Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft
File:                     GDDmA-nKjAXUwbxisLdue9nRiQk.mft (raw, json)
Hash identifier:          9HDNe9O9bo/3KjO++4ofjfDcbPhUujBFihNMTcVOpr4=
Subject key identifier:   14:F9:7F:42:B2:B2:4F:FC:DF:1E:8A:96:C8:78:F5:0D:58:B5:CA:37
Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
Certificate issuer:       /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Certificate serial:       01987C40771406E2A5DCBF1423D51CB04EA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft
Manifest number:          1620
Signing time:             Tue 05 Aug 2025 22:00:56 +0000
Manifest this update:     Tue 05 Aug 2025 22:00:56 +0000
Manifest next update:     Wed 06 Aug 2025 22:00:56 +0000
Files and hashes:         1: GDDmA-nKjAXUwbxisLdue9nRiQk.crl (hash: FCqbunSvrnGVIx4yetXr+ZSMw3lNv9bSiYuV5bplTn0=)
                          2: o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa (hash: BiVeXsHTenn/poTYlXrG4Bvxv5uxzXwbjeteQc7yW9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 17:44:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:40:77:14:06:e2:a5:dc:bf:14:23:d5:1c:b0:4e:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
        Validity
            Not Before: Aug  5 22:00:56 2025 GMT
            Not After : Aug  6 22:00:56 2025 GMT
        Subject: CN=14f97f42b2b24ffcdf1e8a96c878f50d58b5ca37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7e:d8:94:da:dc:e0:ed:ab:91:f8:52:fa:8a:
                    9a:be:88:a2:dd:c5:7d:36:0e:11:b2:55:02:6c:60:
                    eb:42:43:eb:7d:50:fd:20:87:2e:19:a4:8b:a5:a7:
                    65:c2:fd:0c:65:ac:83:fb:1b:4f:3c:ec:67:e8:37:
                    f5:d2:54:3f:e6:15:68:cb:9c:b0:f4:db:f2:f5:ce:
                    0f:c4:33:fc:0c:11:ec:b0:7c:7f:99:06:c1:1d:88:
                    bc:85:68:6e:10:d2:3f:1b:4a:ff:1b:1f:9f:82:d2:
                    c4:5d:3f:4c:b9:04:ac:dc:43:41:25:32:00:39:1c:
                    48:87:7a:9d:74:61:10:b2:5f:5f:26:9a:65:83:3f:
                    22:7d:f9:5e:a8:9e:aa:71:02:9c:19:d2:6e:e1:4e:
                    9f:ad:d8:d5:c7:00:c0:eb:fa:54:42:6b:4e:c7:09:
                    cf:7e:52:d4:87:47:ff:55:f9:35:7c:70:ab:d3:07:
                    de:ac:d5:30:f2:d5:d1:b9:e9:cc:7a:33:41:42:b9:
                    95:94:e0:58:b3:59:b3:81:15:d9:ea:5b:67:84:7a:
                    05:dd:b1:dd:76:59:70:1a:ac:a0:92:3a:27:af:8c:
                    94:a8:92:70:1c:ae:f2:30:35:8a:e5:3d:9c:5c:bf:
                    b3:29:6e:dd:63:eb:ca:19:db:3b:b8:95:5e:29:b1:
                    c1:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:F9:7F:42:B2:B2:4F:FC:DF:1E:8A:96:C8:78:F5:0D:58:B5:CA:37
            X509v3 Authority Key Identifier:
                keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:ef:a1:67:c0:5b:a4:35:3e:38:71:ad:c5:45:68:8b:53:7e:
         29:f7:99:c0:64:cf:a8:c4:4b:6e:bb:33:27:0d:0e:e4:40:ca:
         e2:d3:78:fa:62:a1:03:a9:63:4f:c0:09:ad:0c:1c:30:f9:96:
         37:cf:81:ac:a3:98:4d:28:3f:0c:e6:d4:24:c6:38:bc:12:ec:
         b9:4e:1d:b7:a0:0d:66:50:cd:0b:bf:05:11:17:00:1c:7c:6e:
         4c:84:c6:7b:98:b7:fc:da:aa:00:fd:94:38:20:9a:a6:90:58:
         22:9b:b4:f3:34:63:db:ce:91:f1:e0:23:d8:27:d1:7a:74:50:
         03:7f:e4:c8:03:d2:e0:c4:16:3a:dc:62:84:85:aa:66:78:96:
         bd:a7:09:3c:35:9a:46:5a:05:5e:bd:aa:b0:a1:4e:f6:a7:50:
         0c:01:1c:ef:b3:5d:83:85:28:0c:5b:f6:0f:3f:5b:f4:14:bf:
         25:28:60:a5:ec:69:d2:d2:29:4c:dd:e3:9f:23:0e:49:36:83:
         2f:65:b8:12:b9:14:c6:ff:38:e0:e2:62:ea:f4:1f:be:3d:78:
         22:f1:6e:09:a8:55:d4:b5:de:44:d6:22:1d:4b:5e:b9:ab:06:
         97:c1:8b:eb:96:7a:32:f4:16:a2:96:bf:60:bb:b4:14:28:d1:
         3a:36:d0:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8QHcUBuKl3L8UI9UcsE6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk
MTg5MDkwHhcNMjUwODA1MjIwMDU2WhcNMjUwODA2MjIwMDU2WjAzMTEwLwYDVQQD
EygxNGY5N2Y0MmIyYjI0ZmZjZGYxZThhOTZjODc4ZjUwZDU4YjVjYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn7YlNrc4O2rkfhS+oqavoii3cV9
Ng4RslUCbGDrQkPrfVD9IIcuGaSLpadlwv0MZayD+xtPPOxn6Df10lQ/5hVoy5yw
9Nvy9c4PxDP8DBHssHx/mQbBHYi8hWhuENI/G0r/Gx+fgtLEXT9MuQSs3ENBJTIA
ORxIh3qddGEQsl9fJpplgz8iffleqJ6qcQKcGdJu4U6frdjVxwDA6/pUQmtOxwnP
flLUh0f/Vfk1fHCr0wferNUw8tXRuenMejNBQrmVlOBYs1mzgRXZ6ltnhHoF3bHd
dllwGqygkjonr4yUqJJwHK7yMDWK5T2cXL+zKW7dY+vKGds7uJVeKbHBfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBT5f0Kysk/83x6Klsh49Q1Ytco3MB8GA1UdIwQY
MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt
MTc4OWU2NGQzMjEwLzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw
LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwu+hZ8Bb
pDU+OHGtxUVoi1N+KfeZwGTPqMRLbrszJw0O5EDK4tN4+mKhA6ljT8AJrQwcMPmW
N8+BrKOYTSg/DObUJMY4vBLsuU4dt6ANZlDNC78FERcAHHxuTITGe5i3/NqqAP2U
OCCappBYIpu08zRj286R8eAj2CfRenRQA3/kyAPS4MQWOtxihIWqZniWvacJPDWa
RloFXr2qsKFO9qdQDAEc77Ndg4UoDFv2Dz9b9BS/JShgpexp0tIpTN3jnyMOSTaD
L2W4ErkUxv844OJi6vQfvj14IvFuCahV1LXeRNYiHUteuasGl8GL65Z6MvQWopa/
YLu0FCjROjbQjQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:29 2025 by rpki-client