Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          DoN8hbPW8GfN3JqqZieeZdCAhRDAHyIkBN3CnwggTww=
Subject key identifier:   5A:F9:F0:5E:B7:2A:D4:B9:E3:87:08:00:87:D0:84:03:CC:5F:36:2D
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019677FB171D41567F0556FF2FE89C456F0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          150D
Signing time:             Sun 27 Apr 2025 16:01:06 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:06 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:06 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: 2u821W/t1VL6y5JvaTnx3Ry03zWdE4IXIm0GZT/A6og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:17:1d:41:56:7f:05:56:ff:2f:e8:9c:45:6f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Apr 27 16:01:06 2025 GMT
            Not After : Apr 28 16:01:06 2025 GMT
        Subject: CN=5af9f05eb72ad4b9e387080087d08403cc5f362d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0e:b0:ad:b7:2a:3e:0f:56:87:d1:26:6f:41:
                    0d:5a:de:56:3b:ac:15:05:1e:a4:81:bb:7b:4f:21:
                    8a:ad:c6:f0:79:c7:c2:2e:b1:b5:5d:e0:e7:93:f9:
                    bd:a5:5b:36:f2:0e:c5:e6:64:23:19:fe:a8:71:5c:
                    0b:37:a5:2d:42:1a:29:1d:98:df:b8:62:28:40:10:
                    34:46:94:61:d0:1a:8d:d5:91:3f:e6:ba:5b:cf:63:
                    fd:f9:8b:9c:57:83:f4:8d:c4:0a:e4:db:67:4e:7b:
                    a7:7c:46:f3:6c:ab:99:11:da:75:6a:5f:76:42:f0:
                    f5:77:5d:06:7d:f2:1f:c2:80:2e:49:81:c0:3a:3d:
                    63:be:ea:cb:46:78:b2:95:d5:5d:6a:70:54:47:57:
                    08:db:5e:be:07:59:78:6c:3d:ca:1e:ae:be:f3:5e:
                    f6:08:dd:e0:a0:84:1d:3c:c9:54:53:bc:51:e8:66:
                    a5:fe:4e:84:ae:26:16:23:9a:31:70:e0:c0:f5:07:
                    b9:43:40:c1:bf:93:39:be:d7:4b:35:c7:40:33:2b:
                    c1:81:37:2a:6e:4e:d5:bf:10:f6:a6:85:8f:88:7c:
                    13:eb:2e:43:84:5c:d2:e9:1a:96:42:15:df:9b:c7:
                    17:3b:63:83:fd:d2:e4:40:22:b9:bf:de:bd:ba:51:
                    03:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F9:F0:5E:B7:2A:D4:B9:E3:87:08:00:87:D0:84:03:CC:5F:36:2D
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:15:ed:cd:34:ed:93:bd:9e:ae:cf:4b:35:a8:42:8b:8e:e8:
         80:43:6d:c0:83:9d:4c:cc:07:f5:18:88:79:4a:f5:12:0d:98:
         d8:7b:07:8e:7c:73:6a:ed:e2:fd:2d:60:60:0a:81:b9:70:b7:
         8f:5c:17:9c:13:65:2c:ac:a7:ed:d0:69:fb:bb:55:49:c6:24:
         cc:01:6e:7b:e6:61:43:41:1e:23:40:84:30:91:94:ef:ae:c8:
         f3:ea:8e:73:29:29:a6:5a:a8:24:82:41:e2:e1:47:7e:f1:5d:
         d5:05:35:52:75:d3:14:91:59:6d:a7:b4:b0:3e:44:74:c8:69:
         c3:82:1a:76:c4:58:a4:5e:35:d3:a0:9b:a6:fc:c5:e2:ae:2c:
         0d:89:11:cf:1b:de:7b:fe:b6:34:39:0b:95:8d:3c:dd:1c:1f:
         e0:41:ba:89:74:ba:ce:d6:39:be:56:3a:09:0b:ae:ff:66:4e:
         15:f9:9a:00:2d:77:c0:4d:fe:b8:e4:d4:3d:77:ad:41:19:aa:
         5a:f1:98:e2:d1:c6:03:c6:e0:40:d9:82:bf:b9:13:1d:7a:2c:
         85:7d:b0:6c:f5:12:2d:fe:b6:21:16:9e:ce:33:33:89:23:f4:
         8d:45:d7:e4:10:d6:8a:66:2b:00:a9:a6:a7:61:77:1f:d7:8c:
         4d:27:ac:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+xcdQVZ/BVb/L+icRW8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNDI3MTYwMTA2WhcNMjUwNDI4MTYwMTA2WjAzMTEwLwYDVQQD
Eyg1YWY5ZjA1ZWI3MmFkNGI5ZTM4NzA4MDA4N2QwODQwM2NjNWYzNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ6wrbcqPg9Wh9Emb0ENWt5WO6wV
BR6kgbt7TyGKrcbwecfCLrG1XeDnk/m9pVs28g7F5mQjGf6ocVwLN6UtQhopHZjf
uGIoQBA0RpRh0BqN1ZE/5rpbz2P9+YucV4P0jcQK5NtnTnunfEbzbKuZEdp1al92
QvD1d10GffIfwoAuSYHAOj1jvurLRniyldVdanBUR1cI216+B1l4bD3KHq6+8172
CN3goIQdPMlUU7xR6Gal/k6EriYWI5oxcODA9Qe5Q0DBv5M5vtdLNcdAMyvBgTcq
bk7VvxD2poWPiHwT6y5DhFzS6RqWQhXfm8cXO2OD/dLkQCK5v969ulEDvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFr58F63KtS544cIAIfQhAPMXzYtMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADBXtzTTt
k72ers9LNahCi47ogENtwIOdTMwH9RiIeUr1Eg2Y2HsHjnxzau3i/S1gYAqBuXC3
j1wXnBNlLKyn7dBp+7tVScYkzAFue+ZhQ0EeI0CEMJGU767I8+qOcykpplqoJIJB
4uFHfvFd1QU1UnXTFJFZbae0sD5EdMhpw4IadsRYpF4106CbpvzF4q4sDYkRzxve
e/62NDkLlY083Rwf4EG6iXS6ztY5vlY6CQuu/2ZOFfmaAC13wE3+uOTUPXetQRmq
WvGY4tHGA8bgQNmCv7kTHXoshX2wbPUSLf62IRaezjMziSP0jUXX5BDWimYrAKmm
p2F3H9eMTSesiA==
-----END CERTIFICATE-----