Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          8b20GlvaVlXVFojz0ukc0JrmOCQS5UPodN73FWanzlo=
Subject key identifier:   56:AD:4C:C8:5C:4F:17:42:EA:22:97:B6:94:65:1B:38:4F:98:10:67
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       01967DC61D98E0053F6EED31E837A89BD64E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          1251
Signing time:             Mon 28 Apr 2025 19:00:57 +0000
Manifest this update:     Mon 28 Apr 2025 19:00:57 +0000
Manifest next update:     Tue 29 Apr 2025 19:00:57 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: kCki841jNw4RBNV9DGQQ0GY2PZw1miUx7WFKqBKrSA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 19:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:1d:98:e0:05:3f:6e:ed:31:e8:37:a8:9b:d6:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Apr 28 19:00:57 2025 GMT
            Not After : Apr 29 19:00:57 2025 GMT
        Subject: CN=56ad4cc85c4f1742ea2297b694651b384f981067
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f0:bd:3e:56:62:b1:46:c2:b8:01:72:42:c9:
                    1f:8c:25:0a:ad:f9:90:a9:13:0a:77:62:64:45:f9:
                    16:b9:db:7b:91:c9:b4:a0:b4:7d:68:3b:27:c4:10:
                    74:68:59:f2:20:92:15:33:3c:2e:10:71:a0:0a:9d:
                    15:14:e4:1e:44:94:ed:5f:24:05:3f:95:53:f8:22:
                    0e:74:03:65:ea:39:9c:1b:c1:fa:0e:49:82:75:8c:
                    b1:10:ae:5c:cc:37:f3:8e:b3:6f:54:7f:cf:b6:03:
                    e7:39:b8:ba:0b:53:9b:08:89:99:a4:96:f9:c5:08:
                    a5:f7:5b:ec:b9:74:50:a7:1a:10:05:d2:cf:85:77:
                    a8:89:ab:d6:5f:e5:eb:35:34:67:5a:fd:c0:83:7c:
                    59:9a:bc:02:91:f3:d8:23:52:01:27:1d:9b:bb:ed:
                    21:9b:a6:3d:e6:85:8d:0b:fc:e9:fd:c5:21:c2:9c:
                    05:31:dc:13:a1:a6:44:4c:4f:c6:9b:40:17:9e:59:
                    85:23:88:5c:8e:a1:93:cd:6d:62:0d:6c:9a:7d:78:
                    85:3f:e8:2f:c7:f4:da:06:51:39:29:0f:48:95:6a:
                    a8:e8:1f:2b:90:86:5a:07:74:1c:21:9a:1a:36:ae:
                    bc:06:62:3d:5e:37:9f:b8:6e:af:b3:73:d5:e4:9a:
                    4e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:AD:4C:C8:5C:4F:17:42:EA:22:97:B6:94:65:1B:38:4F:98:10:67
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:f7:1d:af:e0:ec:4a:ab:13:a1:0c:6c:8f:79:53:33:a1:ee:
         da:e8:fd:53:03:db:9e:22:04:79:b8:bc:16:b5:90:aa:e6:70:
         d1:8a:49:65:22:42:cd:d5:60:b0:4a:1c:8e:9f:f8:49:df:b7:
         6b:41:19:a4:6d:6a:13:65:c6:73:f1:54:76:fd:d7:ca:2d:dc:
         de:84:cb:20:85:bb:87:1d:b0:0f:8b:83:3e:d3:e7:34:c1:d5:
         24:ec:5b:2b:9c:e6:ec:a6:bc:75:a2:84:21:47:8f:52:6f:77:
         6b:ce:6e:aa:51:7e:eb:5d:09:05:7b:82:8b:f2:98:36:3c:dc:
         53:89:bf:9f:c3:6f:4f:f8:41:8b:ca:c5:73:bb:ce:77:00:bf:
         8c:97:c5:8a:02:ae:0e:2b:d1:85:88:d5:c0:93:05:50:87:fa:
         4d:01:32:99:28:74:10:92:7b:1d:cc:9e:6b:44:fc:68:71:c0:
         28:9e:c7:4a:f1:38:bf:78:a9:ec:7b:18:0e:b7:72:87:c2:89:
         8b:bd:5a:85:4a:34:c4:3e:df:98:49:68:e9:71:20:a5:0b:05:
         d2:69:e5:14:67:8a:2f:19:b9:0f:51:30:ad:07:55:60:53:f8:
         d9:7b:04:a6:f2:16:e2:0b:59:de:8e:de:15:73:55:b2:ef:13:
         99:23:30:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xh2Y4AU/bu0x6Deom9ZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNDI4MTkwMDU3WhcNMjUwNDI5MTkwMDU3WjAzMTEwLwYDVQQD
Eyg1NmFkNGNjODVjNGYxNzQyZWEyMjk3YjY5NDY1MWIzODRmOTgxMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfC9PlZisUbCuAFyQskfjCUKrfmQ
qRMKd2JkRfkWudt7kcm0oLR9aDsnxBB0aFnyIJIVMzwuEHGgCp0VFOQeRJTtXyQF
P5VT+CIOdANl6jmcG8H6DkmCdYyxEK5czDfzjrNvVH/PtgPnObi6C1ObCImZpJb5
xQil91vsuXRQpxoQBdLPhXeoiavWX+XrNTRnWv3Ag3xZmrwCkfPYI1IBJx2bu+0h
m6Y95oWNC/zp/cUhwpwFMdwToaZETE/Gm0AXnlmFI4hcjqGTzW1iDWyafXiFP+gv
x/TaBlE5KQ9IlWqo6B8rkIZaB3QcIZoaNq68BmI9XjefuG6vs3PV5JpOAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFatTMhcTxdC6iKXtpRlGzhPmBBnMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIfcdr+Ds
SqsToQxsj3lTM6Hu2uj9UwPbniIEebi8FrWQquZw0YpJZSJCzdVgsEocjp/4Sd+3
a0EZpG1qE2XGc/FUdv3Xyi3c3oTLIIW7hx2wD4uDPtPnNMHVJOxbK5zm7Ka8daKE
IUePUm93a85uqlF+610JBXuCi/KYNjzcU4m/n8NvT/hBi8rFc7vOdwC/jJfFigKu
DivRhYjVwJMFUIf6TQEymSh0EJJ7Hcyea0T8aHHAKJ7HSvE4v3ip7HsYDrdyh8KJ
i71ahUo0xD7fmElo6XEgpQsF0mnlFGeKLxm5D1EwrQdVYFP42XsEpvIW4gtZ3o7e
FXNVsu8TmSMwZA==
-----END CERTIFICATE-----