Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft
File:                     G_GA7KTkQF6Heotjkjp1iNd-OdI.mft (raw, json)
Hash identifier:          9ceWUdv0ow2atO5tQnvAoDNIS2zaOqcmXP/q0f0qVtw=
Subject key identifier:   2B:6F:90:A2:E3:34:11:D2:1D:97:E9:C1:00:5B:48:A0:D1:60:2D:15
Authority key identifier: 1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2
Certificate issuer:       /CN=1bf180eca4e4405e877a8b63923a7588d77e39d2
Certificate serial:       019A53760E73DD8AF3E4CF831407A901A597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft
Manifest number:          0666
Signing time:             Wed 05 Nov 2025 10:00:37 +0000
Manifest this update:     Wed 05 Nov 2025 10:00:37 +0000
Manifest next update:     Thu 06 Nov 2025 10:00:37 +0000
Files and hashes:         1: G_GA7KTkQF6Heotjkjp1iNd-OdI.crl (hash: Fg7GNiUiokmoWPlhoiAWXeE5T2GG1S43qQ3zpjvwFVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 10:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:76:0e:73:dd:8a:f3:e4:cf:83:14:07:a9:01:a5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf180eca4e4405e877a8b63923a7588d77e39d2
        Validity
            Not Before: Nov  5 10:00:37 2025 GMT
            Not After : Nov  6 10:00:37 2025 GMT
        Subject: CN=2b6f90a2e33411d21d97e9c1005b48a0d1602d15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c3:ed:4f:49:aa:c5:e5:2a:e0:a2:e9:38:fd:
                    11:79:58:78:7c:6f:c1:0a:2c:53:b5:bb:82:55:50:
                    a5:9c:57:59:77:b3:5d:59:22:dc:22:73:49:f8:74:
                    7a:77:23:11:03:8e:9c:f2:4e:34:d1:08:9b:4b:49:
                    8c:1e:07:2d:17:9c:c4:ab:3c:80:4b:41:ed:bb:7b:
                    37:29:47:58:86:df:a9:72:c0:ad:82:e9:46:e7:c7:
                    18:b5:f1:10:8a:03:90:5a:f2:2d:79:8e:de:82:05:
                    b4:2e:4a:af:97:59:df:f7:0a:5f:6e:c1:ff:70:80:
                    c6:40:c7:3a:97:05:75:3c:c9:a5:dd:73:32:22:f2:
                    78:f8:7f:14:13:21:8a:eb:5a:2d:c8:3b:4f:a6:40:
                    e9:1f:6b:f7:8e:44:1d:b2:ec:fd:e7:3d:a8:63:c8:
                    f3:39:d3:9c:f2:3a:a1:ae:c6:70:8e:33:71:8e:ac:
                    ca:a5:2a:70:81:c9:1f:0e:a3:c5:0d:44:79:00:5a:
                    01:3d:69:cf:47:51:4f:7f:c4:1c:f0:e5:01:5c:49:
                    18:b5:fa:25:fa:dc:04:8d:98:59:76:cc:fa:a9:86:
                    f4:c6:8f:fa:b9:27:5b:35:bd:1f:fd:0e:f7:1e:3a:
                    5c:d6:53:6e:25:6d:94:e3:9e:ba:10:8e:46:ab:e4:
                    78:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6F:90:A2:E3:34:11:D2:1D:97:E9:C1:00:5B:48:A0:D1:60:2D:15
            X509v3 Authority Key Identifier:
                keyid:1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:82:42:02:0c:6e:1b:e3:39:4f:e0:5a:d1:db:7e:8d:f3:dd:
         6d:d2:fe:25:d4:62:bb:07:6d:dc:03:4a:64:37:d1:4c:5a:a4:
         03:83:b6:23:7a:d5:ef:c5:96:af:2d:8e:65:fe:32:07:a5:14:
         ae:0c:93:13:61:a9:3f:e8:41:80:44:00:00:92:c5:58:78:a1:
         b0:3f:bd:6f:7a:de:e9:4d:0f:5b:15:96:a1:35:78:d5:e3:43:
         c8:a4:d8:02:b9:50:de:d5:73:e1:41:70:6c:e8:e3:aa:ec:a1:
         26:13:17:2f:54:39:0c:a9:60:b2:d9:46:7e:e3:65:71:f8:bb:
         04:f8:dd:bb:d0:5e:e0:7f:d3:36:45:e7:09:9d:9f:b6:f1:1e:
         76:04:56:0c:56:8c:6d:20:08:7d:60:39:52:1c:51:21:db:ca:
         45:08:e1:68:e5:97:0e:c6:70:9f:7f:61:ca:72:f6:4b:ac:b3:
         86:4e:59:0e:e8:f3:14:ea:54:65:9a:94:bf:a7:11:15:e2:7c:
         3c:70:80:84:83:86:cb:1d:ae:76:fd:9b:40:23:a4:db:35:63:
         fc:c2:e3:12:0f:98:c9:4c:c2:19:8b:a2:e1:24:b2:a1:47:cd:
         06:8b:c1:ef:32:62:d1:48:db:f3:d8:e6:b1:c6:03:8a:a8:94:
         1a:83:bc:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdg5z3Yrz5M+DFAepAaWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjE4MGVjYTRlNDQwNWU4NzdhOGI2MzkyM2E3NTg4ZDc3
ZTM5ZDIwHhcNMjUxMTA1MTAwMDM3WhcNMjUxMTA2MTAwMDM3WjAzMTEwLwYDVQQD
EygyYjZmOTBhMmUzMzQxMWQyMWQ5N2U5YzEwMDViNDhhMGQxNjAyZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosPtT0mqxeUq4KLpOP0ReVh4fG/B
CixTtbuCVVClnFdZd7NdWSLcInNJ+HR6dyMRA46c8k400QibS0mMHgctF5zEqzyA
S0Htu3s3KUdYht+pcsCtgulG58cYtfEQigOQWvIteY7eggW0Lkqvl1nf9wpfbsH/
cIDGQMc6lwV1PMml3XMyIvJ4+H8UEyGK61otyDtPpkDpH2v3jkQdsuz95z2oY8jz
OdOc8jqhrsZwjjNxjqzKpSpwgckfDqPFDUR5AFoBPWnPR1FPf8Qc8OUBXEkYtfol
+twEjZhZdsz6qYb0xo/6uSdbNb0f/Q73Hjpc1lNuJW2U4566EI5Gq+R4HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtvkKLjNBHSHZfpwQBbSKDRYC0VMB8GA1UdIwQY
MBaAFBvxgOyk5EBeh3qLY5I6dYjXfjnSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYt
ZGM2YjFmZjcyYzE4LzEvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYtZGM2YjFmZjcyYzE4
LzEvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIJCAgxu
G+M5T+Ba0dt+jfPdbdL+JdRiuwdt3ANKZDfRTFqkA4O2I3rV78WWry2OZf4yB6UU
rgyTE2GpP+hBgEQAAJLFWHihsD+9b3re6U0PWxWWoTV41eNDyKTYArlQ3tVz4UFw
bOjjquyhJhMXL1Q5DKlgstlGfuNlcfi7BPjdu9Be4H/TNkXnCZ2ftvEedgRWDFaM
bSAIfWA5UhxRIdvKRQjhaOWXDsZwn39hynL2S6yzhk5ZDujzFOpUZZqUv6cRFeJ8
PHCAhIOGyx2udv2bQCOk2zVj/MLjEg+YyUzCGYui4SSyoUfNBovB7zJi0Ujb89jm
scYDiqiUGoO8hQ==
-----END CERTIFICATE-----