Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          kQdQcQ4zzYBmv+t5mWd1fpl9TGrmTDnx4TPj61ORVjU=
Subject key identifier:   BF:9F:25:E4:79:9C:B8:81:40:A7:67:6C:F2:7D:45:33:E0:53:D6:0D
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019748FA6B8A94DDEC778AEBE0D6EBB9E9C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0A0A
Signing time:             Sat 07 Jun 2025 06:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:00 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: dA31xUXklBqN7OGHuWBSLTWi4eG1zJJPCFibfbFcLfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:6b:8a:94:dd:ec:77:8a:eb:e0:d6:eb:b9:e9:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Jun  7 06:01:00 2025 GMT
            Not After : Jun  8 06:01:00 2025 GMT
        Subject: CN=bf9f25e4799cb88140a7676cf27d4533e053d60d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9c:7e:c4:a7:ce:fc:ad:8f:a4:43:3c:59:f2:
                    b4:d1:7b:94:41:3e:b3:c6:2f:e8:c9:34:d2:a6:b9:
                    c8:0f:58:fd:f5:42:48:24:24:e7:2b:9f:6b:6d:78:
                    93:1f:e0:4e:87:d9:ef:aa:8f:8e:60:ab:1f:a4:19:
                    0d:64:03:2e:77:3e:08:1e:f3:e6:69:1e:2a:fc:58:
                    04:a4:0a:a1:96:a4:a9:6e:65:b1:1f:27:65:1f:18:
                    88:75:39:1c:bf:0a:ac:45:23:07:98:6a:79:81:81:
                    4c:50:21:05:c0:4e:ee:27:2e:88:8f:d4:f5:12:19:
                    dc:57:99:af:81:5e:40:e8:a7:cd:bd:39:fa:3e:34:
                    96:13:7a:c8:92:2e:ff:f0:f5:49:1c:30:47:74:7e:
                    7b:26:80:2c:8d:e5:26:2e:47:47:18:b5:9e:44:c2:
                    55:60:6d:59:9a:0f:53:0b:98:80:a1:a7:cf:cb:d1:
                    f2:69:bb:98:7f:b2:7b:0d:fc:24:0b:61:8f:5f:bc:
                    ae:9a:86:5f:6b:05:90:34:1a:2e:1e:0f:26:fb:26:
                    f1:69:55:b8:56:bc:f5:8b:50:5b:99:d7:c4:f9:29:
                    6a:34:f6:20:50:c1:93:5f:97:62:5a:f2:a5:70:77:
                    ec:c5:bc:48:20:6a:a9:90:6f:b3:72:08:ef:c8:92:
                    d1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:9F:25:E4:79:9C:B8:81:40:A7:67:6C:F2:7D:45:33:E0:53:D6:0D
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:a3:c2:a4:62:21:54:5c:7e:03:bb:1d:50:53:55:dd:b1:fb:
         2e:1c:f8:57:f2:3b:9a:c3:90:2e:91:14:da:98:76:da:01:fe:
         8f:03:55:65:bd:8e:17:71:e8:dd:e5:28:7f:cd:21:48:f5:2f:
         d8:e5:ce:c1:e7:cb:81:cf:db:e4:94:d9:a9:6d:d5:de:f3:ab:
         5c:07:1f:d8:69:74:81:23:0f:76:c1:b8:6b:53:40:f1:53:d7:
         b0:cf:2d:d7:2a:ab:ca:85:97:50:11:b7:e6:65:f7:56:15:d9:
         82:ea:2c:e2:87:05:82:4c:8c:69:ce:af:e3:ca:98:09:a5:47:
         a7:f5:73:83:ce:c9:98:6c:eb:a9:0f:ad:47:2b:99:79:07:6d:
         2c:24:97:e8:c2:20:4e:d7:e6:10:bb:0e:93:68:07:c5:ca:dc:
         d8:ef:72:1c:9b:17:04:fa:07:0f:d2:7f:a9:1e:6c:e6:4d:b5:
         1b:c9:05:c2:28:9b:77:38:7a:20:ad:db:dc:34:42:b4:2c:ff:
         85:e8:bd:11:22:23:34:91:16:30:2e:15:cf:46:f5:c8:93:fa:
         90:40:84:69:b0:52:61:5b:e4:d8:ab:a4:8b:a7:67:2d:0d:bd:
         3d:99:c3:3b:b1:6d:ef:f8:18:50:99:c6:7a:df:28:cd:ce:89:
         87:bd:01:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+muKlN3sd4rr4NbruenEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwNjA3MDYwMTAwWhcNMjUwNjA4MDYwMTAwWjAzMTEwLwYDVQQD
EyhiZjlmMjVlNDc5OWNiODgxNDBhNzY3NmNmMjdkNDUzM2UwNTNkNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJx+xKfO/K2PpEM8WfK00XuUQT6z
xi/oyTTSprnID1j99UJIJCTnK59rbXiTH+BOh9nvqo+OYKsfpBkNZAMudz4IHvPm
aR4q/FgEpAqhlqSpbmWxHydlHxiIdTkcvwqsRSMHmGp5gYFMUCEFwE7uJy6Ij9T1
EhncV5mvgV5A6KfNvTn6PjSWE3rIki7/8PVJHDBHdH57JoAsjeUmLkdHGLWeRMJV
YG1Zmg9TC5iAoafPy9HyabuYf7J7DfwkC2GPX7yumoZfawWQNBouHg8m+ybxaVW4
Vrz1i1BbmdfE+SlqNPYgUMGTX5diWvKlcHfsxbxIIGqpkG+zcgjvyJLRawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+fJeR5nLiBQKdnbPJ9RTPgU9YNMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiaPCpGIh
VFx+A7sdUFNV3bH7Lhz4V/I7msOQLpEU2ph22gH+jwNVZb2OF3Ho3eUof80hSPUv
2OXOwefLgc/b5JTZqW3V3vOrXAcf2Gl0gSMPdsG4a1NA8VPXsM8t1yqryoWXUBG3
5mX3VhXZguos4ocFgkyMac6v48qYCaVHp/Vzg87JmGzrqQ+tRyuZeQdtLCSX6MIg
TtfmELsOk2gHxcrc2O9yHJsXBPoHD9J/qR5s5k21G8kFwiibdzh6IK3b3DRCtCz/
hei9ESIjNJEWMC4Vz0b1yJP6kECEabBSYVvk2Kuki6dnLQ29PZnDO7Ft7/gYUJnG
et8ozc6Jh70BOA==
-----END CERTIFICATE-----