Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
File:                     GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft (raw, json)
Hash identifier:          ooPtIirg+tLrAS56UMFrphhTYD1WMrqJkSedIvO908I=
Subject key identifier:   96:BE:F8:39:36:1A:DE:DF:57:A7:4C:1B:66:B0:A3:2F:77:7A:0F:0F
Authority key identifier: 18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97
Certificate issuer:       /CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
Certificate serial:       019675675839E52F1CA6A71B4EE91FF349BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
Manifest number:          07D6
Signing time:             Sun 27 Apr 2025 04:00:29 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:29 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:29 +0000
Files and hashes:         1: GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl (hash: w6tJe4fhMR+QXpoDSb7qZIxIDbFmoaygEMBMbL6ZLe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:58:39:e5:2f:1c:a6:a7:1b:4e:e9:1f:f3:49:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1841c77f0c799ac9c2719d7f8c6982c43143e497
        Validity
            Not Before: Apr 27 04:00:29 2025 GMT
            Not After : Apr 28 04:00:29 2025 GMT
        Subject: CN=96bef839361adedf57a74c1b66b0a32f777a0f0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a7:7e:c3:6f:4e:42:a3:30:f3:e5:ae:42:ef:
                    e5:f5:44:35:46:50:3c:6c:ac:60:bc:28:8a:7a:98:
                    74:cc:7d:7d:6c:08:d2:6c:bc:e9:67:7e:a9:b0:ad:
                    5e:04:f0:e5:09:39:24:c4:4e:a2:c5:5d:7e:f6:b5:
                    a5:dd:b6:a3:c4:9d:12:86:d3:64:b7:45:4b:84:65:
                    48:4a:45:d7:3c:20:34:47:e4:f5:16:02:9d:4e:ba:
                    67:4f:76:e0:7c:20:a7:71:fe:61:5b:f7:0b:de:f1:
                    16:95:b6:1b:11:b6:b0:7a:a2:8a:54:f9:02:06:ee:
                    aa:95:4a:fe:0f:6e:48:ab:89:11:37:6c:79:c7:3a:
                    18:b4:fe:67:d8:58:b3:2b:a1:63:83:e8:c0:46:61:
                    fe:b8:91:bd:65:85:b7:73:ea:ab:a4:da:a7:19:6a:
                    71:7b:1e:c7:f9:2e:e1:6e:89:f1:e0:a9:fa:a2:58:
                    a1:62:79:6e:29:eb:18:5e:a5:65:bd:fb:ac:fb:58:
                    e8:4d:81:d2:48:14:ee:75:e7:7a:83:06:6a:2d:20:
                    78:a9:85:f0:f1:99:fd:b1:bc:b1:1f:e1:b0:56:31:
                    39:80:26:d1:10:9d:80:f1:74:b0:64:5c:d5:cb:01:
                    40:9f:41:5f:d0:05:bc:5b:64:09:0f:ef:a0:8a:14:
                    79:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:BE:F8:39:36:1A:DE:DF:57:A7:4C:1B:66:B0:A3:2F:77:7A:0F:0F
            X509v3 Authority Key Identifier:
                keyid:18:41:C7:7F:0C:79:9A:C9:C2:71:9D:7F:8C:69:82:C4:31:43:E4:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9dcbd0-513b-4beb-b065-4e8f5960b19b/1/GEHHfwx5msnCcZ1_jGmCxDFD5Jc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:aa:e8:42:b9:40:52:62:4f:d1:aa:1b:5e:f8:54:26:ac:77:
         77:e3:d9:a5:12:3a:3f:84:78:6a:e0:1a:c5:a4:96:27:71:8c:
         dc:97:cb:74:df:64:c9:2e:c8:6a:18:ba:82:8d:bd:6b:01:bb:
         6e:18:f4:14:0f:84:f1:5a:aa:06:95:ca:2c:d4:9c:79:9a:1b:
         b5:0b:7b:7d:20:b9:c4:bd:a0:37:e2:ed:e6:fe:e3:94:41:34:
         62:e1:63:36:d3:b3:62:21:10:3e:81:1f:2e:3d:6e:aa:fb:f2:
         b5:ea:82:a1:be:f7:e3:d4:8d:88:e5:72:f1:3f:85:28:a0:24:
         c1:98:ef:7a:50:38:63:6f:7e:65:6f:9b:6e:82:97:cb:88:71:
         80:75:fe:0e:49:eb:65:9d:40:3c:13:96:0e:b4:60:9f:a9:ce:
         e0:e8:87:68:fd:e1:89:c0:d0:c5:15:48:1c:a0:c0:41:d5:74:
         d5:f5:6f:b9:ee:66:ab:f4:0b:51:d5:3b:71:7a:91:19:b7:f9:
         f4:a6:64:d0:1c:55:30:08:aa:f1:73:6b:08:b7:a9:4d:8a:26:
         fb:51:44:7e:a8:30:e4:2d:57:fc:74:53:cd:f6:ec:26:70:5e:
         22:0a:54:2d:3a:87:56:f1:3f:de:a9:68:f6:e9:77:02:92:bb:
         b5:70:12:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z1g55S8cpqcbTukf80m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDFjNzdmMGM3OTlhYzljMjcxOWQ3ZjhjNjk4MmM0MzE0
M2U0OTcwHhcNMjUwNDI3MDQwMDI5WhcNMjUwNDI4MDQwMDI5WjAzMTEwLwYDVQQD
Eyg5NmJlZjgzOTM2MWFkZWRmNTdhNzRjMWI2NmIwYTMyZjc3N2EwZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqd+w29OQqMw8+WuQu/l9UQ1RlA8
bKxgvCiKeph0zH19bAjSbLzpZ36psK1eBPDlCTkkxE6ixV1+9rWl3bajxJ0ShtNk
t0VLhGVISkXXPCA0R+T1FgKdTrpnT3bgfCCncf5hW/cL3vEWlbYbEbaweqKKVPkC
Bu6qlUr+D25Iq4kRN2x5xzoYtP5n2FizK6Fjg+jARmH+uJG9ZYW3c+qrpNqnGWpx
ex7H+S7hbonx4Kn6olihYnluKesYXqVlvfus+1joTYHSSBTuded6gwZqLSB4qYXw
8Zn9sbyxH+GwVjE5gCbREJ2A8XSwZFzVywFAn0Ff0AW8W2QJD++gihR5CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJa++Dk2Gt7fV6dMG2awoy93eg8PMB8GA1UdIwQY
MBaAFBhBx38MeZrJwnGdf4xpgsQxQ+SXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUt
NGU4ZjU5NjBiMTliLzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZGNiZDAtNTEzYi00YmViLWIwNjUtNGU4ZjU5NjBiMTli
LzEvR0VISGZ3eDVtc25DY1oxX2pHbUN4REZENUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKroQrlA
UmJP0aobXvhUJqx3d+PZpRI6P4R4auAaxaSWJ3GM3JfLdN9kyS7Iahi6go29awG7
bhj0FA+E8VqqBpXKLNSceZobtQt7fSC5xL2gN+Lt5v7jlEE0YuFjNtOzYiEQPoEf
Lj1uqvvyteqCob7349SNiOVy8T+FKKAkwZjvelA4Y29+ZW+bboKXy4hxgHX+Dknr
ZZ1APBOWDrRgn6nO4OiHaP3hicDQxRVIHKDAQdV01fVvue5mq/QLUdU7cXqRGbf5
9KZk0BxVMAiq8XNrCLepTYom+1FEfqgw5C1X/HRTzfbsJnBeIgpULTqHVvE/3qlo
9ul3ApK7tXASBg==
-----END CERTIFICATE-----