Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
File:                     Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft (raw, json)
Hash identifier:          ASRgoXwZGrVnoXhjSt8NaQn/lP2WEka9hS4SVahbvpM=
Subject key identifier:   20:DC:01:9C:2D:1A:25:77:D5:7A:BB:32:47:63:5A:2B:45:8D:61:44
Authority key identifier: 1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
Certificate issuer:       /CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Certificate serial:       019873E306DE2262B65C19D280BC7A3DFF28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
Manifest number:          1625
Signing time:             Mon 04 Aug 2025 07:01:54 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:54 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:54 +0000
Files and hashes:         1: Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl (hash: o+w5zNglI4BfVg1DMVI6L9hnKbkcSzkvUUu8HYDUqXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:06:de:22:62:b6:5c:19:d2:80:bc:7a:3d:ff:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
        Validity
            Not Before: Aug  4 07:01:54 2025 GMT
            Not After : Aug  5 07:01:54 2025 GMT
        Subject: CN=20dc019c2d1a2577d57abb3247635a2b458d6144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:91:92:9c:fd:51:b6:5d:76:3c:c5:c5:59:a5:
                    58:a9:d8:8e:cb:fd:e2:09:90:25:e9:ad:5d:6f:fe:
                    dc:62:03:d5:2d:84:a9:e7:7e:e2:a8:68:f2:1b:c4:
                    58:aa:a1:f2:c3:1e:2d:f6:3d:0a:26:a3:46:df:e2:
                    cc:fc:b2:19:69:e0:c9:aa:ff:c5:1d:f3:49:29:a0:
                    e0:8b:ab:3b:43:7f:06:47:cf:4c:f7:9c:bf:60:e6:
                    c7:5c:45:ab:0a:e5:44:97:d2:a1:90:da:8e:63:b1:
                    91:09:c8:ef:0a:29:86:b0:84:85:3e:48:9f:fb:a4:
                    e7:2c:41:3e:1c:e0:da:3f:bd:06:4b:1e:44:2a:a7:
                    5a:bf:08:6a:4e:fc:ec:7b:04:82:4f:7f:ad:8c:55:
                    42:1f:23:f4:87:ac:50:55:ef:9b:48:2c:f0:85:3e:
                    89:65:4e:01:fc:3f:82:5f:6d:ad:55:61:85:6b:62:
                    f7:cf:10:b4:c3:9a:2f:aa:01:21:49:c5:cf:19:81:
                    83:1b:31:39:96:98:27:8f:3b:4f:7f:01:c2:7d:ff:
                    97:7e:6f:f3:cd:ee:7e:90:e3:2c:2c:52:56:3b:f7:
                    24:22:c5:90:48:08:26:6c:81:6a:10:8b:7a:f6:4f:
                    82:1f:d7:b3:16:fd:4c:bd:e3:b7:a5:72:32:5f:f2:
                    2c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DC:01:9C:2D:1A:25:77:D5:7A:BB:32:47:63:5A:2B:45:8D:61:44
            X509v3 Authority Key Identifier:
                keyid:1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:07:ca:1d:7a:50:11:f2:12:aa:30:1a:34:38:c2:fb:f3:96:
         4b:27:31:77:03:4a:ac:34:2b:40:0b:bf:c7:3d:ae:4a:d6:22:
         fc:97:3e:00:2a:f2:7d:ad:6a:7d:87:02:a2:d7:32:b9:1b:8d:
         37:9d:9e:d1:7f:8a:35:b4:f0:e7:e0:80:4d:d2:bc:7c:33:4e:
         51:16:07:9e:e8:69:75:ff:c0:ca:5f:60:6a:2a:6a:f5:8d:eb:
         23:4a:f7:1f:bb:8b:14:49:81:11:b6:2d:7d:ac:f7:c3:02:09:
         85:db:fc:12:21:e6:b9:87:3d:40:12:8c:5e:4e:d3:9b:f2:c7:
         21:26:dd:5b:92:3e:af:50:6c:31:f4:70:a1:63:4e:63:53:44:
         b3:12:5d:ec:e9:84:a9:28:7b:5d:d1:cd:b3:cd:54:47:05:cf:
         7e:bc:fc:db:cb:98:d9:97:6d:a8:e0:e8:b4:13:31:d3:94:12:
         f2:8d:eb:95:65:f1:f2:40:89:96:2c:96:1e:d5:1c:f6:11:94:
         82:97:0c:0d:5d:aa:d5:19:bd:57:ba:87:49:47:6b:af:b2:26:
         29:b0:a5:51:6d:92:78:90:1a:7c:4b:ac:da:43:a1:63:0c:19:
         6a:de:df:28:b5:09:2e:7c:ce:9d:26:d7:20:0f:59:2a:f5:f0:
         71:f2:a6:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4wbeImK2XBnSgLx6Pf8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMzkyZGZjNmJhMmQzMTg2ZDMyNjljNzA5MWI3MDE5ODE1
MzQ1ZDMwHhcNMjUwODA0MDcwMTU0WhcNMjUwODA1MDcwMTU0WjAzMTEwLwYDVQQD
EygyMGRjMDE5YzJkMWEyNTc3ZDU3YWJiMzI0NzYzNWEyYjQ1OGQ2MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJGSnP1Rtl12PMXFWaVYqdiOy/3i
CZAl6a1db/7cYgPVLYSp537iqGjyG8RYqqHywx4t9j0KJqNG3+LM/LIZaeDJqv/F
HfNJKaDgi6s7Q38GR89M95y/YObHXEWrCuVEl9KhkNqOY7GRCcjvCimGsISFPkif
+6TnLEE+HODaP70GSx5EKqdavwhqTvzsewSCT3+tjFVCHyP0h6xQVe+bSCzwhT6J
ZU4B/D+CX22tVWGFa2L3zxC0w5ovqgEhScXPGYGDGzE5lpgnjztPfwHCff+Xfm/z
ze5+kOMsLFJWO/ckIsWQSAgmbIFqEIt69k+CH9ezFv1MveO3pXIyX/IsIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDcAZwtGiV31Xq7MkdjWitFjWFEMB8GA1UdIwQY
MBaAFBo5LfxrotMYbTJpxwkbcBmBU0XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYt
MmYzNjVmMjJhMThjLzEvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYtMmYzNjVmMjJhMThj
LzEvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgfKHXpQ
EfISqjAaNDjC+/OWSycxdwNKrDQrQAu/xz2uStYi/Jc+ACryfa1qfYcCotcyuRuN
N52e0X+KNbTw5+CATdK8fDNOURYHnuhpdf/Ayl9gaipq9Y3rI0r3H7uLFEmBEbYt
faz3wwIJhdv8EiHmuYc9QBKMXk7Tm/LHISbdW5I+r1BsMfRwoWNOY1NEsxJd7OmE
qSh7XdHNs81URwXPfrz828uY2ZdtqODotBMx05QS8o3rlWXx8kCJliyWHtUc9hGU
gpcMDV2q1Rm9V7qHSUdrr7ImKbClUW2SeJAafEus2kOhYwwZat7fKLUJLnzOnSbX
IA9ZKvXwcfKmMQ==
-----END CERTIFICATE-----