Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.mft
File:                     gySHKx3b4yZPpmambx9OS7Uv2FQ.mft (raw, json)
Hash identifier:          2r0PIHuQwzZQaYINI0yt1IaYEK+TbV/PcV3GjnUbswQ=
Subject key identifier:   5F:AF:E1:C8:D8:41:F0:29:FD:AF:4A:D8:4F:E9:0C:9A:47:8D:64:79
Authority key identifier: 83:24:87:2B:1D:DB:E3:26:4F:A6:66:A6:6F:1F:4E:4B:B5:2F:D8:54
Certificate issuer:       /CN=8324872b1ddbe3264fa666a66f1f4e4bb52fd854
Certificate serial:       01965538684DBB11041030F537BAEAF9A33E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gySHKx3b4yZPpmambx9OS7Uv2FQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.mft
Manifest number:          0C97
Signing time:             Sun 20 Apr 2025 22:01:22 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:22 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:22 +0000
Files and hashes:         1: gySHKx3b4yZPpmambx9OS7Uv2FQ.crl (hash: sm9Jrakn6RCa1ZOFgwivTVZhWEmvBlGjAcHXKKpCBV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gySHKx3b4yZPpmambx9OS7Uv2FQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:68:4d:bb:11:04:10:30:f5:37:ba:ea:f9:a3:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8324872b1ddbe3264fa666a66f1f4e4bb52fd854
        Validity
            Not Before: Apr 20 22:01:22 2025 GMT
            Not After : Apr 21 22:01:22 2025 GMT
        Subject: CN=5fafe1c8d841f029fdaf4ad84fe90c9a478d6479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b2:a1:f8:0a:7a:61:ac:c6:e7:41:d3:78:44:
                    c2:79:92:f9:03:c1:d6:40:a2:f8:54:76:6e:f5:2f:
                    9d:ff:12:03:2b:54:ae:ea:6b:37:06:ff:0c:f0:7f:
                    ac:40:8c:98:54:04:8f:6c:52:63:5c:3c:17:66:88:
                    21:64:03:9b:07:8f:95:a4:7d:00:93:6a:46:b5:bb:
                    96:65:80:ef:cd:a3:58:ca:e0:a5:22:54:99:5a:5d:
                    d9:10:15:1c:b4:42:29:5c:0c:2d:c3:27:8d:5d:da:
                    35:fa:c1:7d:a7:1b:46:75:bb:9e:07:40:bf:f0:2d:
                    15:7f:de:57:42:9c:05:a3:25:87:59:a2:c5:dd:60:
                    fb:ab:2d:11:38:a6:d8:ac:ed:78:f0:ad:95:87:dc:
                    7f:ae:c6:e4:9e:98:bb:67:1f:a6:43:4d:67:d6:37:
                    dd:73:10:f5:bc:f2:c4:a4:6f:a3:32:cb:bc:e8:bf:
                    69:b2:41:2a:cf:8e:bb:b5:37:80:1b:db:ea:9f:ce:
                    b2:a5:9b:c5:0f:a9:91:63:f3:6e:ad:dd:37:53:85:
                    3e:db:1b:45:fa:e1:d9:76:a5:63:d8:0d:3d:87:f7:
                    17:4b:36:54:91:17:20:ed:e6:6f:f4:72:25:25:ba:
                    ea:29:03:98:2f:53:05:1e:51:ad:dd:bf:b4:51:eb:
                    33:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:AF:E1:C8:D8:41:F0:29:FD:AF:4A:D8:4F:E9:0C:9A:47:8D:64:79
            X509v3 Authority Key Identifier:
                keyid:83:24:87:2B:1D:DB:E3:26:4F:A6:66:A6:6F:1F:4E:4B:B5:2F:D8:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gySHKx3b4yZPpmambx9OS7Uv2FQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/778c66-9a51-43c6-92a7-f87b62fb61ff/1/gySHKx3b4yZPpmambx9OS7Uv2FQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:d9:41:33:40:22:dc:38:39:87:2b:9d:79:06:e0:e7:2c:91:
         46:74:26:6d:92:bd:ed:90:1a:2f:1c:2c:26:2f:a3:aa:bf:31:
         a5:37:9e:70:05:ee:b7:14:ff:12:fb:d2:8c:1c:42:5c:92:32:
         72:2b:0e:3f:53:01:64:c8:92:ff:0a:3f:6d:da:8f:ce:79:bb:
         1a:4e:7a:1c:ea:4b:df:fe:78:67:71:27:c4:ca:31:98:c9:42:
         f3:73:b7:c3:12:ea:2d:85:a1:2d:14:45:d9:4e:dd:09:5a:e7:
         f4:97:16:d9:32:5a:02:30:b0:12:b7:0a:5a:f0:4f:09:29:92:
         b7:3e:6f:92:f6:34:b4:8d:1e:51:45:b6:e8:95:bc:fa:98:56:
         89:9d:bd:ff:f1:6a:68:f6:07:ec:30:72:f7:3e:29:4e:8d:cf:
         83:7f:30:99:75:c6:34:e6:d5:fa:8c:c1:cc:80:fe:38:29:9a:
         27:68:c3:cf:b3:9b:6b:08:99:e9:d0:e9:53:3d:28:65:01:59:
         eb:8e:47:ef:76:66:46:18:31:09:ea:ea:1a:dc:36:d3:74:f3:
         a7:a0:99:db:a7:dd:0a:e3:5b:91:f8:24:6c:71:a9:cd:5f:d1:
         13:b7:4b:06:0e:72:67:ed:76:89:95:03:c4:d1:6d:4e:7f:27:
         da:84:93:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOGhNuxEEEDD1N7rq+aM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjQ4NzJiMWRkYmUzMjY0ZmE2NjZhNjZmMWY0ZTRiYjUy
ZmQ4NTQwHhcNMjUwNDIwMjIwMTIyWhcNMjUwNDIxMjIwMTIyWjAzMTEwLwYDVQQD
Eyg1ZmFmZTFjOGQ4NDFmMDI5ZmRhZjRhZDg0ZmU5MGM5YTQ3OGQ2NDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLKh+Ap6YazG50HTeETCeZL5A8HW
QKL4VHZu9S+d/xIDK1Su6ms3Bv8M8H+sQIyYVASPbFJjXDwXZoghZAObB4+VpH0A
k2pGtbuWZYDvzaNYyuClIlSZWl3ZEBUctEIpXAwtwyeNXdo1+sF9pxtGdbueB0C/
8C0Vf95XQpwFoyWHWaLF3WD7qy0ROKbYrO148K2Vh9x/rsbknpi7Zx+mQ01n1jfd
cxD1vPLEpG+jMsu86L9pskEqz467tTeAG9vqn86ypZvFD6mRY/Nurd03U4U+2xtF
+uHZdqVj2A09h/cXSzZUkRcg7eZv9HIlJbrqKQOYL1MFHlGt3b+0UeszFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+v4cjYQfAp/a9K2E/pDJpHjWR5MB8GA1UdIwQY
MBaAFIMkhysd2+MmT6Zmpm8fTku1L9hUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lTSEt4M2I0eVpQcG1hbWJ4OU9TN1V2MkZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS83NzhjNjYtOWE1MS00M2M2LTkyYTct
Zjg3YjYyZmI2MWZmLzEvZ3lTSEt4M2I0eVpQcG1hbWJ4OU9TN1V2MkZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS83NzhjNjYtOWE1MS00M2M2LTkyYTctZjg3YjYyZmI2MWZm
LzEvZ3lTSEt4M2I0eVpQcG1hbWJ4OU9TN1V2MkZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNlBM0Ai
3Dg5hyudeQbg5yyRRnQmbZK97ZAaLxwsJi+jqr8xpTeecAXutxT/EvvSjBxCXJIy
cisOP1MBZMiS/wo/bdqPznm7Gk56HOpL3/54Z3EnxMoxmMlC83O3wxLqLYWhLRRF
2U7dCVrn9JcW2TJaAjCwErcKWvBPCSmStz5vkvY0tI0eUUW26JW8+phWiZ29//Fq
aPYH7DBy9z4pTo3Pg38wmXXGNObV+ozBzID+OCmaJ2jDz7ObawiZ6dDpUz0oZQFZ
645H73ZmRhgxCerqGtw203Tzp6CZ26fdCuNbkfgkbHGpzV/RE7dLBg5yZ+12iZUD
xNFtTn8n2oST5Q==
-----END CERTIFICATE-----