Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          k4KzYPzDUalZt8epNgaLWAT+nGguCjhYJXtc1iF8gDM=
Subject key identifier:   DF:1D:67:1D:1B:3B:B5:02:69:99:1F:99:26:13:2B:8A:75:3F:16:F2
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       019A4EF4E28EE0D9070FA5CCE70B24E89F11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          15F9
Signing time:             Tue 04 Nov 2025 13:01:02 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:02 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:02 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: oNxrX9z6DmXs3AT+2yD3NucnEHbrpa7gXG/IClY2g4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:e2:8e:e0:d9:07:0f:a5:cc:e7:0b:24:e8:9f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Nov  4 13:01:02 2025 GMT
            Not After : Nov  5 13:01:02 2025 GMT
        Subject: CN=df1d671d1b3bb50269991f9926132b8a753f16f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:2e:6c:8e:cc:4b:a7:6f:b4:65:0b:3d:07:e4:
                    ef:cb:c0:f8:34:4e:11:ca:17:76:fe:ed:a6:02:5a:
                    e8:3e:be:f7:32:b4:92:e4:26:3d:ba:80:96:f9:65:
                    04:8a:59:50:c3:5a:57:ab:f6:2e:60:24:95:4a:a7:
                    6d:3a:41:bb:a3:9f:33:4a:5f:e4:dc:16:81:fb:18:
                    c3:ec:26:b2:10:4c:99:1a:19:5e:cb:b7:24:aa:89:
                    65:19:ef:a2:c3:ef:0e:cd:22:64:f1:80:b8:28:31:
                    c6:a2:e0:cd:30:d4:1f:e9:89:69:48:8f:89:df:4f:
                    1d:1f:ce:14:4b:5e:55:a6:64:34:fa:d9:df:19:f1:
                    f6:89:e0:b3:2a:ad:d2:ae:30:dc:8b:07:3b:8c:45:
                    9e:a6:50:a0:cb:e2:11:0c:4a:a0:cd:01:91:d6:5b:
                    43:97:e2:22:30:7f:df:a1:a7:bd:c1:86:d1:27:94:
                    ff:99:59:37:34:78:c7:a4:16:34:49:42:ac:93:8e:
                    74:17:cc:17:54:3d:8f:9f:33:0b:35:2a:07:86:09:
                    16:13:8d:a7:3f:09:96:00:ee:5a:a1:f9:3a:34:4f:
                    c4:aa:74:ca:b4:f2:0a:84:a9:da:47:27:a9:47:ff:
                    9d:6c:7a:2e:89:cd:83:1a:3a:de:95:f8:c5:64:04:
                    09:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1D:67:1D:1B:3B:B5:02:69:99:1F:99:26:13:2B:8A:75:3F:16:F2
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:84:a7:fe:19:0f:09:2a:b8:3b:28:0a:05:d4:0f:8e:0c:e9:
         ea:e0:71:fb:d6:e0:aa:cb:55:78:4c:20:be:cf:78:4d:2f:ed:
         8b:4d:24:d7:5b:05:9a:50:4b:01:f6:32:36:5c:6c:0b:9b:32:
         a6:03:d1:d8:81:a3:a2:4f:3d:55:d3:cd:88:36:aa:64:8d:5e:
         83:15:f2:a4:8c:2a:a3:bd:86:67:0f:81:4f:40:69:ce:96:0e:
         8c:c3:ed:30:c9:a1:f4:81:2c:ff:b7:a5:19:49:78:84:a0:2e:
         63:30:73:b8:d7:3d:d7:98:d0:34:69:8d:b2:4e:22:68:4d:21:
         32:4e:2d:db:d4:d4:9e:ce:f1:a1:e8:4d:4d:31:c2:0b:a9:60:
         72:1c:4e:4e:21:dc:ef:fc:9f:ad:6b:c0:4d:38:a2:5b:0a:a6:
         35:1e:e6:34:39:f2:f5:66:8d:19:fe:5e:24:99:cb:d6:61:2e:
         64:2a:6a:58:42:6e:31:eb:ed:01:cd:78:88:59:7f:cc:ed:42:
         2f:d3:f0:77:4c:ce:c2:6a:2c:a3:b5:e1:5a:08:00:fc:dc:73:
         60:b1:88:33:00:61:35:47:cf:46:f3:ad:61:6e:c4:3c:78:6b:
         f1:d5:93:1d:06:d5:db:f2:a0:71:e3:b8:e4:92:44:ee:88:3c:
         f6:cc:9a:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9OKO4NkHD6XM5wsk6J8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUxMTA0MTMwMTAyWhcNMjUxMTA1MTMwMTAyWjAzMTEwLwYDVQQD
EyhkZjFkNjcxZDFiM2JiNTAyNjk5OTFmOTkyNjEzMmI4YTc1M2YxNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y5sjsxLp2+0ZQs9B+Tvy8D4NE4R
yhd2/u2mAlroPr73MrSS5CY9uoCW+WUEillQw1pXq/YuYCSVSqdtOkG7o58zSl/k
3BaB+xjD7CayEEyZGhley7ckqollGe+iw+8OzSJk8YC4KDHGouDNMNQf6YlpSI+J
308dH84US15VpmQ0+tnfGfH2ieCzKq3SrjDciwc7jEWeplCgy+IRDEqgzQGR1ltD
l+IiMH/foae9wYbRJ5T/mVk3NHjHpBY0SUKsk450F8wXVD2PnzMLNSoHhgkWE42n
PwmWAO5aofk6NE/EqnTKtPIKhKnaRyepR/+dbHouic2DGjrelfjFZAQJ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8dZx0bO7UCaZkfmSYTK4p1PxbyMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcISn/hkP
CSq4OygKBdQPjgzp6uBx+9bgqstVeEwgvs94TS/ti00k11sFmlBLAfYyNlxsC5sy
pgPR2IGjok89VdPNiDaqZI1egxXypIwqo72GZw+BT0BpzpYOjMPtMMmh9IEs/7el
GUl4hKAuYzBzuNc915jQNGmNsk4iaE0hMk4t29TUns7xoehNTTHCC6lgchxOTiHc
7/yfrWvATTiiWwqmNR7mNDny9WaNGf5eJJnL1mEuZCpqWEJuMevtAc14iFl/zO1C
L9Pwd0zOwmoso7XhWggA/NxzYLGIMwBhNUfPRvOtYW7EPHhr8dWTHQbV2/KgceO4
5JJE7og89syaTQ==
-----END CERTIFICATE-----