Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          Tp8eEECHA9KiKY93tuT/xZ/YbzrStsiKf6/87xefErI=
Subject key identifier:   3C:67:5F:04:02:FE:CE:6C:FE:73:CE:A3:7D:09:65:2B:B5:64:D9:74
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       01988CFE22BA420291F73DBBA71F03325C01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          1510
Signing time:             Sat 09 Aug 2025 04:02:01 +0000
Manifest this update:     Sat 09 Aug 2025 04:02:01 +0000
Manifest next update:     Sun 10 Aug 2025 04:02:01 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: c0Gr7BzCVYyxHkjHbV6NAenWoKUAt0rftU5EsdQq+u8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 04:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:fe:22:ba:42:02:91:f7:3d:bb:a7:1f:03:32:5c:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Aug  9 04:02:01 2025 GMT
            Not After : Aug 10 04:02:01 2025 GMT
        Subject: CN=3c675f0402fece6cfe73cea37d09652bb564d974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c6:02:17:42:6c:fc:b6:1b:b2:98:0c:35:59:
                    1e:12:93:9d:6c:5a:08:a5:65:54:18:4e:39:77:31:
                    38:20:aa:c4:a3:05:44:da:d5:e4:30:4c:0a:51:d3:
                    d8:ac:8d:f3:ce:8a:df:d4:1f:fa:92:f4:ef:2f:3f:
                    45:e6:50:07:b7:6b:69:87:33:79:11:ac:29:ca:34:
                    a8:46:e6:5a:bb:fd:07:25:9e:9c:73:c0:77:23:95:
                    9e:24:bc:24:df:ae:94:ce:19:26:aa:66:6e:57:ed:
                    ba:cc:f9:f9:64:f7:36:0b:11:b8:74:99:bb:0e:36:
                    10:7a:fd:ad:de:a4:6e:94:cc:8b:5f:cc:4c:25:f0:
                    39:86:40:d3:18:5b:8f:fd:4e:80:d1:8a:a0:ab:12:
                    79:7a:e1:d6:f3:ad:83:13:7b:6d:c3:71:a4:22:13:
                    f9:c8:49:9b:4c:7e:33:68:b0:98:ab:81:54:52:c3:
                    7f:af:d8:7a:1b:04:ea:75:bb:54:1b:af:7b:d8:3b:
                    1c:06:05:30:6e:3b:a7:38:99:3b:92:29:02:1c:31:
                    84:27:2f:ed:11:3b:be:49:de:e2:3a:9b:6a:28:45:
                    c9:fc:ae:9a:6a:e0:bb:4e:7d:d9:bd:a3:31:39:42:
                    52:5e:ef:0f:db:63:8f:ef:5e:3b:02:0f:a6:dd:ef:
                    1c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:67:5F:04:02:FE:CE:6C:FE:73:CE:A3:7D:09:65:2B:B5:64:D9:74
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:19:51:7e:56:cb:05:1c:24:5d:31:a1:c8:39:2a:dc:2a:54:
         53:3c:34:39:3b:55:e3:48:49:34:05:98:3f:98:fe:25:97:fe:
         94:4f:89:40:9b:95:06:99:34:a3:8f:4e:0b:74:c5:ee:67:bd:
         08:ee:8c:60:25:65:59:74:1e:2e:c5:04:d6:58:27:4c:c9:e4:
         9b:87:7e:75:8b:c3:8d:c9:c6:f8:dd:4c:bf:e6:e6:5a:43:2d:
         8c:6f:a2:d6:20:65:ef:11:fb:20:0b:da:bf:13:2b:c1:6c:51:
         27:bd:78:6f:a4:8c:25:67:36:0a:ab:da:c7:b0:ed:dd:51:91:
         ae:d8:c3:6b:a4:9b:77:c8:4c:b1:0a:85:cf:21:61:98:b4:24:
         ac:2d:5e:8b:42:06:dd:c4:60:f4:0e:50:e9:66:c9:00:77:59:
         3f:73:86:d1:32:3c:c7:95:7f:6a:f6:82:89:62:d1:26:da:02:
         01:eb:a1:45:51:38:7c:37:03:12:12:8f:ac:0f:81:8d:82:03:
         76:b7:2e:6e:9d:11:1a:c7:55:4d:c3:9f:73:40:79:a5:cb:71:
         d2:5b:2f:54:b9:90:ba:01:aa:cf:8d:b5:e2:fd:35:0a:94:e5:
         96:d2:0a:a2:25:a3:11:05:38:e0:f1:c1:f3:64:3d:e3:1e:0e:
         99:01:41:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/iK6QgKR9z27px8DMlwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUwODA5MDQwMjAxWhcNMjUwODEwMDQwMjAxWjAzMTEwLwYDVQQD
EygzYzY3NWYwNDAyZmVjZTZjZmU3M2NlYTM3ZDA5NjUyYmI1NjRkOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8YCF0Js/LYbspgMNVkeEpOdbFoI
pWVUGE45dzE4IKrEowVE2tXkMEwKUdPYrI3zzorf1B/6kvTvLz9F5lAHt2tphzN5
EawpyjSoRuZau/0HJZ6cc8B3I5WeJLwk366UzhkmqmZuV+26zPn5ZPc2CxG4dJm7
DjYQev2t3qRulMyLX8xMJfA5hkDTGFuP/U6A0YqgqxJ5euHW862DE3ttw3GkIhP5
yEmbTH4zaLCYq4FUUsN/r9h6GwTqdbtUG6972DscBgUwbjunOJk7kikCHDGEJy/t
ETu+Sd7iOptqKEXJ/K6aauC7Tn3ZvaMxOUJSXu8P22OP7147Ag+m3e8cGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxnXwQC/s5s/nPOo30JZSu1ZNl0MB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArhlRflbL
BRwkXTGhyDkq3CpUUzw0OTtV40hJNAWYP5j+JZf+lE+JQJuVBpk0o49OC3TF7me9
CO6MYCVlWXQeLsUE1lgnTMnkm4d+dYvDjcnG+N1Mv+bmWkMtjG+i1iBl7xH7IAva
vxMrwWxRJ714b6SMJWc2Cqvax7Dt3VGRrtjDa6Sbd8hMsQqFzyFhmLQkrC1ei0IG
3cRg9A5Q6WbJAHdZP3OG0TI8x5V/avaCiWLRJtoCAeuhRVE4fDcDEhKPrA+BjYID
drcubp0RGsdVTcOfc0B5pctx0lsvVLmQugGqz4214v01CpTlltIKoiWjEQU44PHB
82Q94x4OmQFBwA==
-----END CERTIFICATE-----