Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          yRadcxCJFFmiKB8VCF6RIj+lV7Bmpeppdbg6Liuj9Fg=
Subject key identifier:   B8:CA:2C:22:62:44:0D:54:82:35:52:5E:DC:9D:3D:07:58:74:DA:8E
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       01977187E610500334AB847A25A4636C6640
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 03:00:20 +0000
Manifest this update:     Sun 15 Jun 2025 03:00:20 +0000
Manifest next update:     Mon 16 Jun 2025 03:00:20 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: 4HoBmlQPV457+ztt49/cOyVzM9d/uVYui07u5KSaNKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 03:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:87:e6:10:50:03:34:ab:84:7a:25:a4:63:6c:66:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Jun 15 03:00:20 2025 GMT
            Not After : Jun 16 03:00:20 2025 GMT
        Subject: CN=b8ca2c2262440d548235525edc9d3d075874da8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1b:55:3a:37:c3:f6:58:82:b9:5d:74:16:bb:
                    04:3a:4e:fd:9e:9e:08:8d:ff:49:4a:91:54:56:a6:
                    33:48:2c:d3:81:d2:bd:c5:a8:32:15:bf:27:0d:05:
                    53:01:86:3c:3a:dc:50:35:fe:90:64:3f:cc:6a:3d:
                    0f:76:fe:85:d6:37:91:aa:5d:7d:0a:07:48:77:18:
                    b4:a5:f2:7b:54:5a:02:6a:3f:bf:4b:97:b2:67:c2:
                    b9:18:37:30:27:89:35:a1:a1:97:d1:2d:8c:d0:eb:
                    23:6c:ec:a5:bc:36:70:5f:b7:d3:89:8b:f0:9d:8d:
                    ff:01:3d:b1:22:34:57:af:0d:6b:c8:53:32:ea:60:
                    ea:34:b0:78:74:55:ab:8d:3e:a8:67:8f:cc:e5:f9:
                    65:e4:80:d3:c9:f9:25:3b:a3:48:6d:ed:0d:6e:d2:
                    73:e8:9b:fe:de:c1:2d:0d:43:bb:72:b3:b4:18:b0:
                    9b:13:cb:d7:62:a5:3e:50:ad:a9:fd:78:ec:96:d8:
                    c7:bf:5c:d5:5e:96:7e:b1:fb:d0:d6:ab:02:17:c3:
                    17:98:fe:d6:af:03:89:6d:e9:37:c1:5a:5b:14:3d:
                    ae:70:e6:28:fe:b5:ec:51:5b:21:fc:e0:82:f4:15:
                    eb:e5:ee:16:39:9b:b8:93:b9:ba:f9:e2:7b:f6:e4:
                    4a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:CA:2C:22:62:44:0D:54:82:35:52:5E:DC:9D:3D:07:58:74:DA:8E
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:73:4a:6f:35:72:fe:74:49:88:39:ed:fe:57:91:f1:20:d7:
         24:99:5a:fc:18:e6:6f:dc:7d:5c:fc:b8:49:58:d7:7d:bf:55:
         8c:73:e3:e1:99:43:23:bd:10:ea:7a:cf:51:e9:c2:96:49:aa:
         89:14:3e:3b:e8:75:e2:46:8d:5a:ca:c2:9f:08:18:f0:e8:c8:
         ef:8a:80:95:d1:37:bd:f8:41:65:a1:97:65:8f:48:b2:90:55:
         0e:90:8f:6a:e2:8f:e5:34:5a:48:63:bc:e4:11:34:f5:e0:a8:
         93:4b:c6:01:8c:ff:35:90:8e:89:76:fe:88:5c:58:85:14:fa:
         e5:9b:99:5e:bf:50:c1:25:e8:a4:4b:10:bc:f3:df:58:99:53:
         3e:82:b0:16:0b:02:f5:97:39:12:0a:f0:e0:5e:52:73:93:c0:
         c6:6e:46:a7:92:84:02:06:fd:0f:1d:9a:aa:23:31:a8:2c:50:
         4b:56:66:7e:58:ab:9d:f1:9a:43:90:e5:2a:8d:82:4d:45:86:
         79:a4:f3:61:9c:cc:a2:27:77:65:89:14:b8:6e:42:a1:ef:21:
         8d:ed:73:ad:39:ba:05:7c:93:50:3d:15:f5:7a:76:d9:50:53:
         b8:94:00:d5:d5:2c:d4:5d:43:75:80:86:72:f9:72:33:23:7d:
         3b:4d:4b:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxh+YQUAM0q4R6JaRjbGZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUwNjE1MDMwMDIwWhcNMjUwNjE2MDMwMDIwWjAzMTEwLwYDVQQD
EyhiOGNhMmMyMjYyNDQwZDU0ODIzNTUyNWVkYzlkM2QwNzU4NzRkYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxtVOjfD9liCuV10FrsEOk79np4I
jf9JSpFUVqYzSCzTgdK9xagyFb8nDQVTAYY8OtxQNf6QZD/Maj0Pdv6F1jeRql19
CgdIdxi0pfJ7VFoCaj+/S5eyZ8K5GDcwJ4k1oaGX0S2M0OsjbOylvDZwX7fTiYvw
nY3/AT2xIjRXrw1ryFMy6mDqNLB4dFWrjT6oZ4/M5fll5IDTyfklO6NIbe0NbtJz
6Jv+3sEtDUO7crO0GLCbE8vXYqU+UK2p/XjsltjHv1zVXpZ+sfvQ1qsCF8MXmP7W
rwOJbek3wVpbFD2ucOYo/rXsUVsh/OCC9BXr5e4WOZu4k7m6+eJ79uRKlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjKLCJiRA1UgjVSXtydPQdYdNqOMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnNKbzVy
/nRJiDnt/leR8SDXJJla/Bjmb9x9XPy4SVjXfb9VjHPj4ZlDI70Q6nrPUenClkmq
iRQ+O+h14kaNWsrCnwgY8OjI74qAldE3vfhBZaGXZY9IspBVDpCPauKP5TRaSGO8
5BE09eCok0vGAYz/NZCOiXb+iFxYhRT65ZuZXr9QwSXopEsQvPPfWJlTPoKwFgsC
9Zc5Egrw4F5Sc5PAxm5Gp5KEAgb9Dx2aqiMxqCxQS1ZmflirnfGaQ5DlKo2CTUWG
eaTzYZzMoid3ZYkUuG5Coe8hje1zrTm6BXyTUD0V9Xp22VBTuJQA1dUs1F1DdYCG
cvlyMyN9O01Lww==
-----END CERTIFICATE-----