Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          GDloSFa8cwf3XM9FhSpAmUMpeKzE6H9GB/tExi9iGKU=
Subject key identifier:   8D:F1:B9:FA:13:D3:1B:96:70:BD:10:16:AE:46:51:9F:2D:AD:E0:14
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       01987A1AE92A91D5F0555A38A9B4341A8057
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          1617
Signing time:             Tue 05 Aug 2025 12:00:40 +0000
Manifest this update:     Tue 05 Aug 2025 12:00:40 +0000
Manifest next update:     Wed 06 Aug 2025 12:00:40 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: FZ29CRKl1aM4/dU+ilYk3DLG+TjbWulwDDuxeTh8a8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 12:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:1a:e9:2a:91:d5:f0:55:5a:38:a9:b4:34:1a:80:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Aug  5 12:00:40 2025 GMT
            Not After : Aug  6 12:00:40 2025 GMT
        Subject: CN=8df1b9fa13d31b9670bd1016ae46519f2dade014
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:db:ac:34:9f:98:ab:72:af:0c:1a:61:8b:b9:
                    69:4c:8b:39:8c:41:93:db:90:92:0a:a0:62:e7:fe:
                    61:4b:1c:67:3f:49:a4:40:7e:f7:ca:66:a4:99:e7:
                    fb:d3:66:cb:cf:0b:98:2b:11:57:a2:54:bc:cf:96:
                    3a:7f:b3:f6:91:73:39:fa:76:e2:03:00:cb:89:21:
                    cd:95:f1:fc:92:84:10:b6:83:0b:c7:4a:12:60:be:
                    47:30:a9:d3:e1:b9:14:b2:b8:9f:f2:44:44:ee:89:
                    2d:bf:2c:60:75:81:33:25:fa:4e:c5:c4:ed:99:96:
                    db:15:f9:6a:10:63:7f:68:85:d6:89:1c:37:01:7e:
                    2c:b8:a5:12:10:c2:c9:00:ee:97:b4:04:da:ef:36:
                    a4:fd:36:1d:48:55:f9:74:bc:f8:09:b4:41:c2:33:
                    ea:65:c8:12:05:6a:4f:cc:3f:cf:73:f8:17:2f:83:
                    49:91:48:d5:74:23:02:62:26:0c:46:1a:6e:c8:d1:
                    a5:78:d6:b5:ca:f9:3e:1e:14:b5:4f:58:d9:56:75:
                    50:4f:0c:1c:fb:ba:72:65:7a:8f:6b:4f:e6:93:7b:
                    7d:f1:27:f2:0a:1c:14:89:3b:da:06:79:ab:e1:88:
                    88:30:75:04:cc:e2:e9:8b:0a:53:39:21:8f:af:66:
                    f0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:F1:B9:FA:13:D3:1B:96:70:BD:10:16:AE:46:51:9F:2D:AD:E0:14
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:4d:a5:ff:05:ce:32:49:0e:f9:8b:2a:34:7c:4f:d9:bf:89:
         a9:fd:6e:7d:c4:a3:c1:46:64:81:44:34:87:0e:2d:e8:a5:a4:
         59:67:68:88:0d:14:7d:d2:8b:08:f8:49:72:0f:57:2a:23:19:
         24:ad:41:ad:14:7e:fe:67:fe:fa:29:8e:e1:6c:92:1e:89:72:
         07:19:93:0d:41:6f:86:0f:6a:6b:50:41:8e:bc:52:68:91:c7:
         b4:22:4f:f0:31:95:5d:08:93:07:50:99:05:12:1e:ec:0b:99:
         7f:2e:96:48:fb:22:13:16:e6:80:86:b9:14:c7:81:6c:6d:d3:
         c4:a3:25:10:ae:3c:28:68:a7:f7:d9:51:21:9c:5e:cc:5f:72:
         5d:89:6b:ed:e6:bc:9c:5d:8f:0b:03:32:3c:82:ba:20:b5:90:
         b7:86:9a:fa:41:9c:07:98:a9:7b:b7:c6:3a:62:b0:0c:5c:98:
         fc:d7:4e:47:74:68:82:33:d3:23:49:a7:b9:be:3f:80:f9:93:
         d6:51:e5:e7:26:15:8c:80:37:b1:62:60:14:5c:87:81:a1:eb:
         1a:5d:2d:de:8f:ef:83:32:b1:25:3b:bf:a3:9e:53:98:59:52:
         8b:24:ac:01:5a:60:9e:c8:d3:47:7a:86:bf:36:77:f7:3c:c4:
         aa:32:7c:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6GukqkdXwVVo4qbQ0GoBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUwODA1MTIwMDQwWhcNMjUwODA2MTIwMDQwWjAzMTEwLwYDVQQD
Eyg4ZGYxYjlmYTEzZDMxYjk2NzBiZDEwMTZhZTQ2NTE5ZjJkYWRlMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNusNJ+Yq3KvDBphi7lpTIs5jEGT
25CSCqBi5/5hSxxnP0mkQH73ymakmef702bLzwuYKxFXolS8z5Y6f7P2kXM5+nbi
AwDLiSHNlfH8koQQtoMLx0oSYL5HMKnT4bkUsrif8kRE7oktvyxgdYEzJfpOxcTt
mZbbFflqEGN/aIXWiRw3AX4suKUSEMLJAO6XtATa7zak/TYdSFX5dLz4CbRBwjPq
ZcgSBWpPzD/Pc/gXL4NJkUjVdCMCYiYMRhpuyNGleNa1yvk+HhS1T1jZVnVQTwwc
+7pyZXqPa0/mk3t98SfyChwUiTvaBnmr4YiIMHUEzOLpiwpTOSGPr2bw4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3xufoT0xuWcL0QFq5GUZ8treAUMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm02l/wXO
MkkO+YsqNHxP2b+Jqf1ufcSjwUZkgUQ0hw4t6KWkWWdoiA0UfdKLCPhJcg9XKiMZ
JK1BrRR+/mf++imO4WySHolyBxmTDUFvhg9qa1BBjrxSaJHHtCJP8DGVXQiTB1CZ
BRIe7AuZfy6WSPsiExbmgIa5FMeBbG3TxKMlEK48KGin99lRIZxezF9yXYlr7ea8
nF2PCwMyPIK6ILWQt4aa+kGcB5ipe7fGOmKwDFyY/NdOR3RogjPTI0mnub4/gPmT
1lHl5yYVjIA3sWJgFFyHgaHrGl0t3o/vgzKxJTu/o55TmFlSiySsAVpgnsjTR3qG
vzZ39zzEqjJ8Cw==
-----END CERTIFICATE-----