Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          EWtiSaomGVw4HvZ+BKFFchRcV03heBBUpnTTm1oA6SQ=
Subject key identifier:   58:B6:B2:E9:6A:60:16:53:95:E4:7F:30:1D:13:52:14:BA:A4:D0:C3
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       01984B53B5682F3AA3A3BA3D9F5DF9AB2218
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0CE2
Signing time:             Sun 27 Jul 2025 10:00:33 +0000
Manifest this update:     Sun 27 Jul 2025 10:00:33 +0000
Manifest next update:     Mon 28 Jul 2025 10:00:33 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: HcYp4kP2Kb/cyCR0FPHzXc8rwoVlzhHGtXCGH2ZcX6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:53:b5:68:2f:3a:a3:a3:ba:3d:9f:5d:f9:ab:22:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Jul 27 10:00:33 2025 GMT
            Not After : Jul 28 10:00:33 2025 GMT
        Subject: CN=58b6b2e96a60165395e47f301d135214baa4d0c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:49:c7:56:a9:63:10:49:94:e1:ff:a9:15:22:
                    aa:3f:9a:d4:e4:5d:95:52:cf:e6:e2:be:fe:43:88:
                    6a:5f:1b:e7:e8:7c:4c:2a:94:62:4a:c8:af:bb:0d:
                    78:78:90:43:e1:e3:bc:98:71:e2:2d:4a:de:ee:5c:
                    75:02:ff:87:8c:0f:d8:af:73:41:e8:8e:ed:e5:45:
                    d8:58:2a:be:57:6b:04:1d:04:60:41:f0:83:8a:8f:
                    44:54:4c:8b:da:6b:bf:74:a2:3d:9e:e3:f4:d3:d2:
                    52:de:b6:e0:17:86:ba:bb:4a:71:b6:90:41:d7:0a:
                    da:cb:9d:85:3e:6d:52:65:15:09:05:9a:0c:d5:ff:
                    f0:b9:b2:d4:da:45:aa:9d:a3:20:bf:56:75:a2:87:
                    8d:e3:87:4f:39:6f:f4:dc:f5:79:59:94:83:70:55:
                    33:13:1a:1c:f5:06:0b:88:24:fc:77:a0:c2:86:7a:
                    f6:f6:10:2d:a7:39:8a:17:31:26:90:2d:42:14:8f:
                    e1:36:18:ae:63:8e:a0:28:d4:13:bf:ad:22:c3:dc:
                    0f:12:11:91:1f:de:30:09:9b:0f:ec:33:51:08:3e:
                    a6:db:39:83:85:37:6f:e1:7c:e2:59:a3:85:01:51:
                    5f:be:da:a5:2e:28:ff:12:d4:7b:55:22:58:fc:72:
                    89:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:B6:B2:E9:6A:60:16:53:95:E4:7F:30:1D:13:52:14:BA:A4:D0:C3
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:40:83:1c:d7:57:38:8b:7c:1d:ef:38:47:b6:c9:10:2a:a5:
         5d:00:0b:19:0f:13:74:77:80:96:de:d5:f6:d7:51:17:3e:1c:
         22:02:64:6d:fb:1a:f9:7b:5e:d0:b6:9b:39:21:77:7d:d8:b0:
         c9:64:a1:d7:ed:f8:09:ee:04:6a:fd:7f:62:47:fe:a4:2e:ad:
         2b:08:c7:6b:ca:42:13:46:68:bf:c5:14:d1:52:93:2c:68:ed:
         d8:8c:0d:9d:93:c2:5a:81:b4:84:8c:52:2d:4f:35:fd:47:0b:
         0a:3f:cd:8a:19:f9:df:82:94:ba:c4:00:a0:bc:52:14:23:c6:
         91:f0:b7:1b:4c:06:1c:6a:df:02:6d:5d:40:df:f6:8b:b1:0f:
         69:53:8e:aa:33:40:ff:68:36:61:93:cb:27:28:52:b5:9d:a7:
         3a:2a:66:78:2a:ec:82:e1:a6:96:01:e7:ff:00:6f:be:66:65:
         9e:92:72:43:a2:18:11:c6:4e:a7:78:f8:81:26:0e:4b:ab:e4:
         10:c3:5b:b4:bf:52:62:b2:b0:4c:02:77:db:99:38:73:d1:2a:
         15:bc:46:6c:dd:00:d8:cc:66:e2:60:48:57:7f:d8:46:90:6e:
         b9:3e:96:a2:4f:fd:be:5e:09:66:72:37:87:1f:77:2d:0d:00:
         fb:23:5d:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLU7VoLzqjo7o9n135qyIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjUwNzI3MTAwMDMzWhcNMjUwNzI4MTAwMDMzWjAzMTEwLwYDVQQD
Eyg1OGI2YjJlOTZhNjAxNjUzOTVlNDdmMzAxZDEzNTIxNGJhYTRkMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0knHVqljEEmU4f+pFSKqP5rU5F2V
Us/m4r7+Q4hqXxvn6HxMKpRiSsivuw14eJBD4eO8mHHiLUre7lx1Av+HjA/Yr3NB
6I7t5UXYWCq+V2sEHQRgQfCDio9EVEyL2mu/dKI9nuP009JS3rbgF4a6u0pxtpBB
1wray52FPm1SZRUJBZoM1f/wubLU2kWqnaMgv1Z1ooeN44dPOW/03PV5WZSDcFUz
Exoc9QYLiCT8d6DChnr29hAtpzmKFzEmkC1CFI/hNhiuY46gKNQTv60iw9wPEhGR
H94wCZsP7DNRCD6m2zmDhTdv4XziWaOFAVFfvtqlLij/EtR7VSJY/HKJiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFi2sulqYBZTleR/MB0TUhS6pNDDMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkECDHNdX
OIt8He84R7bJECqlXQALGQ8TdHeAlt7V9tdRFz4cIgJkbfsa+Xte0LabOSF3fdiw
yWSh1+34Ce4Eav1/Ykf+pC6tKwjHa8pCE0Zov8UU0VKTLGjt2IwNnZPCWoG0hIxS
LU81/UcLCj/Nihn534KUusQAoLxSFCPGkfC3G0wGHGrfAm1dQN/2i7EPaVOOqjNA
/2g2YZPLJyhStZ2nOipmeCrsguGmlgHn/wBvvmZlnpJyQ6IYEcZOp3j4gSYOS6vk
EMNbtL9SYrKwTAJ325k4c9EqFbxGbN0A2Mxm4mBIV3/YRpBuuT6Wok/9vl4JZnI3
hx93LQ0A+yNdtg==
-----END CERTIFICATE-----