Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          kh+DKMBNt8GWKjm/VXcuYHTLSVWXdIfBLRAqTjkc56A=
Subject key identifier:   32:49:7B:71:9F:82:FE:5F:EF:A2:F7:D3:84:67:8B:9F:4C:7F:A0:6E
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       01987B9C29344C986C8FEF0030E51D9ADFCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          1359
Signing time:             Tue 05 Aug 2025 19:01:28 +0000
Manifest this update:     Tue 05 Aug 2025 19:01:28 +0000
Manifest next update:     Wed 06 Aug 2025 19:01:28 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: a30q/MAvvcIUgM7gEmxsPknxcZfytUp2GQW/DeHMEpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 19:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:9c:29:34:4c:98:6c:8f:ef:00:30:e5:1d:9a:df:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Aug  5 19:01:28 2025 GMT
            Not After : Aug  6 19:01:28 2025 GMT
        Subject: CN=32497b719f82fe5fefa2f7d384678b9f4c7fa06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:27:15:fd:48:f6:60:3a:cb:f2:fa:6b:ca:81:
                    7d:9c:d9:99:f4:7a:c6:1b:4b:37:58:a3:9a:18:69:
                    74:6b:73:71:7f:c2:39:cf:f6:6c:91:78:b8:22:3e:
                    82:81:95:6e:6f:d9:d5:12:95:1e:86:59:48:06:bc:
                    b1:ec:52:09:b8:56:75:42:95:f1:d9:98:95:52:02:
                    f8:34:be:f6:a1:87:4a:07:97:d4:8c:bf:d6:a2:7d:
                    d1:66:e8:aa:01:74:d8:fa:14:93:5f:fe:10:b6:8a:
                    bd:b4:12:5b:25:1b:86:83:4a:f1:34:82:c7:ca:b4:
                    10:b7:58:f0:d1:79:66:c6:63:fa:b0:82:f8:85:1d:
                    13:28:8a:77:ed:f7:c5:07:8f:12:23:23:24:23:0d:
                    81:f5:2b:33:ad:2f:10:79:c2:b6:bc:45:7b:b6:08:
                    77:92:c3:bb:4f:63:38:74:04:2d:63:8a:09:98:ef:
                    91:19:f8:86:08:55:77:08:62:bf:c2:db:2c:87:fb:
                    da:8d:f1:83:88:73:7a:43:a2:68:f1:59:d4:41:7f:
                    53:66:cd:85:be:d1:c1:64:a4:c6:df:8c:45:6b:fe:
                    fd:36:35:64:25:be:74:33:95:46:b5:8e:6f:a5:b2:
                    e8:2f:06:ca:de:b3:18:53:0d:3b:8c:96:20:3d:60:
                    9e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:49:7B:71:9F:82:FE:5F:EF:A2:F7:D3:84:67:8B:9F:4C:7F:A0:6E
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:e6:b3:8a:06:7c:94:18:0a:d3:0b:b8:34:48:9d:5d:31:86:
         7c:99:a3:8d:46:4d:41:bc:b9:ea:11:56:26:c7:9b:b1:92:8b:
         19:37:8b:1b:67:96:cc:40:6d:94:e1:14:4c:62:bd:75:97:e3:
         a8:18:f8:ab:f8:a2:54:75:c7:af:26:fe:e3:42:68:ff:6f:ef:
         ef:78:34:49:3d:72:9d:4b:4f:24:0d:2f:cc:79:4e:7b:cf:37:
         c7:da:15:ab:a2:00:81:ec:01:1d:66:eb:8d:06:ed:24:6f:9f:
         b0:56:7d:47:72:92:4b:e8:45:fe:71:4f:bc:53:d9:14:1a:10:
         70:66:ef:5f:3a:21:e3:cb:bd:bb:56:74:28:cc:37:38:5c:c3:
         db:5a:e3:e7:9d:52:fe:ba:60:51:49:30:18:ec:33:c5:4d:d2:
         83:a6:85:d5:4b:db:b9:17:2c:3b:21:d7:8e:04:36:79:cc:6f:
         79:e5:ab:8e:28:3e:d1:b1:4f:51:02:d1:f4:8a:8c:55:6d:96:
         6e:42:46:81:f6:0a:43:e8:5e:08:ac:2f:24:dc:a9:c3:35:af:
         9d:95:ef:81:b9:1e:4e:2c:59:a0:83:f9:c8:ae:e4:46:28:00:
         94:2a:39:aa:9c:86:4b:8f:e7:b7:07:33:7d:b6:63:23:b5:41:
         8c:50:a2:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7nCk0TJhsj+8AMOUdmt/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwODA1MTkwMTI4WhcNMjUwODA2MTkwMTI4WjAzMTEwLwYDVQQD
EygzMjQ5N2I3MTlmODJmZTVmZWZhMmY3ZDM4NDY3OGI5ZjRjN2ZhMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ScV/Uj2YDrL8vpryoF9nNmZ9HrG
G0s3WKOaGGl0a3Nxf8I5z/ZskXi4Ij6CgZVub9nVEpUehllIBryx7FIJuFZ1QpXx
2ZiVUgL4NL72oYdKB5fUjL/Won3RZuiqAXTY+hSTX/4Qtoq9tBJbJRuGg0rxNILH
yrQQt1jw0XlmxmP6sIL4hR0TKIp37ffFB48SIyMkIw2B9SszrS8QecK2vEV7tgh3
ksO7T2M4dAQtY4oJmO+RGfiGCFV3CGK/wtssh/vajfGDiHN6Q6Jo8VnUQX9TZs2F
vtHBZKTG34xFa/79NjVkJb50M5VGtY5vpbLoLwbK3rMYUw07jJYgPWCeQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJJe3Gfgv5f76L304Rni59Mf6BuMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy+azigZ8
lBgK0wu4NEidXTGGfJmjjUZNQby56hFWJsebsZKLGTeLG2eWzEBtlOEUTGK9dZfj
qBj4q/iiVHXHryb+40Jo/2/v73g0ST1ynUtPJA0vzHlOe883x9oVq6IAgewBHWbr
jQbtJG+fsFZ9R3KSS+hF/nFPvFPZFBoQcGbvXzoh48u9u1Z0KMw3OFzD21rj551S
/rpgUUkwGOwzxU3Sg6aF1UvbuRcsOyHXjgQ2ecxveeWrjig+0bFPUQLR9IqMVW2W
bkJGgfYKQ+heCKwvJNypwzWvnZXvgbkeTixZoIP5yK7kRigAlCo5qpyGS4/ntwcz
fbZjI7VBjFCiCQ==
-----END CERTIFICATE-----