Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
File:                     gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft (raw, json)
Hash identifier:          zCa87oO0c07fiqDO0Y9PA94eMpWyNdguPioktFj6zqU=
Subject key identifier:   50:53:54:C1:45:DB:C5:1A:64:D6:3C:BD:12:80:33:C8:99:F6:55:75
Authority key identifier: 81:A3:6C:67:E9:A2:35:39:C8:15:3A:98:34:EF:83:E5:C1:8E:6B:72
Certificate issuer:       /CN=81a36c67e9a23539c8153a9834ef83e5c18e6b72
Certificate serial:       019885E88AC76DF217EFC500F50EA2F6213F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gaNsZ-miNTnIFTqYNO-D5cGOa3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
Manifest number:          0467
Signing time:             Thu 07 Aug 2025 19:01:06 +0000
Manifest this update:     Thu 07 Aug 2025 19:01:06 +0000
Manifest next update:     Fri 08 Aug 2025 19:01:06 +0000
Files and hashes:         1: gaNsZ-miNTnIFTqYNO-D5cGOa3I.crl (hash: gkU0za8Lx9fuqLl8/7StZcksEueIn6m+MuU7i8eoHZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gaNsZ-miNTnIFTqYNO-D5cGOa3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 16:13:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:85:e8:8a:c7:6d:f2:17:ef:c5:00:f5:0e:a2:f6:21:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81a36c67e9a23539c8153a9834ef83e5c18e6b72
        Validity
            Not Before: Aug  7 19:01:06 2025 GMT
            Not After : Aug  8 19:01:06 2025 GMT
        Subject: CN=505354c145dbc51a64d63cbd128033c899f65575
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:33:7f:76:8f:c3:0f:68:e1:db:7b:59:4b:5c:
                    59:da:a4:52:29:64:81:d6:d8:d6:04:f5:3d:6e:66:
                    09:fa:04:a9:17:ae:3b:61:45:56:35:12:83:d0:d7:
                    23:9a:17:07:a4:33:41:51:e7:da:df:c3:89:3d:de:
                    d3:4f:9e:67:a0:4d:e7:2a:c6:61:0d:c6:6d:48:7c:
                    0c:6a:c5:d3:97:64:6a:41:93:99:c5:18:35:eb:16:
                    63:05:ac:fe:29:7b:fe:e6:3e:5d:ff:a7:90:fa:4e:
                    d9:4f:a2:37:02:ae:1d:b7:c5:56:e2:47:3b:6f:ac:
                    72:d7:db:2f:c7:2b:f1:97:18:35:92:00:23:af:a7:
                    55:98:d9:6d:40:08:3b:f3:b1:93:05:33:40:7b:07:
                    d2:70:c6:3b:53:74:2d:09:4f:13:9b:30:26:68:48:
                    9f:18:27:e1:1b:54:27:5b:b0:fb:a7:53:67:cd:1c:
                    fe:6d:29:b9:e1:2c:01:3e:10:0b:1d:96:4a:e1:cf:
                    dd:04:52:cf:8d:86:b3:29:80:85:c9:00:44:7f:eb:
                    34:fa:38:5e:b6:f3:d4:0d:8b:59:60:0b:bf:93:46:
                    5d:9e:56:2f:f3:a8:a7:26:d6:70:d0:37:f3:4f:18:
                    be:88:25:28:f0:e1:3e:73:75:17:43:82:f5:0c:76:
                    1c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:53:54:C1:45:DB:C5:1A:64:D6:3C:BD:12:80:33:C8:99:F6:55:75
            X509v3 Authority Key Identifier:
                keyid:81:A3:6C:67:E9:A2:35:39:C8:15:3A:98:34:EF:83:E5:C1:8E:6B:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaNsZ-miNTnIFTqYNO-D5cGOa3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:d8:a6:fc:37:6f:d6:34:80:21:a7:71:d6:04:e5:a0:7b:b5:
         cc:8b:4c:c0:11:f5:8d:81:36:48:d2:db:17:3d:84:ed:8c:50:
         c0:56:81:ca:ec:99:66:c0:7e:8a:e8:93:18:95:8e:1b:ad:ab:
         5a:86:5d:fc:16:3f:59:f5:7d:2c:4c:5e:66:27:49:d7:ec:53:
         2e:5d:bb:d5:79:a0:20:b5:b5:cb:71:d2:7b:41:c9:af:d3:6a:
         85:c6:4e:1d:74:b9:fa:38:8f:2b:8f:2c:33:2e:9c:ab:98:ac:
         a7:1a:b9:40:da:e4:02:f2:d3:d1:e9:57:47:ba:67:e1:cf:f7:
         67:77:4c:78:f3:af:92:30:23:ae:6e:bd:0d:46:6e:58:2c:b0:
         6b:6b:bb:5c:3e:37:ab:5e:ae:36:31:d4:84:98:67:a3:56:1b:
         52:42:61:a0:a9:bb:83:f3:60:a0:25:f4:79:ad:72:ab:27:32:
         2f:a9:f9:11:b0:3d:20:bc:a4:be:dd:0d:71:99:51:ea:72:6c:
         42:8b:33:e6:1a:53:43:ad:dc:61:5a:2b:c2:31:ad:13:89:0c:
         54:ba:da:e3:1d:67:de:58:a4:1b:6c:d9:31:98:e7:88:57:e1:
         fb:53:dd:54:a8:5d:c6:72:ad:11:7e:4e:12:0e:64:a5:36:28:
         fa:92:9a:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiF6IrHbfIX78UA9Q6i9iE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTM2YzY3ZTlhMjM1MzljODE1M2E5ODM0ZWY4M2U1YzE4
ZTZiNzIwHhcNMjUwODA3MTkwMTA2WhcNMjUwODA4MTkwMTA2WjAzMTEwLwYDVQQD
Eyg1MDUzNTRjMTQ1ZGJjNTFhNjRkNjNjYmQxMjgwMzNjODk5ZjY1NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDN/do/DD2jh23tZS1xZ2qRSKWSB
1tjWBPU9bmYJ+gSpF647YUVWNRKD0NcjmhcHpDNBUefa38OJPd7TT55noE3nKsZh
DcZtSHwMasXTl2RqQZOZxRg16xZjBaz+KXv+5j5d/6eQ+k7ZT6I3Aq4dt8VW4kc7
b6xy19svxyvxlxg1kgAjr6dVmNltQAg787GTBTNAewfScMY7U3QtCU8TmzAmaEif
GCfhG1QnW7D7p1NnzRz+bSm54SwBPhALHZZK4c/dBFLPjYazKYCFyQBEf+s0+jhe
tvPUDYtZYAu/k0ZdnlYv86inJtZw0DfzTxi+iCUo8OE+c3UXQ4L1DHYcAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBTVMFF28UaZNY8vRKAM8iZ9lV1MB8GA1UdIwQY
MBaAFIGjbGfpojU5yBU6mDTvg+XBjmtyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8yNWNiYWQtNjEzNC00NWIxLThiM2Qt
ZWI1NjlhOGEyMTBmLzEvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8yNWNiYWQtNjEzNC00NWIxLThiM2QtZWI1NjlhOGEyMTBm
LzEvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNim/Ddv
1jSAIadx1gTloHu1zItMwBH1jYE2SNLbFz2E7YxQwFaByuyZZsB+iuiTGJWOG62r
WoZd/BY/WfV9LExeZidJ1+xTLl271XmgILW1y3HSe0HJr9NqhcZOHXS5+jiPK48s
My6cq5ispxq5QNrkAvLT0elXR7pn4c/3Z3dMePOvkjAjrm69DUZuWCywa2u7XD43
q16uNjHUhJhno1YbUkJhoKm7g/NgoCX0ea1yqycyL6n5EbA9ILykvt0NcZlR6nJs
Qosz5hpTQ63cYVorwjGtE4kMVLra4x1n3likG2zZMZjniFfh+1PdVKhdxnKtEX5O
Eg5kpTYo+pKaiQ==
-----END CERTIFICATE-----