Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          /DIF9wbTYDTUDXy3SWPLXzOld3U57DWdUaEd8cumqyo=
Subject key identifier:   68:B2:18:00:8A:A7:70:E8:50:4B:C2:61:AF:DA:BF:A0:5C:6F:E5:0F
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       01984965673BCA99E1718B18B248B81AC884
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          133F
Signing time:             Sun 27 Jul 2025 01:00:39 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:39 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:39 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: kaSPeiS/A6X8J/riavxd+JkJM7tmYrelRR8S6MuiQyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 01:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:67:3b:ca:99:e1:71:8b:18:b2:48:b8:1a:c8:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Jul 27 01:00:39 2025 GMT
            Not After : Jul 28 01:00:39 2025 GMT
        Subject: CN=68b218008aa770e8504bc261afdabfa05c6fe50f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:51:1c:23:4f:e0:65:23:9f:cd:0e:9a:99:74:
                    63:9f:f6:0a:e1:36:d8:9a:ba:ad:0b:9e:60:3b:b7:
                    94:ee:60:dc:81:cf:0f:68:37:13:cf:93:7c:17:03:
                    6e:88:ab:76:78:f8:81:aa:3c:e2:d7:4d:86:a0:ec:
                    b4:4e:03:54:01:75:13:5c:98:1c:1a:f8:26:75:52:
                    8e:db:64:88:c4:f7:eb:98:42:f8:26:68:ed:e3:bd:
                    7e:c1:ba:ab:0e:77:d4:38:74:cd:81:b1:b3:e2:e5:
                    d5:64:8b:59:16:60:3a:49:c9:3c:80:be:35:d9:6c:
                    c3:57:58:2d:3e:38:35:bf:44:83:13:95:3d:98:1d:
                    4d:f6:b4:58:28:cc:76:c8:d8:7d:c0:67:39:5f:92:
                    e2:1c:31:68:23:9b:25:85:53:30:0c:17:a2:62:61:
                    5f:d4:6a:e7:62:64:15:e6:a2:e9:77:8c:47:83:ab:
                    e7:e9:20:72:fe:91:82:26:7e:ae:f3:a8:b2:c5:cd:
                    27:92:13:3e:77:09:b7:6c:86:a1:d8:03:1b:05:ee:
                    ee:23:65:50:ab:4c:9e:f5:45:79:72:bc:9f:d8:a1:
                    dd:26:18:67:9a:29:dc:37:ce:e0:d7:8e:40:b4:e1:
                    48:dc:37:ee:83:fd:1f:53:fc:48:d5:7f:62:16:bf:
                    bd:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:B2:18:00:8A:A7:70:E8:50:4B:C2:61:AF:DA:BF:A0:5C:6F:E5:0F
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:c3:2a:13:b1:a8:e6:d8:8e:92:9c:38:9e:b3:c6:c3:d4:02:
         6e:da:f4:bc:ba:19:14:8e:76:e2:c1:3e:18:0b:3b:77:5f:ca:
         ef:b9:a9:22:61:3e:6c:fc:7b:2b:89:56:3c:39:6b:d4:29:0c:
         54:9d:ef:48:82:bb:38:eb:ab:d9:b1:15:5b:ff:99:ce:af:2f:
         99:f1:6b:ee:d9:c0:ae:69:6a:14:95:de:03:fb:dd:62:ac:be:
         b6:b9:65:ae:bb:90:e4:ba:f6:8d:83:ea:b8:06:f7:4c:8c:e8:
         3c:34:a0:eb:eb:36:8f:d8:1a:b3:c7:bd:69:77:9e:21:f7:f3:
         61:f4:4a:1c:52:c6:02:50:d5:58:00:a6:e9:7e:88:72:12:6d:
         94:23:ea:09:57:4b:c7:68:b2:7b:0c:36:6a:9a:85:5e:7c:98:
         54:31:57:c3:a8:91:1b:e8:db:67:94:70:e0:72:12:3c:08:b7:
         3a:12:99:29:a5:4c:96:87:d8:be:30:a6:5d:fb:78:6d:90:29:
         4a:9a:3e:cd:65:38:f4:82:f8:6e:fa:56:b8:fb:30:ce:8b:1f:
         db:1e:0e:0b:70:86:45:f0:df:da:3d:f5:0a:55:8f:45:07:be:
         d5:d5:40:4f:cf:28:d5:92:df:55:fb:2b:89:f2:9b:aa:5e:cc:
         de:57:00:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZWc7ypnhcYsYski4GsiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNzI3MDEwMDM5WhcNMjUwNzI4MDEwMDM5WjAzMTEwLwYDVQQD
Eyg2OGIyMTgwMDhhYTc3MGU4NTA0YmMyNjFhZmRhYmZhMDVjNmZlNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlEcI0/gZSOfzQ6amXRjn/YK4TbY
mrqtC55gO7eU7mDcgc8PaDcTz5N8FwNuiKt2ePiBqjzi102GoOy0TgNUAXUTXJgc
GvgmdVKO22SIxPfrmEL4Jmjt471+wbqrDnfUOHTNgbGz4uXVZItZFmA6Sck8gL41
2WzDV1gtPjg1v0SDE5U9mB1N9rRYKMx2yNh9wGc5X5LiHDFoI5slhVMwDBeiYmFf
1GrnYmQV5qLpd4xHg6vn6SBy/pGCJn6u86iyxc0nkhM+dwm3bIah2AMbBe7uI2VQ
q0ye9UV5cryf2KHdJhhnmincN87g145AtOFI3Dfug/0fU/xI1X9iFr+9SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiyGACKp3DoUEvCYa/av6Bcb+UPMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnsMqE7Go
5tiOkpw4nrPGw9QCbtr0vLoZFI524sE+GAs7d1/K77mpImE+bPx7K4lWPDlr1CkM
VJ3vSIK7OOur2bEVW/+Zzq8vmfFr7tnArmlqFJXeA/vdYqy+trllrruQ5Lr2jYPq
uAb3TIzoPDSg6+s2j9gas8e9aXeeIffzYfRKHFLGAlDVWACm6X6IchJtlCPqCVdL
x2iyeww2apqFXnyYVDFXw6iRG+jbZ5Rw4HISPAi3OhKZKaVMlofYvjCmXft4bZAp
Spo+zWU49IL4bvpWuPswzosf2x4OC3CGRfDf2j31ClWPRQe+1dVAT88o1ZLfVfsr
ifKbql7M3lcAsQ==
-----END CERTIFICATE-----