Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          2K7k8wpUPnmSw741oINb+zKVBzWrdCNdSCh5GbxnEGI=
Subject key identifier:   21:C1:93:91:AB:F6:97:52:2F:40:C0:3F:43:B6:48:AB:A7:39:6B:FF
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       01964D7E51DC91EE2CBF22D706FF6F5F10DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 10:00:45 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:45 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:45 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: 832MMOYz8K8PyeDOw4hAsbSgA29UH8fAgp8D213bp6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:51:dc:91:ee:2c:bf:22:d7:06:ff:6f:5f:10:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Apr 19 10:00:45 2025 GMT
            Not After : Apr 20 10:00:45 2025 GMT
        Subject: CN=21c19391abf697522f40c03f43b648aba7396bff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:6d:1a:4e:74:27:22:63:cf:7a:b1:9c:0d:e4:
                    5b:14:62:c8:e7:82:c3:7f:d1:e5:0b:d6:fd:59:56:
                    69:58:c7:08:2a:49:14:09:6c:f7:bf:e3:2c:42:9f:
                    e0:33:18:67:96:c2:2f:16:5d:17:df:e8:93:7b:6f:
                    ce:00:bd:7a:4f:07:1a:cc:73:21:b8:f1:2d:a1:02:
                    c8:b4:7f:2a:f8:eb:85:0c:04:e6:cb:0e:47:eb:20:
                    a2:49:2f:71:62:02:93:87:1c:2b:01:2a:24:b2:47:
                    d0:bd:a9:84:16:e8:94:1f:4a:7b:bf:b6:ef:89:89:
                    9f:ed:24:1a:48:b7:4e:8f:a1:bf:fb:74:42:5c:08:
                    5a:c9:e2:e2:9c:08:92:3c:6d:07:3c:a0:da:a4:1a:
                    59:4c:2c:ab:c9:3f:9c:46:47:f9:ae:d7:94:b5:f1:
                    db:98:29:d8:46:8f:fb:cd:1f:47:64:68:71:e3:c4:
                    96:d5:57:dc:26:c7:b7:78:b7:8d:68:bd:50:af:62:
                    ce:60:e8:1c:77:f6:00:91:79:c6:ea:6f:9f:81:d9:
                    d9:c8:10:aa:d8:de:02:b5:40:0e:13:17:51:76:d9:
                    d7:b0:52:c6:6a:ba:b9:e7:3f:db:c0:c1:9c:58:34:
                    0c:e2:76:0f:ca:e2:5f:82:24:80:c1:27:bb:04:ae:
                    55:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C1:93:91:AB:F6:97:52:2F:40:C0:3F:43:B6:48:AB:A7:39:6B:FF
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:3d:16:5c:b1:d3:1d:fe:9a:7b:36:a5:e5:5b:64:2b:cc:64:
         86:47:50:18:6d:7e:03:72:70:f0:cf:09:18:82:67:43:e2:84:
         69:ab:f5:75:1e:ea:44:e6:de:36:94:61:6c:2b:8a:39:c1:69:
         2e:be:44:44:f6:0e:12:c7:ac:a2:6b:fd:b5:aa:4b:44:de:85:
         11:da:eb:ed:69:c9:d6:87:ea:15:6d:f9:bb:23:bb:a2:2d:43:
         24:48:b9:7e:b5:b6:49:7c:1a:a9:e0:ca:33:99:e2:80:32:ba:
         5f:d3:6f:18:02:b6:66:61:e7:02:19:83:a7:9d:d5:d2:d2:41:
         da:67:69:51:a9:a1:cc:7f:65:b6:4f:9c:b3:d2:47:48:92:01:
         b3:e0:74:64:4c:f4:9f:a8:de:4d:bc:7a:4f:5c:bc:95:09:9f:
         ba:dc:d6:39:5c:7a:73:a9:45:e8:75:a9:e6:86:a6:93:e6:6c:
         01:f3:0e:c8:be:ba:9a:37:1c:f7:13:7b:eb:29:48:20:f5:7f:
         f8:67:91:06:5d:54:93:66:57:0a:25:26:f0:3e:98:68:9e:e7:
         6b:0a:36:d3:9a:77:4b:61:de:9f:9e:9a:34:ba:e0:35:bd:c9:
         ff:75:b9:8b:fa:0e:b3:a5:e6:40:6c:ee:1b:52:96:4a:04:d5:
         61:50:9e:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNflHcke4svyLXBv9vXxDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjUwNDE5MTAwMDQ1WhcNMjUwNDIwMTAwMDQ1WjAzMTEwLwYDVQQD
EygyMWMxOTM5MWFiZjY5NzUyMmY0MGMwM2Y0M2I2NDhhYmE3Mzk2YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG0aTnQnImPPerGcDeRbFGLI54LD
f9HlC9b9WVZpWMcIKkkUCWz3v+MsQp/gMxhnlsIvFl0X3+iTe2/OAL16TwcazHMh
uPEtoQLItH8q+OuFDATmyw5H6yCiSS9xYgKThxwrASokskfQvamEFuiUH0p7v7bv
iYmf7SQaSLdOj6G/+3RCXAhayeLinAiSPG0HPKDapBpZTCyryT+cRkf5rteUtfHb
mCnYRo/7zR9HZGhx48SW1VfcJse3eLeNaL1Qr2LOYOgcd/YAkXnG6m+fgdnZyBCq
2N4CtUAOExdRdtnXsFLGarq55z/bwMGcWDQM4nYPyuJfgiSAwSe7BK5ViwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHBk5Gr9pdSL0DAP0O2SKunOWv/MB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASD0WXLHT
Hf6aezal5VtkK8xkhkdQGG1+A3Jw8M8JGIJnQ+KEaav1dR7qRObeNpRhbCuKOcFp
Lr5ERPYOEsesomv9tapLRN6FEdrr7WnJ1ofqFW35uyO7oi1DJEi5frW2SXwaqeDK
M5nigDK6X9NvGAK2ZmHnAhmDp53V0tJB2mdpUamhzH9ltk+cs9JHSJIBs+B0ZEz0
n6jeTbx6T1y8lQmfutzWOVx6c6lF6HWp5oamk+ZsAfMOyL66mjcc9xN76ylIIPV/
+GeRBl1Uk2ZXCiUm8D6YaJ7nawo205p3S2Hen56aNLrgNb3J/3W5i/oOs6XmQGzu
G1KWSgTVYVCe+A==
-----END CERTIFICATE-----