Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          H0/BUDQ7ubFuZwyA3SzWa7IDe4Qte5M4R9+wmMWMVc8=
Subject key identifier:   F8:15:68:08:E4:9B:12:89:1A:77:F8:6E:52:8D:44:C3:12:DA:6A:41
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       0196572629668A725C9D216937A816D08414
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          123D
Signing time:             Mon 21 Apr 2025 07:00:40 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:40 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:40 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: 5waDSvYoO7jgZ2cq7ekXwiL9RsDhJqihYlb0ev0ke/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:29:66:8a:72:5c:9d:21:69:37:a8:16:d0:84:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Apr 21 07:00:40 2025 GMT
            Not After : Apr 22 07:00:40 2025 GMT
        Subject: CN=f8156808e49b12891a77f86e528d44c312da6a41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:21:2a:16:06:81:5f:f7:8d:2e:7c:85:69:5f:
                    b3:d9:96:94:22:8b:da:40:af:9e:d3:10:0b:ca:b3:
                    b7:f8:cd:b1:b6:97:a6:9b:15:6f:bc:84:14:2c:46:
                    37:0e:16:c0:37:5c:6e:6f:e3:e2:a6:bd:5f:13:db:
                    df:7a:74:89:88:eb:ef:b5:ce:99:a9:55:7e:b3:54:
                    c8:be:ff:d9:64:63:f2:32:13:f9:02:c4:1e:ac:4c:
                    43:c6:46:5e:6a:77:51:bb:ee:b9:57:82:1d:f9:4b:
                    b0:85:11:12:c3:fb:68:dd:64:d7:bf:24:2a:2e:7a:
                    68:38:cd:7a:62:fc:64:3b:02:74:5f:17:8b:a2:a6:
                    6f:18:10:7d:8e:5f:7c:b8:62:f9:17:70:b6:04:6e:
                    da:63:af:3c:b1:b5:29:d7:7a:ee:19:df:f8:54:d7:
                    10:77:b2:ec:ef:45:8d:86:d7:40:b0:6a:5a:87:db:
                    91:ed:99:5c:f1:77:59:d0:15:45:6b:ed:cb:2b:af:
                    8a:6a:f0:26:6a:19:81:d5:ad:0b:35:e3:b3:99:9e:
                    32:38:fb:17:f9:9c:92:f8:b3:c2:82:bb:3f:95:b5:
                    a0:d1:23:05:33:4c:99:5a:b4:5b:68:ca:7c:d2:7a:
                    94:74:04:48:c1:48:e1:ad:f9:f7:64:31:1a:41:5d:
                    8d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:15:68:08:E4:9B:12:89:1A:77:F8:6E:52:8D:44:C3:12:DA:6A:41
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:cc:65:ee:a3:9d:01:2c:a2:e9:91:5d:fa:60:64:bc:74:cb:
         35:c7:1e:df:40:fe:73:65:4b:3e:18:e1:be:4a:d2:61:10:cf:
         fe:50:8f:71:c9:55:ab:b4:5e:09:30:92:2f:0a:db:ef:21:d1:
         2b:67:48:43:d4:97:16:fe:f3:44:be:8c:b0:a7:7b:9a:04:5a:
         a7:c9:b4:84:a6:05:d9:76:26:92:41:d7:fc:e9:e6:ad:5c:36:
         9d:59:28:9d:3b:52:6c:00:41:09:5c:0a:9b:fe:44:8b:af:c6:
         e1:26:5e:40:43:06:8d:05:27:63:81:1a:71:f1:97:15:a1:68:
         a7:0e:7a:2d:ab:ac:7d:b4:14:3e:3b:48:d2:42:4d:ff:3a:02:
         ac:57:9b:54:e9:b2:61:f3:8c:d5:b8:9f:f3:ef:db:75:10:f6:
         37:0f:d1:4f:4a:93:91:7d:03:6b:bc:36:0f:2d:4d:77:91:0d:
         84:4c:34:d3:2f:f4:f6:14:b9:61:b8:0c:29:6b:b8:4f:f6:7e:
         8b:59:87:a4:50:e3:67:7e:b8:a6:ec:81:4a:54:e2:6a:e1:49:
         4d:1c:e2:4b:9b:ae:55:7b:8f:69:41:db:31:78:54:61:c9:fe:
         8f:89:77:80:e3:87:4f:bd:07:7f:cc:52:27:5d:9b:5a:79:3f:
         10:66:92:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJilminJcnSFpN6gW0IQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjUwNDIxMDcwMDQwWhcNMjUwNDIyMDcwMDQwWjAzMTEwLwYDVQQD
EyhmODE1NjgwOGU0OWIxMjg5MWE3N2Y4NmU1MjhkNDRjMzEyZGE2YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CEqFgaBX/eNLnyFaV+z2ZaUIova
QK+e0xALyrO3+M2xtpemmxVvvIQULEY3DhbAN1xub+Pipr1fE9vfenSJiOvvtc6Z
qVV+s1TIvv/ZZGPyMhP5AsQerExDxkZeandRu+65V4Id+UuwhRESw/to3WTXvyQq
LnpoOM16YvxkOwJ0XxeLoqZvGBB9jl98uGL5F3C2BG7aY688sbUp13ruGd/4VNcQ
d7Ls70WNhtdAsGpah9uR7Zlc8XdZ0BVFa+3LK6+KavAmahmB1a0LNeOzmZ4yOPsX
+ZyS+LPCgrs/lbWg0SMFM0yZWrRbaMp80nqUdARIwUjhrfn3ZDEaQV2NIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgVaAjkmxKJGnf4blKNRMMS2mpBMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqcxl7qOd
ASyi6ZFd+mBkvHTLNcce30D+c2VLPhjhvkrSYRDP/lCPcclVq7ReCTCSLwrb7yHR
K2dIQ9SXFv7zRL6MsKd7mgRap8m0hKYF2XYmkkHX/OnmrVw2nVkonTtSbABBCVwK
m/5Ei6/G4SZeQEMGjQUnY4EacfGXFaFopw56LausfbQUPjtI0kJN/zoCrFebVOmy
YfOM1bif8+/bdRD2Nw/RT0qTkX0Da7w2Dy1Nd5ENhEw00y/09hS5YbgMKWu4T/Z+
i1mHpFDjZ364puyBSlTiauFJTRziS5uuVXuPaUHbMXhUYcn+j4l3gOOHT70Hf8xS
J12bWnk/EGaSEw==
-----END CERTIFICATE-----