Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          Y5mXL9gIeZ16v/AKLXQ2E14OM1NqhxNgq2kS0CdlmOI=
Subject key identifier:   E5:15:A8:35:D3:93:D5:F9:57:C5:08:F8:62:DB:AA:E8:78:9D:5A:DC
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       01976961B04DDE3830E388680138AAAE8675
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:01:39 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:39 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:39 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: qg8Fbu6FaQ4QqOkJBig3HNcRdcsRjEbsBUNB7UTfsxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:b0:4d:de:38:30:e3:88:68:01:38:aa:ae:86:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Jun 13 13:01:39 2025 GMT
            Not After : Jun 14 13:01:39 2025 GMT
        Subject: CN=e515a835d393d5f957c508f862dbaae8789d5adc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:9a:74:25:29:db:97:3c:88:64:cf:c4:8a:d1:
                    00:5a:1c:8a:d1:18:9e:5d:28:77:44:8b:6d:2f:5a:
                    67:b9:d5:c8:98:6b:34:f2:eb:57:6e:1d:ac:1f:e7:
                    62:d5:17:e3:4b:8d:9b:fc:60:2e:29:4d:1f:09:92:
                    4c:6e:63:ae:fe:31:80:9e:d4:44:b4:4b:32:a3:ce:
                    a5:b5:6e:30:ec:b3:90:03:13:bf:e8:44:ef:c8:f1:
                    7e:2c:70:16:6e:df:15:2a:77:53:81:32:40:18:f3:
                    8a:49:16:fe:67:ee:98:9b:bc:5f:ad:8b:88:d1:90:
                    f7:20:8f:e1:68:6a:b1:f9:3c:8b:03:e5:82:e9:61:
                    40:31:f6:60:10:c1:27:e7:4e:b6:29:11:17:18:10:
                    eb:02:58:6e:66:48:b7:d6:af:67:00:d8:67:87:20:
                    73:90:14:70:33:9e:44:65:98:f6:cc:bf:da:3b:aa:
                    fe:f0:f7:21:22:ff:48:a3:35:91:5e:88:6d:fb:8c:
                    a3:3a:2a:dd:17:e1:f6:b4:e8:c3:49:bd:03:ce:0e:
                    8a:1a:a2:5f:06:6b:b1:11:f3:48:25:83:ce:bb:cb:
                    d0:0e:d2:32:88:dd:68:6f:6f:11:4b:f0:bd:23:19:
                    cf:af:52:d7:79:d5:96:eb:7e:cb:5b:a7:e6:06:43:
                    90:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:15:A8:35:D3:93:D5:F9:57:C5:08:F8:62:DB:AA:E8:78:9D:5A:DC
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e3:c0:90:68:b2:ce:fb:2b:ad:19:7c:15:51:6f:6c:a6:0f:
         81:26:14:72:d5:b8:7e:fe:0f:e8:3c:73:c7:6d:3c:01:24:e2:
         7f:0a:03:ce:0f:4b:00:ad:5f:14:53:2f:71:b5:82:e3:1f:67:
         f6:ae:fa:f3:be:d7:5b:b9:ef:b2:8c:c3:ea:cf:17:6f:b0:d7:
         6d:f6:0c:a3:f1:d4:78:03:2b:22:14:71:75:2a:f0:d4:60:1e:
         76:05:23:97:b5:1e:84:44:0c:cc:11:6a:70:09:d9:10:ec:fb:
         14:46:97:51:f0:66:b7:ca:ab:a2:96:0a:a8:09:bf:f3:41:fb:
         0d:73:f4:b1:b4:4b:51:c0:ad:89:93:c5:b5:0a:7f:98:68:a5:
         c3:0e:eb:f2:7f:57:82:58:30:e4:ce:29:d4:df:cc:3d:7b:60:
         58:03:4b:55:76:a3:de:af:82:e7:dc:22:dd:86:b4:f5:1d:ac:
         08:fe:b5:4b:da:4f:b0:d8:eb:68:25:1e:11:f6:4c:db:bb:89:
         77:54:ab:d0:10:32:62:b3:23:f6:7a:7e:a0:9c:5d:06:52:8c:
         f8:8d:b4:63:c1:51:84:71:9a:06:cf:bc:4b:a5:f0:1a:e8:73:
         57:5b:b8:97:95:54:39:99:8b:fd:3b:f3:14:6e:49:86:7c:5c:
         7e:b0:e5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYbBN3jgw44hoATiqroZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNjEzMTMwMTM5WhcNMjUwNjE0MTMwMTM5WjAzMTEwLwYDVQQD
EyhlNTE1YTgzNWQzOTNkNWY5NTdjNTA4Zjg2MmRiYWFlODc4OWQ1YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pp0JSnblzyIZM/EitEAWhyK0Rie
XSh3RIttL1pnudXImGs08utXbh2sH+di1RfjS42b/GAuKU0fCZJMbmOu/jGAntRE
tEsyo86ltW4w7LOQAxO/6ETvyPF+LHAWbt8VKndTgTJAGPOKSRb+Z+6Ym7xfrYuI
0ZD3II/haGqx+TyLA+WC6WFAMfZgEMEn5062KREXGBDrAlhuZki31q9nANhnhyBz
kBRwM55EZZj2zL/aO6r+8PchIv9IozWRXoht+4yjOirdF+H2tOjDSb0Dzg6KGqJf
BmuxEfNIJYPOu8vQDtIyiN1ob28RS/C9IxnPr1LXedWW637LW6fmBkOQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUVqDXTk9X5V8UI+GLbquh4nVrcMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+PAkGiy
zvsrrRl8FVFvbKYPgSYUctW4fv4P6Dxzx208ASTifwoDzg9LAK1fFFMvcbWC4x9n
9q76877XW7nvsozD6s8Xb7DXbfYMo/HUeAMrIhRxdSrw1GAedgUjl7UehEQMzBFq
cAnZEOz7FEaXUfBmt8qropYKqAm/80H7DXP0sbRLUcCtiZPFtQp/mGilww7r8n9X
glgw5M4p1N/MPXtgWANLVXaj3q+C59wi3Ya09R2sCP61S9pPsNjraCUeEfZM27uJ
d1Sr0BAyYrMj9np+oJxdBlKM+I20Y8FRhHGaBs+8S6XwGuhzV1u4l5VUOZmL/Tvz
FG5JhnxcfrDlhg==
-----END CERTIFICATE-----