Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          oPMdjbiBO/c/2AH08HmAnw4G8dkMmAeIdIPKLe98tNU=
Subject key identifier:   FF:0B:E9:74:B9:23:A3:1B:AA:FC:06:7B:1A:EB:57:A1:04:D5:0C:E2
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       0199221EE04C5D9F63D3503C55853CE3FF8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0AFF
Signing time:             Sun 07 Sep 2025 03:01:12 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:12 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:12 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: na0tP3+cL84X3U03VAdR4zLpRwzemcOYwzfPS7jioxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:e0:4c:5d:9f:63:d3:50:3c:55:85:3c:e3:ff:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Sep  7 03:01:12 2025 GMT
            Not After : Sep  8 03:01:12 2025 GMT
        Subject: CN=ff0be974b923a31baafc067b1aeb57a104d50ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f4:71:8f:be:b5:f1:d9:7e:7b:cc:cd:08:13:
                    af:77:57:5d:fe:e2:97:2a:2e:d6:fc:07:61:fa:78:
                    78:19:f9:89:3e:de:73:52:92:dd:b6:0a:1d:32:94:
                    f5:11:bf:5c:44:7f:06:58:7a:ed:f6:8f:53:f3:1c:
                    19:30:8e:c2:e7:c3:6b:e5:eb:95:30:a4:9b:20:fc:
                    4a:dc:4d:f1:0b:a3:3b:2e:6a:85:51:6e:4d:2a:c3:
                    f8:1e:ee:93:0b:f4:7f:95:90:e1:b7:41:ac:d6:6b:
                    ec:76:86:cb:55:85:49:66:e1:5a:69:e5:11:42:fc:
                    19:50:6d:c7:54:8e:7f:fe:c6:78:62:a9:93:2c:06:
                    68:29:fb:f9:4c:38:b4:0c:01:6f:06:9b:1a:be:56:
                    19:72:b6:e4:d6:43:4d:93:a8:79:51:3f:9d:ed:5b:
                    56:1b:90:24:79:b8:75:78:ec:d9:b9:54:53:8b:9b:
                    19:77:f5:fa:ba:69:87:bb:ea:1d:15:a4:30:8d:d9:
                    8d:a3:60:bb:cc:d2:d5:32:72:f8:c0:1d:f2:2f:d3:
                    1c:d1:59:af:e3:0b:0e:71:00:2a:1b:fa:80:10:0a:
                    9b:58:79:a4:cb:51:5a:4f:61:47:e0:2c:96:4e:be:
                    ff:04:bb:c5:18:9d:5a:f8:02:af:c2:bc:56:23:1b:
                    1a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:0B:E9:74:B9:23:A3:1B:AA:FC:06:7B:1A:EB:57:A1:04:D5:0C:E2
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:98:6b:fc:85:3a:01:63:64:90:00:49:ed:7a:65:5a:0c:0e:
         85:d7:56:63:bb:e5:d6:91:d6:13:88:12:88:44:b2:bb:53:1d:
         96:3e:9c:e3:6e:37:e3:3c:66:8b:e0:6f:87:e9:e2:b1:b2:01:
         06:b5:6e:37:29:7f:4a:56:22:34:cd:39:87:5b:15:1d:60:aa:
         de:e0:c6:d2:6f:32:4b:24:ff:d9:3d:28:5a:90:cb:8b:36:a5:
         8c:04:10:90:3d:93:56:5c:4c:78:41:a0:5a:9c:c1:a6:80:be:
         b6:f2:0f:7f:69:8d:68:16:11:3e:f6:19:5e:41:38:04:65:8b:
         b0:4a:df:57:3d:da:ea:ba:52:1a:3d:b9:5e:d6:3c:df:82:72:
         56:85:3b:62:68:61:92:56:92:ad:24:7f:ea:74:63:f4:f0:a2:
         2c:a6:a3:b6:59:c8:a1:9a:a9:84:31:ee:e8:70:7a:56:89:7d:
         c2:65:d5:fc:a6:9a:da:eb:af:36:7f:66:12:76:ba:9d:a0:ad:
         2b:65:7d:cd:c1:bb:d5:7b:2a:c6:21:08:c9:f9:52:18:9d:65:
         f2:53:28:e4:55:d5:8f:ef:99:4a:e2:4f:3f:79:15:65:e8:65:
         21:9e:4d:9c:60:a6:3a:f2:39:1a:67:8e:c8:b9:d7:ee:cf:dd:
         9c:e4:ed:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHuBMXZ9j01A8VYU84/+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwOTA3MDMwMTEyWhcNMjUwOTA4MDMwMTEyWjAzMTEwLwYDVQQD
EyhmZjBiZTk3NGI5MjNhMzFiYWFmYzA2N2IxYWViNTdhMTA0ZDUwY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufRxj7618dl+e8zNCBOvd1dd/uKX
Ki7W/Adh+nh4GfmJPt5zUpLdtgodMpT1Eb9cRH8GWHrt9o9T8xwZMI7C58Nr5euV
MKSbIPxK3E3xC6M7LmqFUW5NKsP4Hu6TC/R/lZDht0Gs1mvsdobLVYVJZuFaaeUR
QvwZUG3HVI5//sZ4YqmTLAZoKfv5TDi0DAFvBpsavlYZcrbk1kNNk6h5UT+d7VtW
G5Akebh1eOzZuVRTi5sZd/X6ummHu+odFaQwjdmNo2C7zNLVMnL4wB3yL9Mc0Vmv
4wsOcQAqG/qAEAqbWHmky1FaT2FH4CyWTr7/BLvFGJ1a+AKvwrxWIxsaWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8L6XS5I6MbqvwGexrrV6EE1QziMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcphr/IU6
AWNkkABJ7XplWgwOhddWY7vl1pHWE4gSiESyu1Mdlj6c42434zxmi+Bvh+nisbIB
BrVuNyl/SlYiNM05h1sVHWCq3uDG0m8ySyT/2T0oWpDLizaljAQQkD2TVlxMeEGg
WpzBpoC+tvIPf2mNaBYRPvYZXkE4BGWLsErfVz3a6rpSGj25XtY834JyVoU7Ymhh
klaSrSR/6nRj9PCiLKajtlnIoZqphDHu6HB6Vol9wmXV/Kaa2uuvNn9mEna6naCt
K2V9zcG71XsqxiEIyflSGJ1l8lMo5FXVj++ZSuJPP3kVZehlIZ5NnGCmOvI5GmeO
yLnX7s/dnOTtdA==
-----END CERTIFICATE-----