Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          Ew/BGlmu1q3YJPCGyo3mSr5ZNlrd9ZemT1j31bdv4H4=
Subject key identifier:   50:A8:8F:98:EC:E0:19:81:8C:33:10:CC:B0:93:92:45:22:0E:EF:D6
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       01976D3DEB8A3B3DC7C8F537730D0C0167F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          12CD
Signing time:             Sat 14 Jun 2025 07:01:03 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:03 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:03 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: Lx0TuNdwE2s3nByhSLJVoZ73OKAgBsug2fYNl5ovqOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:eb:8a:3b:3d:c7:c8:f5:37:73:0d:0c:01:67:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Jun 14 07:01:03 2025 GMT
            Not After : Jun 15 07:01:03 2025 GMT
        Subject: CN=50a88f98ece019818c3310ccb0939245220eefd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:90:60:ac:ed:df:9e:42:70:d1:8f:ec:ee:83:
                    5b:8f:4f:5c:e2:13:be:b8:9d:3f:b9:71:9e:3c:04:
                    f9:1e:2b:df:cd:1f:cf:02:8a:4f:31:6e:bd:8e:3c:
                    2d:29:17:6b:65:61:b6:12:28:b9:df:01:d2:76:89:
                    52:52:fc:33:50:83:34:1f:77:7e:4d:24:c7:ca:64:
                    ff:4e:2f:c3:3b:ff:0f:b2:11:f1:fe:67:6f:ec:99:
                    73:6b:81:f1:38:21:a3:6b:71:14:c7:4d:67:da:b6:
                    51:b9:f8:1f:04:00:31:c4:f5:83:5d:50:8c:18:00:
                    cb:9c:be:db:d0:7e:73:cd:4a:d2:fd:e4:51:16:f0:
                    3e:24:48:f6:0b:76:c9:07:8a:79:36:9e:4d:5e:06:
                    7c:b6:b2:41:f9:37:cc:d8:22:3b:be:f0:c1:66:10:
                    01:e7:70:88:fd:e4:b8:ac:f4:9c:19:f9:84:66:98:
                    b4:57:e3:fb:2d:75:45:48:3d:74:9a:45:96:1c:91:
                    d3:5c:25:97:62:a4:0b:87:2b:c1:d6:ad:33:87:05:
                    66:28:8d:62:94:f7:5d:18:60:c6:75:3d:5f:55:fc:
                    ed:bb:ab:be:20:b1:c1:fa:c4:5d:99:f0:e9:64:33:
                    7e:ee:25:d0:70:af:70:d9:7c:ec:72:78:36:57:03:
                    d0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A8:8F:98:EC:E0:19:81:8C:33:10:CC:B0:93:92:45:22:0E:EF:D6
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:3d:6c:f4:5e:bd:ff:a1:1d:fa:82:05:65:9d:e6:a8:79:db:
         86:1c:34:b2:03:cf:63:55:13:ba:21:55:67:12:a1:b7:3a:83:
         26:81:61:5d:47:8d:6d:51:62:2d:56:b6:7b:f2:97:39:36:02:
         2a:a7:94:62:cb:23:11:13:47:e0:a6:d9:f2:1e:71:91:53:f1:
         71:6e:36:bd:49:7a:47:0e:5c:2b:72:b6:be:19:25:b5:19:95:
         73:57:f0:a3:9f:cd:09:75:a9:b3:ca:69:6b:56:f8:22:ca:c5:
         78:57:1c:5f:6b:c8:8b:d1:36:1e:5c:7c:14:99:5d:8c:35:12:
         f9:11:50:01:6a:f9:54:3f:3a:27:4a:a2:cf:7b:a4:d4:69:5e:
         38:0d:5e:f0:82:a9:50:0d:0c:55:7b:2d:9b:af:3f:37:b7:cc:
         05:f5:a7:a0:6b:e7:15:f4:2c:2c:66:d8:e6:ec:71:9d:82:96:
         a2:23:3e:e1:7d:58:fa:73:a4:c1:12:96:6c:cc:38:f7:fc:f5:
         d9:dc:f6:32:f7:7e:2b:72:82:0e:78:97:88:0c:6a:12:0b:eb:
         45:2d:74:6f:34:3b:9b:7b:7f:a1:59:86:2b:61:28:fb:64:45:
         69:13:fa:26:50:d4:55:0b:19:5d:0c:d5:1e:95:a7:34:c4:1c:
         20:3a:27:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPeuKOz3HyPU3cw0MAWfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNjE0MDcwMTAzWhcNMjUwNjE1MDcwMTAzWjAzMTEwLwYDVQQD
Eyg1MGE4OGY5OGVjZTAxOTgxOGMzMzEwY2NiMDkzOTI0NTIyMGVlZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZBgrO3fnkJw0Y/s7oNbj09c4hO+
uJ0/uXGePAT5HivfzR/PAopPMW69jjwtKRdrZWG2Eii53wHSdolSUvwzUIM0H3d+
TSTHymT/Ti/DO/8PshHx/mdv7Jlza4HxOCGja3EUx01n2rZRufgfBAAxxPWDXVCM
GADLnL7b0H5zzUrS/eRRFvA+JEj2C3bJB4p5Np5NXgZ8trJB+TfM2CI7vvDBZhAB
53CI/eS4rPScGfmEZpi0V+P7LXVFSD10mkWWHJHTXCWXYqQLhyvB1q0zhwVmKI1i
lPddGGDGdT1fVfztu6u+ILHB+sRdmfDpZDN+7iXQcK9w2Xzscng2VwPQSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCoj5js4BmBjDMQzLCTkkUiDu/WMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKD1s9F69
/6Ed+oIFZZ3mqHnbhhw0sgPPY1UTuiFVZxKhtzqDJoFhXUeNbVFiLVa2e/KXOTYC
KqeUYssjERNH4KbZ8h5xkVPxcW42vUl6Rw5cK3K2vhkltRmVc1fwo5/NCXWps8pp
a1b4IsrFeFccX2vIi9E2Hlx8FJldjDUS+RFQAWr5VD86J0qiz3uk1GleOA1e8IKp
UA0MVXstm68/N7fMBfWnoGvnFfQsLGbY5uxxnYKWoiM+4X1Y+nOkwRKWbMw49/z1
2dz2Mvd+K3KCDniXiAxqEgvrRS10bzQ7m3t/oVmGK2Eo+2RFaRP6JlDUVQsZXQzV
HpWnNMQcIDonWQ==
-----END CERTIFICATE-----