Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          9ieGYbMuApPkasFKekeaivZP5eOLOfvRPd+HUStAzzs=
Subject key identifier:   F0:DB:2C:52:D8:16:80:F1:22:97:2A:5B:8E:9D:19:27:F0:E2:69:05
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       019A50E314906F3DD5FCCE1EBD8EC8FB8F64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          144C
Signing time:             Tue 04 Nov 2025 22:00:50 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:50 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:50 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: h6iXPZs8IcMFGhLmWVMDDrHpRYGLgCEed3ynytZ6NpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:14:90:6f:3d:d5:fc:ce:1e:bd:8e:c8:fb:8f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Nov  4 22:00:50 2025 GMT
            Not After : Nov  5 22:00:50 2025 GMT
        Subject: CN=f0db2c52d81680f122972a5b8e9d1927f0e26905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:13:da:ec:1d:ad:b6:58:58:34:32:4a:ca:46:
                    ea:f0:87:db:01:3b:e7:81:37:d9:ec:b2:21:10:b1:
                    56:1c:81:75:bb:f8:10:ce:0b:83:e6:06:f8:89:e7:
                    95:2d:3e:39:0c:c2:e2:0b:34:d8:1f:2e:aa:f0:d1:
                    b8:3c:78:65:09:a3:85:8f:b9:80:e2:df:98:2b:85:
                    ba:f2:04:41:07:cd:f4:4b:41:36:be:98:d4:5a:5b:
                    3e:e0:ac:3b:c1:48:9e:57:2f:20:50:d7:50:e7:52:
                    fb:4a:5b:1d:05:79:61:15:0b:1c:bc:26:73:f9:79:
                    9f:dd:9b:85:7d:6c:29:eb:e7:e2:da:a5:7b:83:6f:
                    14:5b:41:57:33:fe:70:56:2d:41:b4:4f:04:7f:65:
                    86:76:33:35:c5:80:bb:fe:f5:97:67:89:b8:30:25:
                    22:6a:86:f1:bb:21:1f:ac:0c:40:8e:89:5e:9b:62:
                    5c:cc:c4:05:a1:e1:2a:40:85:70:7c:ad:2f:12:6d:
                    9d:d1:41:2b:bb:56:52:18:f9:0e:9c:c6:2f:6d:02:
                    ba:96:36:e5:bb:29:d0:37:1d:25:5c:f1:5d:f4:a2:
                    29:d7:cb:6c:c7:20:10:d8:f4:27:1b:dc:c2:73:4a:
                    e3:72:7d:54:c5:28:3a:e6:70:b3:15:29:8d:f9:42:
                    15:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:DB:2C:52:D8:16:80:F1:22:97:2A:5B:8E:9D:19:27:F0:E2:69:05
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:fb:be:72:79:1b:6f:34:e5:b1:7f:ca:51:4b:d6:fa:48:43:
         01:be:9e:42:e4:0b:b8:3c:60:a8:2e:1f:0e:ac:8f:80:c2:13:
         7d:be:a8:0d:fb:d2:97:81:e6:d6:8b:29:e0:8d:61:28:36:d9:
         0b:c1:1d:77:39:82:d3:2a:1b:27:4f:4b:33:ea:63:10:7b:64:
         39:3e:d7:5f:2a:af:a7:66:f0:b0:fa:ba:dd:30:e9:83:3d:39:
         dd:7e:50:8e:39:44:49:65:c3:c5:91:fa:2d:71:35:d5:53:99:
         7b:53:5e:d9:30:b6:11:38:ca:f4:4f:a0:c6:62:f3:c8:d4:57:
         f3:df:04:a4:e6:76:1b:e7:6b:fc:ab:b3:7e:ef:29:d8:36:8e:
         a3:ab:64:df:a8:9c:73:ec:81:07:38:e0:e3:60:8d:11:63:b1:
         89:fd:a7:3d:c5:56:af:53:1b:88:9e:72:3d:05:f8:8f:c7:53:
         79:44:8f:ba:9e:4d:30:b8:84:f0:6e:ec:06:f0:65:53:ff:2e:
         73:d5:2e:c5:c1:a5:06:1a:9c:4e:0e:80:61:4b:55:dd:ec:85:
         31:23:b1:1e:79:99:ea:9f:65:e4:26:1d:c9:7f:84:c3:35:be:
         61:31:7b:5f:09:64:06:19:eb:c5:98:37:6b:99:88:95:63:51:
         29:49:c6:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4xSQbz3V/M4evY7I+49kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUxMTA0MjIwMDUwWhcNMjUxMTA1MjIwMDUwWjAzMTEwLwYDVQQD
EyhmMGRiMmM1MmQ4MTY4MGYxMjI5NzJhNWI4ZTlkMTkyN2YwZTI2OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBPa7B2ttlhYNDJKykbq8IfbATvn
gTfZ7LIhELFWHIF1u/gQzguD5gb4ieeVLT45DMLiCzTYHy6q8NG4PHhlCaOFj7mA
4t+YK4W68gRBB830S0E2vpjUWls+4Kw7wUieVy8gUNdQ51L7SlsdBXlhFQscvCZz
+Xmf3ZuFfWwp6+fi2qV7g28UW0FXM/5wVi1BtE8Ef2WGdjM1xYC7/vWXZ4m4MCUi
aobxuyEfrAxAjolem2JczMQFoeEqQIVwfK0vEm2d0UEru1ZSGPkOnMYvbQK6ljbl
uynQNx0lXPFd9KIp18tsxyAQ2PQnG9zCc0rjcn1UxSg65nCzFSmN+UIVtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDbLFLYFoDxIpcqW46dGSfw4mkFMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2Pu+cnkb
bzTlsX/KUUvW+khDAb6eQuQLuDxgqC4fDqyPgMITfb6oDfvSl4Hm1osp4I1hKDbZ
C8EddzmC0yobJ09LM+pjEHtkOT7XXyqvp2bwsPq63TDpgz053X5QjjlESWXDxZH6
LXE11VOZe1Ne2TC2ETjK9E+gxmLzyNRX898EpOZ2G+dr/Kuzfu8p2DaOo6tk36ic
c+yBBzjg42CNEWOxif2nPcVWr1MbiJ5yPQX4j8dTeUSPup5NMLiE8G7sBvBlU/8u
c9UuxcGlBhqcTg6AYUtV3eyFMSOxHnmZ6p9l5CYdyX+EwzW+YTF7XwlkBhnrxZg3
a5mIlWNRKUnGhg==
-----END CERTIFICATE-----