Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          qmK8ZL7mAgug//iATrT+f1jDBaiUZQw++uMI+/sNOmg=
Subject key identifier:   29:E0:B3:03:F9:A2:30:53:6A:7B:F7:B2:8B:AD:27:19:EB:AC:0F:0C
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019A711342697D74E1B4B3A2FB7B1FF8CFCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0C01
Signing time:             Tue 11 Nov 2025 04:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:18 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: pXRKmef/5Gulg9t9ge7tTtob9i/2Ol3zE3WZ29s22iQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:42:69:7d:74:e1:b4:b3:a2:fb:7b:1f:f8:cf:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Nov 11 04:01:18 2025 GMT
            Not After : Nov 12 04:01:18 2025 GMT
        Subject: CN=29e0b303f9a230536a7bf7b28bad2719ebac0f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:00:04:de:12:4d:3e:48:35:18:0a:e9:ba:3f:
                    20:a7:81:dd:09:dc:9a:05:8f:16:d3:c5:05:f2:0b:
                    0c:5d:4d:04:d5:e8:c5:bf:3c:f9:60:b3:ff:9b:1c:
                    98:f2:aa:74:1f:88:89:1b:29:fd:01:8e:a3:ef:e7:
                    e2:64:59:3d:5e:67:a6:9a:12:74:7b:5e:40:65:61:
                    69:7e:09:c1:36:b1:e9:bb:09:6c:52:2c:3c:94:84:
                    68:71:40:73:80:e0:85:0b:bd:3b:de:15:00:b9:49:
                    34:93:9c:83:b2:82:d1:5d:88:ca:d9:9e:c0:47:0f:
                    4b:6e:ed:5f:5b:2b:cb:0b:fe:c5:eb:39:a5:20:f3:
                    03:61:53:21:95:b3:8c:b4:d4:38:03:d9:ea:cf:d8:
                    37:5a:45:1f:c5:f4:70:56:e7:12:d3:a8:60:e5:0f:
                    31:b6:3e:08:d6:ab:93:d8:0a:cb:de:66:b8:15:eb:
                    36:8f:70:fe:68:c8:de:49:f6:07:11:e3:85:ac:11:
                    84:0b:95:63:a7:8c:00:64:17:4c:a2:3e:c7:08:db:
                    49:00:e1:62:99:9b:b9:6e:a0:17:47:8e:7b:15:7a:
                    23:18:aa:e9:0a:cd:9c:af:41:71:7f:c5:da:05:42:
                    35:c1:64:8a:6b:91:91:0b:f1:6b:cf:69:45:e3:15:
                    79:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:E0:B3:03:F9:A2:30:53:6A:7B:F7:B2:8B:AD:27:19:EB:AC:0F:0C
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:88:9b:c2:8c:2a:93:e7:72:36:a1:45:ee:01:fd:5b:93:35:
         f4:64:0d:80:25:7e:e5:7e:b8:6c:b5:d4:00:5d:92:86:d3:87:
         7e:b8:03:bf:b6:1b:fa:a5:71:87:39:70:30:26:54:61:27:d7:
         7e:52:c7:c5:4b:0f:dc:a3:14:0f:45:67:9c:f0:b8:5c:f0:f5:
         1d:c1:0b:84:f2:f6:94:98:72:d2:ed:ce:e9:ac:5c:2d:bf:03:
         d2:96:85:54:c9:51:64:5c:5f:41:5a:81:89:9a:ab:69:e8:6e:
         71:d4:4d:8a:6a:d9:a3:e4:75:ce:dc:ee:a7:62:b1:d3:15:c3:
         38:18:0e:72:22:9f:8d:45:62:89:06:41:43:6d:34:46:fa:e1:
         05:30:57:4a:77:25:3b:2c:b4:8f:f0:12:ca:07:74:83:9b:d9:
         62:13:8d:dc:b9:6b:2a:c3:ac:48:e8:d2:f8:b8:9a:fc:fe:e1:
         ef:a7:49:88:86:de:83:0f:4e:29:b2:a5:29:51:0d:be:13:05:
         b7:c2:9f:8c:f2:c7:98:a4:43:02:83:2d:67:9f:b1:51:60:cf:
         36:3f:bc:bc:47:4a:26:91:7c:e4:e4:08:1b:e7:72:c2:ff:80:
         dd:33:e5:49:57:de:d4:95:78:67:9b:d7:57:62:5c:04:57:bc:
         69:1a:90:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0JpfXThtLOi+3sf+M/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjUxMTExMDQwMTE4WhcNMjUxMTEyMDQwMTE4WjAzMTEwLwYDVQQD
EygyOWUwYjMwM2Y5YTIzMDUzNmE3YmY3YjI4YmFkMjcxOWViYWMwZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gAE3hJNPkg1GArpuj8gp4HdCdya
BY8W08UF8gsMXU0E1ejFvzz5YLP/mxyY8qp0H4iJGyn9AY6j7+fiZFk9XmemmhJ0
e15AZWFpfgnBNrHpuwlsUiw8lIRocUBzgOCFC7073hUAuUk0k5yDsoLRXYjK2Z7A
Rw9Lbu1fWyvLC/7F6zmlIPMDYVMhlbOMtNQ4A9nqz9g3WkUfxfRwVucS06hg5Q8x
tj4I1quT2ArL3ma4Fes2j3D+aMjeSfYHEeOFrBGEC5Vjp4wAZBdMoj7HCNtJAOFi
mZu5bqAXR457FXojGKrpCs2cr0Fxf8XaBUI1wWSKa5GRC/Frz2lF4xV5dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCngswP5ojBTanv3soutJxnrrA8MMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYibwowq
k+dyNqFF7gH9W5M19GQNgCV+5X64bLXUAF2ShtOHfrgDv7Yb+qVxhzlwMCZUYSfX
flLHxUsP3KMUD0VnnPC4XPD1HcELhPL2lJhy0u3O6axcLb8D0paFVMlRZFxfQVqB
iZqraehucdRNimrZo+R1ztzup2Kx0xXDOBgOciKfjUViiQZBQ200RvrhBTBXSncl
Oyy0j/ASygd0g5vZYhON3LlrKsOsSOjS+Lia/P7h76dJiIbegw9OKbKlKVENvhMF
t8KfjPLHmKRDAoMtZ5+xUWDPNj+8vEdKJpF85OQIG+dywv+A3TPlSVfe1JV4Z5vX
V2JcBFe8aRqQ4A==
-----END CERTIFICATE-----