Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
File:                     gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft (raw, json)
Hash identifier:          uzBQdkHzHZWS2yP3DAXrK6JET1dMMIo4wIS8L56rcqY=
Subject key identifier:   3A:1E:8D:40:0A:97:01:95:9E:22:B3:15:7B:B8:A1:FA:93:61:17:B5
Authority key identifier: 83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA
Certificate issuer:       /CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
Certificate serial:       01963FFA446B903DE8554551C143312F020C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
Manifest number:          14F2
Signing time:             Wed 16 Apr 2025 19:01:28 +0000
Manifest this update:     Wed 16 Apr 2025 19:01:28 +0000
Manifest next update:     Thu 17 Apr 2025 19:01:28 +0000
Files and hashes:         1: gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl (hash: IAE2D0G+2z39ZD3XXtudxE7JYsxBmEfvrccMrkmjiT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:fa:44:6b:90:3d:e8:55:45:51:c1:43:31:2f:02:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa
        Validity
            Not Before: Apr 16 19:01:28 2025 GMT
            Not After : Apr 17 19:01:28 2025 GMT
        Subject: CN=3a1e8d400a9701959e22b3157bb8a1fa936117b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ad:2b:82:36:1c:1a:a6:a0:ee:4d:68:2a:63:
                    3a:b0:6b:1a:b1:c5:49:0a:50:53:45:52:84:41:91:
                    ae:6c:16:f0:61:bf:08:1f:c9:6e:e1:e1:f1:38:e7:
                    cb:46:aa:36:e1:27:08:d9:73:27:d0:c1:b0:8b:1d:
                    03:ea:cb:a5:97:29:55:5e:63:f9:85:7c:8e:a3:55:
                    cf:78:de:91:ce:f4:63:ab:25:aa:18:c9:c4:cb:cd:
                    47:03:53:91:33:13:01:28:56:5f:ed:ec:0f:ea:8a:
                    3c:c0:91:1b:40:ad:68:e5:2a:ee:70:4a:ea:0d:15:
                    33:80:16:72:3c:d5:fe:d9:81:db:3d:f0:fd:cd:74:
                    f9:f1:9d:e5:c1:81:d9:3e:ea:1d:9b:3a:16:1b:c4:
                    0c:32:aa:44:e8:99:91:1c:94:74:1f:40:12:6b:f5:
                    3c:d0:23:34:26:b6:53:a5:f0:39:88:47:d2:49:84:
                    52:59:8e:75:a4:a3:8b:3c:83:b6:04:56:f6:a8:fa:
                    f8:e1:fb:19:56:d5:dd:d3:11:c0:30:14:60:6f:f4:
                    b7:c5:a0:35:0c:41:b8:2c:d8:b4:59:29:4c:6c:ee:
                    c1:bd:61:c7:f1:73:ce:e4:1f:04:b4:32:71:5e:a9:
                    cd:6b:42:86:ec:77:72:61:d3:31:e5:46:c2:fa:60:
                    13:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:1E:8D:40:0A:97:01:95:9E:22:B3:15:7B:B8:A1:FA:93:61:17:B5
            X509v3 Authority Key Identifier:
                keyid:83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:48:b9:23:0a:68:a3:e7:7e:d9:e5:a6:0c:62:c6:38:71:ec:
         ac:c8:8d:69:70:07:75:cb:9f:05:a0:e3:02:14:dd:b2:7b:fd:
         dc:fb:fd:63:f2:39:44:dd:bd:5b:5e:d6:0d:dc:4c:53:c9:14:
         24:5a:bd:1d:4d:12:8b:fe:33:14:a4:2e:65:ed:d3:a3:e4:36:
         38:cf:88:dc:cf:b0:3d:2b:ca:44:b3:c1:2f:2e:c0:49:26:31:
         fe:e3:5e:89:4e:64:36:c8:fe:7f:6f:a1:3b:45:86:b3:16:7b:
         74:3d:38:cf:76:8a:68:07:a6:fe:ba:5f:36:c4:3c:2b:f0:da:
         00:d4:b2:56:be:c7:ed:75:c4:50:77:d0:18:5a:95:31:5c:cd:
         89:c5:13:ab:5d:41:7c:23:e2:9e:c0:89:0d:70:27:5c:02:9b:
         26:2b:67:76:c4:4d:d5:e4:00:a4:ed:b4:bd:34:40:c4:c4:ba:
         d8:f8:b0:15:d6:cb:91:ba:81:fe:03:f2:4a:cc:ed:a0:39:93:
         97:b7:f6:47:fe:80:4f:f9:41:41:85:f1:de:46:de:f3:80:bd:
         2d:fb:35:bb:2a:33:87:33:1c:18:28:0c:2d:69:95:8e:46:81:
         66:3a:56:be:8e:ee:26:30:63:40:35:8c:3b:fa:c1:84:de:ad:
         51:e4:0c:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+kRrkD3oVUVRwUMxLwIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNmNDlkNmNjNjUwY2Q2ZDY1NDgyMzQ4ZTFkNmQwYjhm
ZDdlYWEwHhcNMjUwNDE2MTkwMTI4WhcNMjUwNDE3MTkwMTI4WjAzMTEwLwYDVQQD
EygzYTFlOGQ0MDBhOTcwMTk1OWUyMmIzMTU3YmI4YTFmYTkzNjExN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK0rgjYcGqag7k1oKmM6sGsascVJ
ClBTRVKEQZGubBbwYb8IH8lu4eHxOOfLRqo24ScI2XMn0MGwix0D6sullylVXmP5
hXyOo1XPeN6RzvRjqyWqGMnEy81HA1ORMxMBKFZf7ewP6oo8wJEbQK1o5SrucErq
DRUzgBZyPNX+2YHbPfD9zXT58Z3lwYHZPuodmzoWG8QMMqpE6JmRHJR0H0ASa/U8
0CM0JrZTpfA5iEfSSYRSWY51pKOLPIO2BFb2qPr44fsZVtXd0xHAMBRgb/S3xaA1
DEG4LNi0WSlMbO7BvWHH8XPO5B8EtDJxXqnNa0KG7HdyYdMx5UbC+mATdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoejUAKlwGVniKzFXu4ofqTYRe1MB8GA1UdIwQY
MBaAFIMj9J1sxlDNbWVII0jh1tC4/X6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYt
NWNmOTE5NGQxNzAyLzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lNzNmMTYtNDVkMi00M2MxLWE0YWYtNWNmOTE5NGQxNzAy
LzEvZ3lQMG5XekdVTTF0WlVnalNPSFcwTGo5ZnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUEi5Iwpo
o+d+2eWmDGLGOHHsrMiNaXAHdcufBaDjAhTdsnv93Pv9Y/I5RN29W17WDdxMU8kU
JFq9HU0Si/4zFKQuZe3To+Q2OM+I3M+wPSvKRLPBLy7ASSYx/uNeiU5kNsj+f2+h
O0WGsxZ7dD04z3aKaAem/rpfNsQ8K/DaANSyVr7H7XXEUHfQGFqVMVzNicUTq11B
fCPinsCJDXAnXAKbJitndsRN1eQApO20vTRAxMS62PiwFdbLkbqB/gPySsztoDmT
l7f2R/6AT/lBQYXx3kbe84C9Lfs1uyozhzMcGCgMLWmVjkaBZjpWvo7uJjBjQDWM
O/rBhN6tUeQMNQ==
-----END CERTIFICATE-----