Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          RI68IKuHIz7kFOr6uOiNQbO+GRmEVNnEOgyUOliElBI=
Subject key identifier:   66:DA:2D:40:03:80:EE:64:6A:35:98:6A:92:32:06:44:7C:A9:F5:2C
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       019750B3B1AE650590744FFCC12A562DA109
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0C9B
Signing time:             Sun 08 Jun 2025 18:00:43 +0000
Manifest this update:     Sun 08 Jun 2025 18:00:43 +0000
Manifest next update:     Mon 09 Jun 2025 18:00:43 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: Cg6VcCIYR9MiFUIDDoAYkzERH3gkHH6NiSlrGUg3V6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b3:b1:ae:65:05:90:74:4f:fc:c1:2a:56:2d:a1:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Jun  8 18:00:43 2025 GMT
            Not After : Jun  9 18:00:43 2025 GMT
        Subject: CN=66da2d400380ee646a35986a923206447ca9f52c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:d5:15:03:c6:c5:44:24:b7:10:bb:eb:b8:
                    12:61:d1:1c:1e:5e:6c:da:a9:bd:49:4e:96:1f:aa:
                    71:75:f2:ad:0c:9b:6b:65:ee:6e:86:e1:75:25:62:
                    78:5e:46:be:34:ac:ee:d3:9c:3f:5a:95:5a:06:d3:
                    a3:f1:11:0d:83:a2:11:dd:82:0b:bb:62:1f:10:ed:
                    93:f4:55:f9:f1:6b:9a:11:e8:5f:88:66:43:43:86:
                    5e:9c:77:fa:45:d5:30:93:5b:ad:94:91:67:20:a6:
                    b4:e4:0f:e8:ef:23:5b:7c:fc:e0:a5:e8:82:d7:ad:
                    22:df:0c:1f:ee:b4:76:8e:45:19:0a:25:1b:81:8e:
                    7c:c5:f8:5e:83:37:3e:c1:bf:84:53:c1:b1:c6:41:
                    7c:89:a8:9c:f9:05:b7:05:12:de:59:49:47:6b:11:
                    01:5d:62:2d:de:f8:3d:1e:fb:1f:a1:82:29:ac:8e:
                    60:24:ea:71:f4:d6:b0:cb:ae:a8:36:ed:b7:72:45:
                    86:35:92:ec:16:d4:db:21:cd:8e:dc:e9:ae:41:d9:
                    33:b0:04:9f:9c:89:d6:45:fe:49:62:23:e1:b2:45:
                    3d:82:a0:07:2a:ad:4e:ea:af:bd:14:ee:c1:49:27:
                    e4:f3:92:55:ce:a2:4d:ce:87:c2:68:73:7a:f0:5b:
                    26:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DA:2D:40:03:80:EE:64:6A:35:98:6A:92:32:06:44:7C:A9:F5:2C
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:74:87:6d:30:c9:2c:3f:54:2d:57:64:6b:a6:f4:3e:8c:48:
         2a:a5:6e:66:c0:60:c9:07:04:36:bd:94:ca:9d:48:80:2e:b9:
         f7:a9:97:60:d6:2c:c3:5f:1b:60:28:60:b9:37:a7:88:b2:a8:
         72:af:b0:cf:7c:50:ff:37:5d:5f:af:b3:3f:47:dd:db:b1:00:
         94:c4:a1:1b:f8:97:d1:9b:86:00:ff:8e:25:97:47:3b:14:36:
         a9:28:0e:3f:ad:91:c1:a6:7a:57:4b:4b:57:3c:d6:bb:66:9f:
         25:d0:b2:ef:fe:1f:4a:7c:43:19:81:82:2c:7a:a0:e8:66:d4:
         43:48:0f:9f:9c:fc:ec:e0:0c:93:66:1d:fd:ed:5d:2f:3f:b3:
         6a:f0:d8:15:e1:01:5d:43:73:78:34:69:8f:42:f9:ee:e2:aa:
         b2:63:9e:eb:ab:41:39:3f:7a:d9:0f:57:86:78:a4:06:35:e9:
         4a:c0:b2:59:34:f1:0d:86:de:61:4d:d7:77:47:d8:91:31:3d:
         96:84:79:57:cc:ce:c3:ac:75:0f:85:f9:ab:19:7c:29:ac:cc:
         df:d7:f0:fd:d9:aa:13:bb:2e:53:01:b3:41:e7:92:51:bc:25:
         c4:ee:80:01:e1:98:e7:68:69:6b:22:2b:ee:ce:82:f9:7e:18:
         e3:1b:18:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQs7GuZQWQdE/8wSpWLaEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUwNjA4MTgwMDQzWhcNMjUwNjA5MTgwMDQzWjAzMTEwLwYDVQQD
Eyg2NmRhMmQ0MDAzODBlZTY0NmEzNTk4NmE5MjMyMDY0NDdjYTlmNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsevVFQPGxUQktxC767gSYdEcHl5s
2qm9SU6WH6pxdfKtDJtrZe5uhuF1JWJ4Xka+NKzu05w/WpVaBtOj8RENg6IR3YIL
u2IfEO2T9FX58WuaEehfiGZDQ4ZenHf6RdUwk1utlJFnIKa05A/o7yNbfPzgpeiC
160i3wwf7rR2jkUZCiUbgY58xfhegzc+wb+EU8GxxkF8iaic+QW3BRLeWUlHaxEB
XWIt3vg9HvsfoYIprI5gJOpx9Nawy66oNu23ckWGNZLsFtTbIc2O3OmuQdkzsASf
nInWRf5JYiPhskU9gqAHKq1O6q+9FO7BSSfk85JVzqJNzofCaHN68FsmZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbaLUADgO5kajWYapIyBkR8qfUsMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvHSHbTDJ
LD9ULVdka6b0PoxIKqVuZsBgyQcENr2Uyp1IgC6596mXYNYsw18bYChguTeniLKo
cq+wz3xQ/zddX6+zP0fd27EAlMShG/iX0ZuGAP+OJZdHOxQ2qSgOP62RwaZ6V0tL
VzzWu2afJdCy7/4fSnxDGYGCLHqg6GbUQ0gPn5z87OAMk2Yd/e1dLz+zavDYFeEB
XUNzeDRpj0L57uKqsmOe66tBOT962Q9XhnikBjXpSsCyWTTxDYbeYU3Xd0fYkTE9
loR5V8zOw6x1D4X5qxl8KazM39fw/dmqE7suUwGzQeeSUbwlxO6AAeGY52hpayIr
7s6C+X4Y4xsYKQ==
-----END CERTIFICATE-----