85:
         14:91:86:ec:d5:61:0a:b7:54:a9:d1:ae:c8:d0:10:e8:e4:4b:
         3f:98:96:a4:9b:98:51:c3:1b:69:ab:3e:69:1b:9c:ea:c1:ab:
         27:c6:a7:99:11:cd:51:66:af:36:f6:70:27:3d:a6:c1:a1:1d:
         0e:18:d0:af:dc:9c:ae:fd:48:1f:37:c0:31:82:33:87:41:db:
         fc:e7:1d:4e:2c:b2:2e:86:c8:0e:9d:7b:9b:10:49:7f:1a:a3:
         e3:59:b7:49:a2:99:0a:68:6f:d6:77:3e:6c:11:b1:13:9d:bc:
         1b:e5:e2:09:91:2d:05:1c:fe:e5:21:8e:d7:93:c7:d9:43:ff:
         6c:3c:c0:c2:f9:fd:31:8a:a2:e6:3c:d7:63:83:8b:97:51:fd:
         df:41:bc:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25X+jl/o/ZsUYDOTCf7/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMzkyZGZjNmJhMmQzMTg2ZDMyNjljNzA5MWI3MDE5ODE1
MzQ1ZDMwHhcNMjUwNjE2MDQwMDQxWhcNMjUwNjE3MDQwMDQxWjAzMTEwLwYDVQQD
EygwYTQzOWM1OTAwNTdkMmM4MWRkMDA0MDJiNDI2ZGZlYTRmZTJmMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XkCXVayZjSg4eI1hWEPXHfXBNcx
WW20uTjPf48S5dsEFgu2LBDA7Kx8/Efar0o74kCa4o6gj0WPyfFTe0ZefvHMhGP4
TtpI9bCV3wT/2IjN6fMlEP9T78b6gEszcwQ3qT97Vun1BSsSJdZBXtMgDF53DjdM
TubWrRhtlKxOD5uvQkMDRCQxtVEQOnZIdT9+mwvoNggAciGwMSAqoNhHHIIM/np6
73v5+c3xrx6yVMmf9FpS17aZEpKJ9F1nQPuJBT4dVuACZPUBHwwuNyGTT2mX+0fJ
YLNxv2Evhw3jPQz68vnjXptF8cznxcaXOUzphaXmzN30FJeWT+5PH5FaWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApDnFkAV9LIHdAEArQm3+pP4vHyMB8GA1UdIwQY
MBaAFBo5LfxrotMYbTJpxwkbcBmBU0XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYt
MmYzNjVmMjJhMThjLzEvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYtMmYzNjVmMjJhMThj
LzEvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGJsiZ4Q
Ubwt09NedXXzDkEhI0NyJZcSNLyUsihTcsErpT8M2dIZh38O33dA8vC0koBp3CRs
7vh4twal/rUjt2Vdc+7VuawG8orfnQRRpdhuPONaTGkRaws4/zbNtyFOj+lw44Q0
p6EJ0MuFFJGG7NVhCrdUqdGuyNAQ6ORLP5iWpJuYUcMbaas+aRuc6sGrJ8anmRHN
UWavNvZwJz2mwaEdDhjQr9ycrv1IHzfAMYIzh0Hb/OcdTiyyLobIDp17mxBJfxqj
41m3SaKZCmhv1nc+bBGxE528G+XiCZEtBRz+5SGO15PH2UP/bDzAwvn9MYqi5jzX
Y4OLl1H930G8CQ==
-----END CERTIFICATE-----