Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
File:                     gGM2o7hr9zon3dkGZn6tp1tHxJk.mft (raw, json)
Hash identifier:          s5toEbylorEiNOslY3F8+22hH5t1Dalm/5nj6ES0k68=
Subject key identifier:   E2:2A:3E:30:AD:9D:61:8B:0C:0C:09:00:C6:68:24:91:9C:15:2B:9D
Authority key identifier: 80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99
Certificate issuer:       /CN=806336a3b86bf73a27ddd906667eada75b47c499
Certificate serial:       019676E85F7D62E847B9B1651C9D2433BF4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
Manifest number:          0AAC
Signing time:             Sun 27 Apr 2025 11:01:02 +0000
Manifest this update:     Sun 27 Apr 2025 11:01:02 +0000
Manifest next update:     Mon 28 Apr 2025 11:01:02 +0000
Files and hashes:         1: gGM2o7hr9zon3dkGZn6tp1tHxJk.crl (hash: jV2us8byOjwp0OdkwMaKtrPDZGeg9s2bl+Ar5Qy8ZZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:5f:7d:62:e8:47:b9:b1:65:1c:9d:24:33:bf:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=806336a3b86bf73a27ddd906667eada75b47c499
        Validity
            Not Before: Apr 27 11:01:02 2025 GMT
            Not After : Apr 28 11:01:02 2025 GMT
        Subject: CN=e22a3e30ad9d618b0c0c0900c66824919c152b9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a7:da:46:ca:cc:fc:14:6e:0b:04:0b:e1:7c:
                    14:bf:7c:fe:ab:fd:27:fe:24:45:35:c7:68:79:a3:
                    e0:1e:2e:50:e5:51:ae:47:db:b0:21:12:01:fd:0e:
                    19:b8:db:50:3d:2f:dd:bb:cd:a2:3c:69:97:ac:2e:
                    41:30:97:bc:38:06:81:6d:e0:39:a1:b4:61:a2:8a:
                    34:8f:25:2d:14:44:4d:2b:71:a9:85:56:8e:19:d3:
                    30:de:ba:bd:45:07:8b:e8:56:13:32:7f:eb:c6:99:
                    14:fc:b0:e6:ed:c4:97:8d:22:bd:c3:73:d6:38:f6:
                    bc:84:9e:43:49:c7:67:c8:de:0e:ab:b7:9a:10:cf:
                    3c:14:56:2a:d1:30:5f:84:83:ba:61:c5:4e:c5:fe:
                    52:36:4b:1e:eb:59:01:76:c4:a5:9c:1a:a2:b9:41:
                    83:e9:ac:c5:83:22:46:3d:0c:c8:72:50:5d:02:a2:
                    f4:95:f3:a3:37:e9:34:9a:9a:b8:88:a3:0f:ed:00:
                    3d:dc:1f:1f:d5:59:f2:0f:32:30:24:3a:6f:07:00:
                    c1:10:47:cf:ed:20:ed:f2:08:5a:1c:64:16:36:00:
                    4e:18:9e:d9:dc:bd:0b:4e:fc:42:8f:d3:ee:4f:63:
                    59:28:75:fd:d0:ac:3f:54:48:97:c0:6c:a9:6f:7a:
                    8c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:2A:3E:30:AD:9D:61:8B:0C:0C:09:00:C6:68:24:91:9C:15:2B:9D
            X509v3 Authority Key Identifier:
                keyid:80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:1a:0b:96:d3:d7:c4:87:26:4b:f5:d8:de:8b:b4:2b:3c:e4:
         86:a9:da:9d:83:b4:99:a7:9f:dc:f1:c6:da:fb:38:e0:40:9a:
         fb:63:ff:70:67:96:8f:e8:17:29:44:38:62:b4:14:99:9c:21:
         02:8f:6a:1f:34:39:6e:14:44:59:31:4f:0c:39:4f:6d:e2:76:
         a4:68:0d:bf:b1:d0:25:14:b3:4a:a9:50:84:65:df:e5:f6:e5:
         57:37:e8:9b:f3:eb:51:56:99:c2:e0:17:54:2b:db:93:5c:0b:
         b5:a6:cf:f7:b5:1a:e4:e8:d7:f6:5c:ee:2f:27:d2:93:4d:18:
         57:7d:6d:fe:6f:68:0f:75:78:7f:c8:0d:5b:a6:a6:78:10:4f:
         ff:52:e1:71:fe:55:7d:aa:ef:dd:5f:2c:44:72:69:77:8e:3b:
         98:b9:a5:72:5d:29:77:2a:1e:76:71:65:93:d2:ec:e2:fc:27:
         18:65:d3:8a:2c:fe:b3:c8:95:82:c5:74:bd:02:38:80:e1:78:
         3c:08:00:72:b5:da:68:57:c3:c7:05:71:40:05:b6:76:e7:6b:
         a2:a0:6a:bd:ca:ab:d1:b1:ab:9f:dc:08:73:d7:ef:de:66:12:
         85:63:44:e2:d4:ad:82:f3:ed:05:97:99:4a:36:05:4d:d8:06:
         82:e5:22:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26F99YuhHubFlHJ0kM79KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjMzNmEzYjg2YmY3M2EyN2RkZDkwNjY2N2VhZGE3NWI0
N2M0OTkwHhcNMjUwNDI3MTEwMTAyWhcNMjUwNDI4MTEwMTAyWjAzMTEwLwYDVQQD
EyhlMjJhM2UzMGFkOWQ2MThiMGMwYzA5MDBjNjY4MjQ5MTljMTUyYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArafaRsrM/BRuCwQL4XwUv3z+q/0n
/iRFNcdoeaPgHi5Q5VGuR9uwIRIB/Q4ZuNtQPS/du82iPGmXrC5BMJe8OAaBbeA5
obRhooo0jyUtFERNK3GphVaOGdMw3rq9RQeL6FYTMn/rxpkU/LDm7cSXjSK9w3PW
OPa8hJ5DScdnyN4Oq7eaEM88FFYq0TBfhIO6YcVOxf5SNkse61kBdsSlnBqiuUGD
6azFgyJGPQzIclBdAqL0lfOjN+k0mpq4iKMP7QA93B8f1VnyDzIwJDpvBwDBEEfP
7SDt8ghaHGQWNgBOGJ7Z3L0LTvxCj9PuT2NZKHX90Kw/VEiXwGypb3qM6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIqPjCtnWGLDAwJAMZoJJGcFSudMB8GA1UdIwQY
MBaAFIBjNqO4a/c6J93ZBmZ+radbR8SZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEt
MDliYjU5NmU4NDU0LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEtMDliYjU5NmU4NDU0
LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRoLltPX
xIcmS/XY3ou0KzzkhqnanYO0maef3PHG2vs44ECa+2P/cGeWj+gXKUQ4YrQUmZwh
Ao9qHzQ5bhREWTFPDDlPbeJ2pGgNv7HQJRSzSqlQhGXf5fblVzfom/PrUVaZwuAX
VCvbk1wLtabP97Ua5OjX9lzuLyfSk00YV31t/m9oD3V4f8gNW6ameBBP/1Lhcf5V
farv3V8sRHJpd447mLmlcl0pdyoednFlk9Ls4vwnGGXTiiz+s8iVgsV0vQI4gOF4
PAgAcrXaaFfDxwVxQAW2dudroqBqvcqr0bGrn9wIc9fv3mYShWNE4tStgvPtBZeZ
SjYFTdgGguUi2A==
-----END CERTIFICATE-----