Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          CTayMIpid/MT3gaTO4MXB5lKNEMmUqXZw6EVgK+trYU=
Subject key identifier:   A1:8E:33:A1:25:75:AD:3D:A2:4A:7F:07:CD:6D:88:8F:BE:08:42:BD
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       01967FB4A23D796E96879EFD0DDEEF373DC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1511
Signing time:             Tue 29 Apr 2025 04:01:06 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:06 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:06 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: OI0Xlqg2RRb5XtKN/xpWbEEsQGVJGRfqnub+IX5W6mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:a2:3d:79:6e:96:87:9e:fd:0d:de:ef:37:3d:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Apr 29 04:01:06 2025 GMT
            Not After : Apr 30 04:01:06 2025 GMT
        Subject: CN=a18e33a12575ad3da24a7f07cd6d888fbe0842bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:80:93:00:c2:76:18:36:b0:51:cc:b8:78:6d:
                    de:93:1a:70:82:e9:0b:f0:7f:6e:a4:01:46:65:f8:
                    b2:c9:e2:df:45:2b:0a:6b:a1:d4:55:d7:4d:b1:0e:
                    cd:1a:a4:2f:65:f2:26:49:dc:76:c8:e3:09:b7:c1:
                    3a:d4:5e:bf:23:0b:17:e4:3d:a5:d2:b6:8b:71:43:
                    76:14:e7:fe:55:77:28:b1:29:3d:c1:50:a4:30:da:
                    ca:24:5a:15:97:df:55:3c:48:97:70:c5:1c:4b:38:
                    ed:06:5f:85:99:a3:6a:9b:c6:93:60:b8:51:5a:99:
                    38:21:aa:26:f7:e3:c2:c3:be:83:46:57:9c:44:39:
                    af:c9:f9:77:57:dd:75:06:84:ad:9c:ed:83:77:e6:
                    4d:aa:28:de:fd:57:35:4a:2f:ec:8e:92:f2:3b:ce:
                    46:11:77:3c:af:b4:6d:1c:ae:b7:88:45:a6:51:79:
                    c0:43:59:b3:6e:2c:95:54:c8:62:dd:9e:ba:e6:c3:
                    09:8a:f8:ec:5d:da:ce:8f:49:ac:98:df:e3:27:23:
                    88:61:5c:b4:41:1e:d9:06:b3:84:38:d3:88:df:8b:
                    f8:58:51:88:66:f0:4c:81:11:1e:2e:b5:69:e6:bd:
                    62:82:2c:82:a3:b1:a0:fb:51:da:ca:40:70:d9:8a:
                    97:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8E:33:A1:25:75:AD:3D:A2:4A:7F:07:CD:6D:88:8F:BE:08:42:BD
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:8a:e5:13:c3:46:d4:f1:7e:68:b5:e6:9f:13:16:a1:cb:67:
         39:04:62:bd:44:f1:9e:4f:5e:21:e9:63:2c:94:a7:c2:32:01:
         d4:85:74:2f:0c:f4:2d:bf:e9:41:e8:2c:c9:09:ae:7a:4a:a4:
         c1:4e:9c:50:5a:8a:cf:b0:aa:0e:c0:f6:82:b5:c7:c6:f1:21:
         c7:4d:2e:80:c3:90:b3:03:d6:6a:03:87:51:c5:89:2f:c5:30:
         5e:13:2a:2b:cf:81:5c:a4:df:a8:e0:71:47:f9:0f:c5:81:a8:
         ad:26:e9:97:08:a1:0e:ae:18:c2:6d:0e:4e:db:e2:ea:6b:ce:
         1b:64:ac:4e:36:1c:45:3b:6f:42:7d:2c:6d:62:ff:9c:1c:06:
         82:c0:53:f5:51:48:14:05:ec:ac:f6:ab:b6:c4:c7:c4:6c:4f:
         f1:b7:e4:d5:8c:45:97:6f:b0:13:47:87:1b:5d:16:03:3a:d3:
         5f:dd:32:80:c0:1b:a8:3b:e6:eb:74:c5:4c:1f:96:b6:c5:6d:
         d9:05:5f:15:38:8e:80:36:39:fa:24:8f:06:51:0f:55:f8:f2:
         19:2b:70:31:05:1e:b8:cb:e5:ca:e6:9b:65:a5:18:8f:d5:29:
         63:0b:b5:38:17:01:ca:84:3a:7c:64:5c:8f:55:e9:8e:87:d4:
         a2:71:14:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tKI9eW6Wh579Dd7vNz3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUwNDI5MDQwMTA2WhcNMjUwNDMwMDQwMTA2WjAzMTEwLwYDVQQD
EyhhMThlMzNhMTI1NzVhZDNkYTI0YTdmMDdjZDZkODg4ZmJlMDg0MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8oCTAMJ2GDawUcy4eG3ekxpwgukL
8H9upAFGZfiyyeLfRSsKa6HUVddNsQ7NGqQvZfImSdx2yOMJt8E61F6/IwsX5D2l
0raLcUN2FOf+VXcosSk9wVCkMNrKJFoVl99VPEiXcMUcSzjtBl+FmaNqm8aTYLhR
Wpk4Iaom9+PCw76DRlecRDmvyfl3V911BoStnO2Dd+ZNqije/Vc1Si/sjpLyO85G
EXc8r7RtHK63iEWmUXnAQ1mzbiyVVMhi3Z665sMJivjsXdrOj0msmN/jJyOIYVy0
QR7ZBrOEONOI34v4WFGIZvBMgREeLrVp5r1igiyCo7Gg+1HaykBw2YqXOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGOM6Elda09okp/B81tiI++CEK9MB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYrlE8NG
1PF+aLXmnxMWoctnOQRivUTxnk9eIeljLJSnwjIB1IV0Lwz0Lb/pQegsyQmuekqk
wU6cUFqKz7CqDsD2grXHxvEhx00ugMOQswPWagOHUcWJL8UwXhMqK8+BXKTfqOBx
R/kPxYGorSbplwihDq4Ywm0OTtvi6mvOG2SsTjYcRTtvQn0sbWL/nBwGgsBT9VFI
FAXsrPartsTHxGxP8bfk1YxFl2+wE0eHG10WAzrTX90ygMAbqDvm63TFTB+WtsVt
2QVfFTiOgDY5+iSPBlEPVfjyGStwMQUeuMvlyuabZaUYj9UpYwu1OBcByoQ6fGRc
j1XpjofUonEUKA==
-----END CERTIFICATE-----