Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
File:                     gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft (raw, json)
Hash identifier:          eN3KNT9wksIefjtcdPn6kN4pDgXOyrtjMc00y2YFJC8=
Subject key identifier:   4A:92:03:D7:40:29:CF:F3:8D:07:AB:85:07:7C:F7:BC:8F:DC:CD:98
Authority key identifier: 83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA
Certificate issuer:       /CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
Certificate serial:       01974E571759DA0C071C5500B9D86D702D10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
Manifest number:          157E
Signing time:             Sun 08 Jun 2025 07:00:19 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:19 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:19 +0000
Files and hashes:         1: gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl (hash: 1rw4c/O/xjzZYK7uXCOQmG9YEzTCG+wn782ob6cGVnk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:17:59:da:0c:07:1c:55:00:b9:d8:6d:70:2d:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
        Validity
            Not Before: Jun  8 07:00:19 2025 GMT
            Not After : Jun  9 07:00:19 2025 GMT
        Subject: CN=4a9203d74029cff38d07ab85077cf7bc8fdccd98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:34:eb:3c:0a:08:df:a8:3d:f3:71:18:ad:ba:
                    37:27:d9:ff:f2:75:fd:31:fd:ea:5a:90:f7:3d:8a:
                    9f:22:cb:26:c8:b2:bd:a6:56:e8:6f:ba:df:dc:47:
                    76:03:c7:b4:d2:4e:6b:6d:e5:d6:55:44:39:1d:1f:
                    76:43:60:ca:cc:32:3c:4a:27:a3:a5:b6:e6:00:0d:
                    12:49:3a:9e:ac:03:dd:de:ea:a1:94:d7:81:75:01:
                    0d:80:5f:58:04:be:47:99:2e:fc:62:4f:d6:ad:f5:
                    8b:cb:a0:2e:97:e6:fa:b5:0e:3a:ab:88:a6:f7:09:
                    56:2f:51:be:3d:ec:02:fb:8e:c4:3b:9c:1c:9b:66:
                    6e:0d:82:a2:7f:a7:29:c6:8a:21:7c:ee:e7:55:37:
                    48:e2:31:55:1f:db:7a:6d:62:ab:66:14:bd:b2:40:
                    e9:03:89:ec:1f:55:6c:de:a5:43:dd:89:8c:b0:17:
                    1b:e5:5a:90:b5:fc:cd:67:be:64:c1:ce:75:b8:fc:
                    a5:02:19:6b:e3:55:27:df:1d:41:c1:16:bc:6b:1f:
                    7e:45:f7:1d:c6:cf:45:8a:48:a1:ac:7d:d8:1f:a7:
                    ed:bc:15:77:bd:64:af:e3:0e:75:16:b6:c6:c6:22:
                    4c:93:cc:24:e8:f7:ab:13:e4:e1:1b:ad:61:3f:6c:
                    75:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:92:03:D7:40:29:CF:F3:8D:07:AB:85:07:7C:F7:BC:8F:DC:CD:98
            X509v3 Authority Key Identifier:
                keyid:83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:7f:14:cf:5c:bd:25:91:9c:d0:fd:3b:e4:fe:5e:46:b4:7e:
         44:f7:fd:a2:64:59:09:43:23:a7:92:05:3a:32:db:8a:a7:cd:
         78:9d:c2:75:42:07:72:1a:16:9a:69:d1:b7:03:1f:2b:d3:97:
         be:57:70:83:06:6f:56:a6:4e:b6:d5:38:97:5e:f8:53:44:bc:
         c5:7b:d8:75:cd:26:17:b5:55:3a:e8:39:95:2d:0e:1a:f4:f4:
         ad:0d:fa:77:61:d2:c0:f2:18:32:ac:49:87:96:71:5c:10:4d:
         5f:d7:8a:cc:f2:bf:2d:39:6c:64:f4:8f:9e:2b:df:4c:5b:1f:
         82:98:2f:b9:86:04:e1:41:73:41:f9:97:2e:ec:fa:12:e7:1e:
         6b:20:a7:86:bc:d1:73:34:d6:12:01:6e:c3:1b:c9:c2:cb:53:
         4e:ca:c9:71:1c:30:4c:43:cb:02:6b:27:37:30:24:b3:3b:33:
         ef:8e:0e:50:ae:7d:8e:3f:96:5e:a6:c7:7b:aa:60:77:f3:7a:
         50:9a:7b:07:d9:c6:83:bf:01:2e:73:16:64:03:4b:3f:e3:06:
         b9:1d:ee:8f:9e:7c:a8:32:6c:d3:1f:fa:fd:62:5e:60:a1:8b:
         d9:26:5f:66:ad:97:fc:8c:85:ab:38:7f:42:4a:89:8b:69:c7:
         57:fa:85:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOVxdZ2gwHHFUAudhtcC0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNmNDlkNmNjNjUwY2Q2ZDY1NDgyMzQ4ZTFkNmQwYjhm
ZDdlYWEwHhcNMjUwNjA4MDcwMDE5WhcNMjUwNjA5MDcwMDE5WjAzMTEwLwYDVQQD
Eyg0YTkyMDNkNzQwMjljZmYzOGQwN2FiODUwNzdjZjdiYzhmZGNjZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTTrPAoI36g983EYrbo3J9n/8nX9
Mf3qWpD3PYqfIssmyLK9plbob7rf3Ed2A8e00k5rbeXWVUQ5HR92Q2DKzDI8Siej
pbbmAA0SSTqerAPd3uqhlNeBdQENgF9YBL5HmS78Yk/WrfWLy6Aul+b6tQ46q4im
9wlWL1G+PewC+47EO5wcm2ZuDYKif6cpxoohfO7nVTdI4jFVH9t6bWKrZhS9skDp
A4nsH1Vs3qVD3YmMsBcb5VqQtfzNZ75kwc51uPylAhlr41Un3x1BwRa8ax9+Rfcd
xs9FikihrH3YH6ftvBV3vWSv4w51FrbGxiJMk8wk6PerE+ThG61hP2x16QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqSA9dAKc/zjQerhQd897yP3M2YMB8GA1UdIwQY
MBaAFIMj9J1sxlDNbWVII0jh1tC4/X6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYt
NWNmOTE5NGQxNzAyLzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYtNWNmOTE5NGQxNzAy
LzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb38Uz1y9
JZGc0P075P5eRrR+RPf9omRZCUMjp5IFOjLbiqfNeJ3CdUIHchoWmmnRtwMfK9OX
vldwgwZvVqZOttU4l174U0S8xXvYdc0mF7VVOug5lS0OGvT0rQ36d2HSwPIYMqxJ
h5ZxXBBNX9eKzPK/LTlsZPSPnivfTFsfgpgvuYYE4UFzQfmXLuz6EuceayCnhrzR
czTWEgFuwxvJwstTTsrJcRwwTEPLAmsnNzAkszsz744OUK59jj+WXqbHe6pgd/N6
UJp7B9nGg78BLnMWZANLP+MGuR3uj558qDJs0x/6/WJeYKGL2SZfZq2X/IyFqzh/
QkqJi2nHV/qFtQ==
-----END CERTIFICATE-----