Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          ao2RE5MF2F/X3X2PB18UEPXdRg8lQnHuO7lE6IWn+BE=
Subject key identifier:   C9:A7:93:55:CF:AB:CB:E0:2D:A2:DE:30:89:C0:AE:0D:66:9D:4D:31
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       01974BC3E1B44B3CEE2D18AAD1EF31E5D5FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0A60
Signing time:             Sat 07 Jun 2025 19:00:17 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:17 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:17 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: +pf9THO6okSZem+1ZYQnvHCZD2w30TqQgjXcrWA+0ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c3:e1:b4:4b:3c:ee:2d:18:aa:d1:ef:31:e5:d5:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Jun  7 19:00:17 2025 GMT
            Not After : Jun  8 19:00:17 2025 GMT
        Subject: CN=c9a79355cfabcbe02da2de3089c0ae0d669d4d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f9:75:7c:49:29:72:c6:9c:8b:de:ac:cc:3f:
                    3d:d0:fa:10:f4:1c:51:39:0c:a4:c9:18:fe:43:a7:
                    5c:bc:06:29:fe:3c:ab:9d:7e:1e:16:14:06:aa:c7:
                    51:3c:32:2e:bc:d2:43:66:d8:8b:85:4e:3b:50:b1:
                    85:b6:22:2d:13:96:d4:2d:af:8a:fc:04:91:94:b2:
                    e5:b1:a8:b1:44:8e:55:c3:c1:fa:5d:6b:4c:88:f9:
                    2a:82:f7:1f:90:15:24:6e:7e:6f:30:32:80:bc:e2:
                    d6:78:43:16:fd:8e:30:68:1d:2a:f2:7a:17:da:70:
                    2b:1b:eb:46:91:b9:cc:ab:15:4f:6a:0f:6d:94:12:
                    81:68:f3:d0:51:09:85:3b:6b:4f:2e:9e:82:53:fe:
                    ac:50:65:97:60:2a:27:fa:4d:c5:ac:a4:d9:91:33:
                    8a:07:a3:90:57:0c:99:a7:e2:7b:78:04:fa:00:d6:
                    4d:52:93:e2:5e:81:6c:9e:4c:d4:f0:58:65:7f:55:
                    ce:5c:36:96:22:d7:18:de:37:db:6e:88:e3:ef:4e:
                    bb:53:16:c0:a6:e7:fb:f5:aa:08:2f:15:78:d2:48:
                    15:a2:21:6d:0c:5e:3b:d0:31:f9:ef:f0:24:3e:22:
                    ca:28:05:5f:41:32:4c:6e:79:6f:bd:ca:db:09:57:
                    52:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:A7:93:55:CF:AB:CB:E0:2D:A2:DE:30:89:C0:AE:0D:66:9D:4D:31
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:80:c9:ac:7f:bf:87:3e:84:2d:29:52:66:15:42:e3:c8:41:
         c6:9e:97:07:4a:ad:e7:38:c6:7b:61:87:9f:f8:9f:df:64:26:
         a6:a0:bb:e3:fd:57:1d:d9:70:38:6e:3b:7d:e3:76:ef:a1:66:
         4b:53:84:41:7f:2f:20:cb:78:fc:d2:2d:bd:7b:77:59:6f:57:
         df:25:34:79:a3:dc:c2:08:ca:03:3c:66:02:74:be:60:4d:b8:
         03:d0:ab:d9:6b:8b:2a:7d:d2:d1:21:fc:91:25:f2:7b:c8:58:
         fa:d1:8c:83:d0:d1:49:ca:ab:6b:3a:a7:69:37:f3:5e:64:bc:
         15:25:d9:48:2e:3a:47:da:f6:7e:9e:5a:76:5a:b1:d8:c6:56:
         d1:e2:82:9d:43:f2:e0:bc:79:8d:1a:43:30:03:d2:99:2e:b2:
         78:d9:41:11:b2:ea:30:15:04:94:78:b3:36:9f:59:3d:db:09:
         5f:44:94:40:8c:f4:db:b8:c2:e7:9c:c1:bd:81:0c:0d:43:04:
         93:e4:06:cd:47:63:f7:26:02:e0:97:7f:4f:08:00:ed:ab:4e:
         aa:1e:c4:0d:43:0b:2e:b0:a8:9a:5c:97:c3:e8:94:49:b5:e8:
         26:e7:ab:5d:d2:3d:f3:2a:c9:3f:02:66:af:99:b5:a7:44:02:
         10:a1:b6:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLw+G0SzzuLRiq0e8x5dX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjUwNjA3MTkwMDE3WhcNMjUwNjA4MTkwMDE3WjAzMTEwLwYDVQQD
EyhjOWE3OTM1NWNmYWJjYmUwMmRhMmRlMzA4OWMwYWUwZDY2OWQ0ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPl1fEkpcsaci96szD890PoQ9BxR
OQykyRj+Q6dcvAYp/jyrnX4eFhQGqsdRPDIuvNJDZtiLhU47ULGFtiItE5bULa+K
/ASRlLLlsaixRI5Vw8H6XWtMiPkqgvcfkBUkbn5vMDKAvOLWeEMW/Y4waB0q8noX
2nArG+tGkbnMqxVPag9tlBKBaPPQUQmFO2tPLp6CU/6sUGWXYCon+k3FrKTZkTOK
B6OQVwyZp+J7eAT6ANZNUpPiXoFsnkzU8Fhlf1XOXDaWItcY3jfbbojj7067UxbA
puf79aoILxV40kgVoiFtDF470DH57/AkPiLKKAVfQTJMbnlvvcrbCVdSPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmnk1XPq8vgLaLeMInArg1mnU0xMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYDJrH+/
hz6ELSlSZhVC48hBxp6XB0qt5zjGe2GHn/if32QmpqC74/1XHdlwOG47feN276Fm
S1OEQX8vIMt4/NItvXt3WW9X3yU0eaPcwgjKAzxmAnS+YE24A9Cr2WuLKn3S0SH8
kSXye8hY+tGMg9DRScqrazqnaTfzXmS8FSXZSC46R9r2fp5adlqx2MZW0eKCnUPy
4Lx5jRpDMAPSmS6yeNlBEbLqMBUElHizNp9ZPdsJX0SUQIz027jC55zBvYEMDUME
k+QGzUdj9yYC4Jd/TwgA7atOqh7EDUMLLrComlyXw+iUSbXoJuerXdI98yrJPwJm
r5m1p0QCEKG2Cw==
-----END CERTIFICATE-----