Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          +9ZG9fMN+59resNdXNvpkdPruhYSZeBX5ruK2ThNUlg=
Subject key identifier:   4C:82:BC:A7:3B:09:89:E9:5B:2C:13:8C:EA:4B:4D:A1:7F:50:CA:CA
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       01976D3E0617A7FA1BC7841C3EA3C6BC7660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          147B
Signing time:             Sat 14 Jun 2025 07:01:10 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:10 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:10 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: e/pyGrwqC/5yGb/6p3yP50lCZP1IozqThyhgYZMc3Vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:06:17:a7:fa:1b:c7:84:1c:3e:a3:c6:bc:76:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Jun 14 07:01:10 2025 GMT
            Not After : Jun 15 07:01:10 2025 GMT
        Subject: CN=4c82bca73b0989e95b2c138cea4b4da17f50caca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a0:b2:57:58:41:a6:fb:b0:dd:fb:61:d3:06:
                    43:a1:e8:48:0d:af:cb:bb:ee:b5:b9:75:26:15:27:
                    4c:ca:82:25:60:3a:e7:c7:ed:25:92:a6:f6:13:1d:
                    6d:4a:9e:ba:80:eb:3f:36:eb:0c:6c:7f:35:6a:08:
                    cb:9a:1f:c1:62:68:b5:6a:a8:05:42:18:f0:8c:6e:
                    2c:40:1f:7b:1c:3b:ab:71:36:0b:3d:6f:be:39:a6:
                    be:87:61:9f:65:d6:6a:6a:ea:bc:22:cb:7b:10:d3:
                    48:a7:1f:48:b8:5f:fd:be:45:e8:97:f6:bf:a8:ec:
                    a3:71:f6:db:44:70:f4:ac:6a:d9:7d:21:4c:86:6f:
                    14:a9:19:9f:9a:11:78:4b:ec:c9:2c:47:d6:ec:57:
                    68:f5:25:69:d1:b4:a8:ca:8c:4a:cb:af:f6:04:ab:
                    c5:4d:27:cd:13:89:d4:0f:1b:b5:9d:81:fc:74:43:
                    e3:33:e5:ec:65:b5:27:77:f4:52:10:37:24:d4:08:
                    a6:e5:57:c1:06:68:f0:05:a3:69:08:76:19:e8:42:
                    be:10:54:d7:4f:9f:d7:92:8b:46:c6:8f:91:21:b6:
                    af:18:b8:52:5f:73:b8:c0:09:2f:8b:12:3c:17:3b:
                    27:66:01:93:88:a9:1e:c2:65:8e:b0:dc:87:2e:4d:
                    44:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:82:BC:A7:3B:09:89:E9:5B:2C:13:8C:EA:4B:4D:A1:7F:50:CA:CA
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:00:ff:95:64:60:00:d9:d3:bb:6e:95:eb:1f:a0:a6:e6:19:
         96:b5:90:4f:1b:52:40:8c:17:fb:68:b1:31:bd:77:e4:c9:9c:
         37:7a:9c:b8:2d:28:31:ac:32:af:06:62:d0:a4:32:78:1e:e4:
         75:cd:5a:bc:5b:76:af:f2:44:92:a8:1b:91:0d:48:2f:0b:79:
         20:5c:c8:27:a9:54:aa:37:5b:2d:ac:cf:14:1e:52:cc:85:cb:
         ac:45:9e:43:d9:a9:04:de:88:72:82:f5:1a:e2:50:4d:df:7d:
         c7:0e:b9:98:4d:a5:13:a7:27:50:4e:42:a5:56:24:00:4c:c9:
         72:a4:37:b5:74:85:31:a9:7d:3f:10:f8:38:90:47:0f:fe:9e:
         ca:31:a9:f7:58:ab:64:49:3a:55:23:24:a6:26:15:88:3d:ca:
         91:17:24:a2:10:e1:5e:cf:0a:30:18:b3:dc:70:81:e7:2e:09:
         57:d4:30:01:91:a1:99:dc:eb:c9:6c:c0:58:a3:b4:57:a3:82:
         28:ff:15:f7:e4:17:1f:40:49:3d:79:c2:7a:c4:5b:2f:d1:d1:
         05:88:66:44:ff:e1:cd:73:be:49:8b:19:2a:f6:21:57:4c:be:
         44:f6:ef:d2:0a:71:cd:9c:0a:06:ee:55:60:69:cd:50:0e:30:
         51:ff:0e:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPgYXp/obx4QcPqPGvHZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjUwNjE0MDcwMTEwWhcNMjUwNjE1MDcwMTEwWjAzMTEwLwYDVQQD
Eyg0YzgyYmNhNzNiMDk4OWU5NWIyYzEzOGNlYTRiNGRhMTdmNTBjYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKCyV1hBpvuw3fth0wZDoehIDa/L
u+61uXUmFSdMyoIlYDrnx+0lkqb2Ex1tSp66gOs/NusMbH81agjLmh/BYmi1aqgF
QhjwjG4sQB97HDurcTYLPW++Oaa+h2GfZdZqauq8Ist7ENNIpx9IuF/9vkXol/a/
qOyjcfbbRHD0rGrZfSFMhm8UqRmfmhF4S+zJLEfW7Fdo9SVp0bSoyoxKy6/2BKvF
TSfNE4nUDxu1nYH8dEPjM+XsZbUnd/RSEDck1Aim5VfBBmjwBaNpCHYZ6EK+EFTX
T5/XkotGxo+RIbavGLhSX3O4wAkvixI8FzsnZgGTiKkewmWOsNyHLk1ElwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyCvKc7CYnpWywTjOpLTaF/UMrKMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwD/lWRg
ANnTu26V6x+gpuYZlrWQTxtSQIwX+2ixMb135MmcN3qcuC0oMawyrwZi0KQyeB7k
dc1avFt2r/JEkqgbkQ1ILwt5IFzIJ6lUqjdbLazPFB5SzIXLrEWeQ9mpBN6IcoL1
GuJQTd99xw65mE2lE6cnUE5CpVYkAEzJcqQ3tXSFMal9PxD4OJBHD/6eyjGp91ir
ZEk6VSMkpiYViD3KkRckohDhXs8KMBiz3HCB5y4JV9QwAZGhmdzryWzAWKO0V6OC
KP8V9+QXH0BJPXnCesRbL9HRBYhmRP/hzXO+SYsZKvYhV0y+RPbv0gpxzZwKBu5V
YGnNUA4wUf8OaQ==
-----END CERTIFICATE-----