Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          SYASfhzD7alcPS+uPYIWG3Yfsf4PW8MhVHdgsLWSZdU=
Subject key identifier:   FF:94:9B:E9:03:C5:18:6A:B1:20:DC:A8:89:7A:8C:2D:C8:07:65:60
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       019A4F620CE87232B58C8BEEA242BBA0301E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 15:00:17 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:17 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:17 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: UnlqWekRyYoKqvqYtgsO2lRj5mvWw+gqrkQyEutjWRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:0c:e8:72:32:b5:8c:8b:ee:a2:42:bb:a0:30:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Nov  4 15:00:17 2025 GMT
            Not After : Nov  5 15:00:17 2025 GMT
        Subject: CN=ff949be903c5186ab120dca8897a8c2dc8076560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:82:7c:c2:43:39:45:40:b1:3c:93:1d:4f:7f:
                    23:06:96:b8:18:7c:7b:25:b6:25:fb:06:08:a3:40:
                    92:09:10:f7:cf:76:3e:1d:0f:90:33:1b:af:b2:cd:
                    e6:e6:c8:93:20:5f:c9:cc:44:7f:ef:d4:0e:f0:0b:
                    ac:5a:dc:15:5e:29:f3:40:05:fa:42:14:a6:1e:78:
                    53:7d:8c:70:e9:40:2a:7b:fc:7d:a5:59:da:61:99:
                    ee:fb:c3:31:86:03:04:7d:bb:b3:10:ac:cf:46:55:
                    1a:40:f7:ee:b1:ad:59:ae:16:5e:39:cf:d7:65:84:
                    a1:65:9e:e8:89:9f:a4:8b:95:95:91:e8:77:75:58:
                    e2:d7:89:3e:1b:6b:80:8d:c0:69:ce:5a:3f:d2:18:
                    b7:3c:ca:20:27:b2:f3:d5:ac:c0:74:94:34:c1:aa:
                    28:19:bf:51:18:2e:e8:91:68:ef:3a:f3:5d:bc:fd:
                    58:d6:f6:58:80:e5:54:71:14:85:5f:f8:ce:eb:0a:
                    d9:70:30:ba:6b:33:d3:66:15:5a:ec:af:21:04:3c:
                    86:f5:32:f6:69:ad:b0:93:f2:cb:95:a4:76:c4:c7:
                    6a:6a:ff:89:d3:bf:af:d4:ec:5c:37:3b:f8:d3:d8:
                    79:16:03:40:75:9f:35:b6:99:4b:3d:30:25:d6:20:
                    9d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:94:9B:E9:03:C5:18:6A:B1:20:DC:A8:89:7A:8C:2D:C8:07:65:60
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:35:ef:93:41:e1:c2:9b:a3:29:22:af:b1:50:5b:69:71:fd:
         42:33:1c:e0:85:42:15:13:47:b9:8f:5d:98:15:46:b2:7b:22:
         34:09:d3:28:37:b3:f2:a4:24:f3:f3:a8:e1:f3:3c:bb:68:6a:
         42:3b:d0:b2:ff:a5:29:14:4d:1d:29:6f:82:8d:2b:95:d6:f2:
         2c:a0:d1:6b:80:f7:01:8c:07:5d:35:9d:d7:06:06:73:c0:5d:
         11:15:53:a2:45:85:19:8d:21:94:f3:c4:87:43:fc:37:2c:01:
         7e:59:aa:ac:cb:fc:1f:bc:b9:c2:2d:ae:19:a8:3b:23:65:b0:
         d5:a0:a5:bd:89:31:28:46:43:eb:24:99:bc:4d:b7:9d:8f:74:
         6b:c7:e8:07:8d:b7:8a:e6:8f:3f:e6:f3:52:61:5c:7d:2d:64:
         b2:51:34:10:32:12:8d:4b:06:ba:17:63:26:98:04:c2:be:bc:
         23:ae:f2:83:de:60:17:f6:07:cc:63:f4:1a:30:10:51:3c:df:
         1c:8b:da:83:34:b3:1d:17:fe:16:9c:36:a8:0a:cb:56:80:ef:
         2e:6f:56:2e:31:25:62:59:97:5f:5d:53:34:ed:30:79:cf:72:
         92:01:19:c3:cb:60:f1:a8:cf:77:b9:e8:f6:69:90:74:9c:db:
         95:c1:90:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYgzocjK1jIvuokK7oDAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUxMTA0MTUwMDE3WhcNMjUxMTA1MTUwMDE3WjAzMTEwLwYDVQQD
EyhmZjk0OWJlOTAzYzUxODZhYjEyMGRjYTg4OTdhOGMyZGM4MDc2NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYJ8wkM5RUCxPJMdT38jBpa4GHx7
JbYl+wYIo0CSCRD3z3Y+HQ+QMxuvss3m5siTIF/JzER/79QO8AusWtwVXinzQAX6
QhSmHnhTfYxw6UAqe/x9pVnaYZnu+8MxhgMEfbuzEKzPRlUaQPfusa1ZrhZeOc/X
ZYShZZ7oiZ+ki5WVkeh3dVji14k+G2uAjcBpzlo/0hi3PMogJ7Lz1azAdJQ0waoo
Gb9RGC7okWjvOvNdvP1Y1vZYgOVUcRSFX/jO6wrZcDC6azPTZhVa7K8hBDyG9TL2
aa2wk/LLlaR2xMdqav+J07+v1OxcNzv409h5FgNAdZ81tplLPTAl1iCdaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+Um+kDxRhqsSDcqIl6jC3IB2VgMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDXvk0Hh
wpujKSKvsVBbaXH9QjMc4IVCFRNHuY9dmBVGsnsiNAnTKDez8qQk8/Oo4fM8u2hq
QjvQsv+lKRRNHSlvgo0rldbyLKDRa4D3AYwHXTWd1wYGc8BdERVTokWFGY0hlPPE
h0P8NywBflmqrMv8H7y5wi2uGag7I2Ww1aClvYkxKEZD6ySZvE23nY90a8foB423
iuaPP+bzUmFcfS1kslE0EDISjUsGuhdjJpgEwr68I67yg95gF/YHzGP0GjAQUTzf
HIvagzSzHRf+Fpw2qArLVoDvLm9WLjElYlmXX11TNO0wec9ykgEZw8tg8ajPd7no
9mmQdJzblcGQgQ==
-----END CERTIFICATE-----