Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
File:                     gGM2o7hr9zon3dkGZn6tp1tHxJk.mft (raw, json)
Hash identifier:          CTv9iOyBgcuyl+kGijZYDW37jL6/AWwTArBhb15Gz8Q=
Subject key identifier:   8C:3C:C9:53:7E:F3:02:C0:7C:15:30:E7:93:4E:6F:B9:6E:AF:23:CC
Authority key identifier: 80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99
Certificate issuer:       /CN=806336a3b86bf73a27ddd906667eada75b47c499
Certificate serial:       01989F3AE4C0D9DF5B0C85A71DA327AB4AEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
Manifest number:          0BCA
Signing time:             Tue 12 Aug 2025 17:01:33 +0000
Manifest this update:     Tue 12 Aug 2025 17:01:33 +0000
Manifest next update:     Wed 13 Aug 2025 17:01:33 +0000
Files and hashes:         1: gGM2o7hr9zon3dkGZn6tp1tHxJk.crl (hash: Y/uKsnH1PT6s5pkPl11+1+mPmgmV40WBuHcNocIq2aE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:e4:c0:d9:df:5b:0c:85:a7:1d:a3:27:ab:4a:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=806336a3b86bf73a27ddd906667eada75b47c499
        Validity
            Not Before: Aug 12 17:01:33 2025 GMT
            Not After : Aug 13 17:01:33 2025 GMT
        Subject: CN=8c3cc9537ef302c07c1530e7934e6fb96eaf23cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e5:c1:38:3e:ef:b2:a1:08:eb:a6:df:38:da:
                    bc:3b:9a:fc:88:2f:95:bc:56:91:3f:6e:01:b6:12:
                    18:a6:5c:fe:69:a0:fc:8a:be:18:fe:df:8f:5b:30:
                    f3:32:c6:d8:09:e4:52:06:6b:6c:65:52:1e:07:c9:
                    a1:02:00:ba:58:57:e3:61:f4:a2:09:62:74:27:f4:
                    95:0f:66:d6:9c:ff:0c:aa:5e:ad:dd:38:ff:21:72:
                    8a:db:e4:fa:84:0f:ab:55:c8:28:fd:f3:ca:81:0f:
                    b3:23:62:25:e3:3e:4f:fc:9a:58:9a:fb:4e:b4:9f:
                    93:f5:ab:97:95:b4:09:ff:30:35:73:a5:92:89:de:
                    fd:2c:41:2a:69:35:fc:b6:b0:12:3d:84:2c:e2:19:
                    8b:aa:75:1d:64:59:77:a9:fb:3f:83:97:91:c9:4a:
                    94:03:3b:3e:36:76:83:99:55:09:ae:35:e4:b0:1d:
                    94:f9:c2:eb:5d:4d:61:54:1d:ef:00:4f:eb:95:9f:
                    1b:64:81:95:9a:fd:c8:1e:66:e2:2d:a3:5a:2b:95:
                    ce:b1:f7:92:c6:a4:f9:9b:72:78:76:91:94:36:b1:
                    e0:08:71:61:20:13:98:c2:4e:dd:00:e6:e8:6f:b1:
                    39:65:78:46:5b:e7:cc:67:f8:19:93:97:bf:67:b7:
                    28:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:3C:C9:53:7E:F3:02:C0:7C:15:30:E7:93:4E:6F:B9:6E:AF:23:CC
            X509v3 Authority Key Identifier:
                keyid:80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:15:89:0f:85:6f:10:9a:d3:f2:36:0c:af:ce:4c:b4:7e:94:
         04:c6:ee:b1:8a:89:6c:7f:9e:22:59:20:59:5d:a9:92:1e:1c:
         79:ae:f2:fa:22:e6:0d:91:d4:e0:49:24:5f:06:f4:35:37:b0:
         17:36:8e:a2:f2:06:84:91:5c:b2:73:88:bf:ab:38:2b:18:eb:
         dd:c7:25:70:3e:b2:37:89:4b:9f:8a:c0:88:21:9a:bb:8f:43:
         15:44:20:a6:42:ae:eb:a2:a9:6a:58:49:a9:16:67:a7:a9:81:
         f9:ca:29:ea:5b:4c:f7:af:9a:31:db:e4:6a:ea:88:9c:ff:ac:
         2b:e0:6a:89:cb:e7:36:1b:bb:96:39:58:3c:a3:23:0b:fd:34:
         6f:e9:34:4c:9d:41:32:4e:69:d2:27:23:b2:4e:82:a8:f7:c0:
         66:c8:de:46:91:14:e8:a3:4d:8a:0f:10:04:d7:8f:05:ae:7e:
         2a:64:d4:d1:a2:66:23:5d:d8:94:7d:df:0d:cf:63:3e:ce:83:
         52:ad:a8:9d:c3:f2:4d:48:f4:dc:81:75:7a:2f:2c:7c:5e:88:
         d1:7e:31:c3:3a:15:35:fb:b0:e3:ec:f9:bb:a1:38:58:38:7e:
         b1:52:a8:60:b7:ea:00:bf:4a:42:27:97:2b:8c:ae:b2:28:e4:
         3c:4a:f2:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOuTA2d9bDIWnHaMnq0rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjMzNmEzYjg2YmY3M2EyN2RkZDkwNjY2N2VhZGE3NWI0
N2M0OTkwHhcNMjUwODEyMTcwMTMzWhcNMjUwODEzMTcwMTMzWjAzMTEwLwYDVQQD
Eyg4YzNjYzk1MzdlZjMwMmMwN2MxNTMwZTc5MzRlNmZiOTZlYWYyM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuXBOD7vsqEI66bfONq8O5r8iC+V
vFaRP24BthIYplz+aaD8ir4Y/t+PWzDzMsbYCeRSBmtsZVIeB8mhAgC6WFfjYfSi
CWJ0J/SVD2bWnP8Mql6t3Tj/IXKK2+T6hA+rVcgo/fPKgQ+zI2Il4z5P/JpYmvtO
tJ+T9auXlbQJ/zA1c6WSid79LEEqaTX8trASPYQs4hmLqnUdZFl3qfs/g5eRyUqU
Azs+NnaDmVUJrjXksB2U+cLrXU1hVB3vAE/rlZ8bZIGVmv3IHmbiLaNaK5XOsfeS
xqT5m3J4dpGUNrHgCHFhIBOYwk7dAObob7E5ZXhGW+fMZ/gZk5e/Z7coHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIw8yVN+8wLAfBUw55NOb7luryPMMB8GA1UdIwQY
MBaAFIBjNqO4a/c6J93ZBmZ+radbR8SZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEt
MDliYjU5NmU4NDU0LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEtMDliYjU5NmU4NDU0
LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxWJD4Vv
EJrT8jYMr85MtH6UBMbusYqJbH+eIlkgWV2pkh4cea7y+iLmDZHU4EkkXwb0NTew
FzaOovIGhJFcsnOIv6s4Kxjr3cclcD6yN4lLn4rAiCGau49DFUQgpkKu66KpalhJ
qRZnp6mB+cop6ltM96+aMdvkauqInP+sK+BqicvnNhu7ljlYPKMjC/00b+k0TJ1B
Mk5p0icjsk6CqPfAZsjeRpEU6KNNig8QBNePBa5+KmTU0aJmI13YlH3fDc9jPs6D
Uq2oncPyTUj03IF1ei8sfF6I0X4xwzoVNfuw4+z5u6E4WDh+sVKoYLfqAL9KQieX
K4yusijkPEryHA==
-----END CERTIFICATE-----