Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
File:                     gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft (raw, json)
Hash identifier:          kWsbBY54bCzcuGoaWPKyd7GDBBD60By9xB60nQv8Smk=
Subject key identifier:   FF:48:D9:9D:77:2E:7E:61:D4:EB:A2:72:66:9C:0B:72:D4:5A:CF:D1
Authority key identifier: 83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA
Certificate issuer:       /CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
Certificate serial:       0199239F158A9952DE0C4A7F67B6498D9D47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
Manifest number:          1671
Signing time:             Sun 07 Sep 2025 10:00:52 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:52 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:52 +0000
Files and hashes:         1: gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl (hash: QxFK6Xg2hhbv5XwM/y9PNOsSbIQU52Pbsqo3Cb0S9kY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:15:8a:99:52:de:0c:4a:7f:67:b6:49:8d:9d:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
        Validity
            Not Before: Sep  7 10:00:52 2025 GMT
            Not After : Sep  8 10:00:52 2025 GMT
        Subject: CN=ff48d99d772e7e61d4eba272669c0b72d45acfd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c5:1c:60:3b:f7:83:61:ae:6a:1d:c2:23:5f:
                    63:5b:c7:11:b8:a1:0e:df:01:d1:02:4a:c5:40:2b:
                    cf:6c:a1:26:08:d3:d5:85:51:a9:4f:b4:01:47:a8:
                    01:20:15:f2:a4:b0:69:9b:a0:54:a8:0c:80:19:d9:
                    e8:c4:20:4d:e4:6e:1a:f8:f4:33:22:fd:1e:b4:d5:
                    d3:6a:03:57:5c:0a:5c:15:9b:da:04:61:66:f2:67:
                    8c:06:7c:1c:0f:54:39:fd:eb:ff:c1:d8:f5:1d:ee:
                    d7:75:92:bb:bd:53:94:de:ff:4c:b7:a5:4d:8b:04:
                    c3:a2:bd:eb:6b:e2:88:3c:a9:d8:63:c7:a0:31:0f:
                    de:c2:4c:d0:19:eb:e7:e4:1e:bf:aa:f7:20:a8:9c:
                    43:02:97:e2:e8:25:1f:65:7c:9f:57:e5:24:20:a0:
                    e9:63:1e:8e:c2:76:1f:bd:80:8e:e4:7a:11:a9:ba:
                    ca:69:84:ed:d6:50:31:4b:2f:b5:6e:fa:f5:85:5a:
                    7a:79:59:50:f4:d5:db:b5:dc:9f:07:db:7b:ad:03:
                    ef:06:02:ee:f2:8f:1b:78:c6:0f:f7:ad:f9:34:cf:
                    fa:6e:1d:68:9a:d7:a8:c2:e6:78:49:89:44:2f:60:
                    1d:cd:f3:2c:37:05:6e:43:e6:2f:a1:fd:50:26:14:
                    9d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:48:D9:9D:77:2E:7E:61:D4:EB:A2:72:66:9C:0B:72:D4:5A:CF:D1
            X509v3 Authority Key Identifier:
                keyid:83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:5c:b5:b1:9c:cd:aa:e0:9e:b4:b9:14:15:e2:f7:96:9c:36:
         41:49:6d:18:66:f2:31:6a:34:81:4d:7f:50:66:8f:12:e8:b5:
         99:54:c7:86:50:79:0a:22:03:83:17:00:90:81:cc:b0:a8:ec:
         ec:51:30:6e:f1:96:2d:b0:85:cd:96:a5:f5:70:bf:b6:c4:53:
         16:be:64:20:8c:b4:81:4b:29:ee:38:f6:93:5d:ea:b8:4d:4b:
         38:ce:f3:8e:4c:f3:68:9d:86:2d:4e:d1:ae:c6:45:fb:3f:4d:
         9a:b4:d3:ac:54:a6:8f:36:8b:c7:fa:1b:08:09:45:84:cb:95:
         a1:71:c5:59:1f:cb:91:3b:11:53:3b:4e:6b:39:bb:00:9a:46:
         b1:ac:17:5b:2a:83:b9:d5:89:f8:67:74:e9:f0:80:eb:9f:59:
         27:ab:15:53:a0:99:c6:66:53:91:9d:77:7b:03:68:09:a9:a3:
         b5:3e:fb:ce:89:de:75:eb:2d:73:8b:e3:a6:db:a5:68:10:50:
         df:25:a6:67:53:18:05:7c:52:80:e4:11:b5:95:4a:4a:35:fd:
         1b:19:79:9c:e2:64:8b:2b:04:6a:34:28:38:53:e1:56:cc:4e:
         36:a4:52:a2:99:f5:34:42:eb:23:fc:59:06:41:1d:48:42:2f:
         f8:4a:5b:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnxWKmVLeDEp/Z7ZJjZ1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNmNDlkNmNjNjUwY2Q2ZDY1NDgyMzQ4ZTFkNmQwYjhm
ZDdlYWEwHhcNMjUwOTA3MTAwMDUyWhcNMjUwOTA4MTAwMDUyWjAzMTEwLwYDVQQD
EyhmZjQ4ZDk5ZDc3MmU3ZTYxZDRlYmEyNzI2NjljMGI3MmQ0NWFjZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMUcYDv3g2Guah3CI19jW8cRuKEO
3wHRAkrFQCvPbKEmCNPVhVGpT7QBR6gBIBXypLBpm6BUqAyAGdnoxCBN5G4a+PQz
Iv0etNXTagNXXApcFZvaBGFm8meMBnwcD1Q5/ev/wdj1He7XdZK7vVOU3v9Mt6VN
iwTDor3ra+KIPKnYY8egMQ/ewkzQGevn5B6/qvcgqJxDApfi6CUfZXyfV+UkIKDp
Yx6OwnYfvYCO5HoRqbrKaYTt1lAxSy+1bvr1hVp6eVlQ9NXbtdyfB9t7rQPvBgLu
8o8beMYP9635NM/6bh1omteowuZ4SYlEL2AdzfMsNwVuQ+Yvof1QJhSdnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9I2Z13Ln5h1OuicmacC3LUWs/RMB8GA1UdIwQY
MBaAFIMj9J1sxlDNbWVII0jh1tC4/X6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYt
NWNmOTE5NGQxNzAyLzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYtNWNmOTE5NGQxNzAy
LzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1y1sZzN
quCetLkUFeL3lpw2QUltGGbyMWo0gU1/UGaPEui1mVTHhlB5CiIDgxcAkIHMsKjs
7FEwbvGWLbCFzZal9XC/tsRTFr5kIIy0gUsp7jj2k13quE1LOM7zjkzzaJ2GLU7R
rsZF+z9NmrTTrFSmjzaLx/obCAlFhMuVoXHFWR/LkTsRUztOazm7AJpGsawXWyqD
udWJ+Gd06fCA659ZJ6sVU6CZxmZTkZ13ewNoCamjtT77zonedestc4vjptulaBBQ
3yWmZ1MYBXxSgOQRtZVKSjX9Gxl5nOJkiysEajQoOFPhVsxONqRSopn1NELrI/xZ
BkEdSEIv+EpblQ==
-----END CERTIFICATE-----