Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          BoG2XrCOHuTKol95ojA99e+mv0yijtW6HKJ5TJvmxa0=
Subject key identifier:   6C:BA:2A:12:B4:61:65:06:C6:38:78:7D:54:FE:47:7E:0E:C4:8D:25
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       01974A7A58B18277A71528E5808C27E26091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 13:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:21 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: CYYZiwTT233HaTQGTf35yDvnIxQM3UUPfjMGua1tH4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:58:b1:82:77:a7:15:28:e5:80:8c:27:e2:60:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Jun  7 13:00:21 2025 GMT
            Not After : Jun  8 13:00:21 2025 GMT
        Subject: CN=6cba2a12b4616506c638787d54fe477e0ec48d25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:81:58:3d:03:04:4e:ab:30:81:3d:f5:1e:4b:
                    14:75:f9:6a:7a:32:d5:cc:02:c8:20:81:f9:d9:c4:
                    db:7b:e8:3e:12:86:4e:5a:e8:c5:87:e6:72:4e:1d:
                    00:a4:37:6d:40:84:3b:c8:a0:8d:40:52:6c:da:26:
                    3f:e9:87:5c:e8:a3:a8:08:60:9c:45:f2:9e:cb:1a:
                    c3:8e:fc:b1:02:5a:6c:77:f5:a4:74:fc:cb:12:c2:
                    5f:36:55:d2:ed:45:3a:b0:33:dc:64:78:be:4f:9d:
                    bd:6f:ed:9d:6a:c6:af:b0:7f:4e:68:b9:45:bc:e6:
                    17:32:1a:3c:72:24:89:8c:c7:47:ab:38:cb:92:3d:
                    aa:dd:85:4d:cc:26:87:7b:d3:c4:b8:ab:7b:a7:a5:
                    91:a2:ad:2a:c1:14:a4:64:0b:08:8e:56:fc:b2:90:
                    41:de:43:92:fb:99:0d:4b:6c:b4:b6:db:af:41:30:
                    43:36:4d:06:17:73:76:48:7b:78:21:99:b7:35:58:
                    36:77:6d:a1:95:fc:fa:ff:65:79:aa:39:2f:ad:8e:
                    b3:7d:26:f2:a7:a4:4d:55:dc:66:65:b1:25:ce:8e:
                    1c:a0:5a:19:02:76:3d:c1:74:43:58:70:ae:e0:d0:
                    77:d6:90:94:f3:01:cc:06:f6:b6:06:f2:19:3e:7f:
                    13:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:BA:2A:12:B4:61:65:06:C6:38:78:7D:54:FE:47:7E:0E:C4:8D:25
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:2b:bf:b9:d8:95:4e:2f:64:85:ab:42:48:aa:0a:4e:58:17:
         db:b7:5d:2c:4d:b7:4b:17:13:ac:c1:c0:88:83:b4:5e:92:2d:
         5f:57:38:c6:bd:d1:c1:cd:71:7d:13:57:44:4e:dd:c5:ff:8f:
         79:ab:dc:7b:35:92:1f:e6:29:d6:97:fc:19:6f:bb:0d:7c:54:
         ad:90:5e:7f:73:12:84:f2:76:12:34:bc:f3:84:f7:c8:2d:65:
         c9:9c:4b:8a:49:44:97:9d:a5:25:54:82:c0:c4:a4:d4:8f:67:
         23:15:04:32:18:64:90:f5:0e:cc:23:97:99:d4:d1:71:0c:5f:
         ee:45:e5:5f:b6:3b:cb:93:87:19:4f:ea:7e:39:07:8c:78:fe:
         f1:d5:be:b7:d9:db:fb:a2:79:16:27:49:4d:93:4f:ac:c5:f4:
         aa:f7:be:66:bb:64:1b:69:22:54:02:78:df:be:03:29:50:a1:
         de:fb:3c:97:89:c1:8c:d3:97:94:7a:f5:ee:86:16:1b:6e:07:
         0e:c7:8e:15:64:a2:62:e7:a4:9c:e3:21:a4:68:ae:04:42:02:
         cf:85:19:99:96:a3:44:d8:d0:d3:30:23:fe:22:50:23:7b:4a:
         c9:5f:8b:e6:2d:87:7b:de:25:e9:7f:a3:bf:10:7c:ac:e0:0a:
         e6:4c:5f:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKelixgnenFSjlgIwn4mCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUwNjA3MTMwMDIxWhcNMjUwNjA4MTMwMDIxWjAzMTEwLwYDVQQD
Eyg2Y2JhMmExMmI0NjE2NTA2YzYzODc4N2Q1NGZlNDc3ZTBlYzQ4ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoFYPQMETqswgT31HksUdflqejLV
zALIIIH52cTbe+g+EoZOWujFh+ZyTh0ApDdtQIQ7yKCNQFJs2iY/6Ydc6KOoCGCc
RfKeyxrDjvyxAlpsd/WkdPzLEsJfNlXS7UU6sDPcZHi+T529b+2dasavsH9OaLlF
vOYXMho8ciSJjMdHqzjLkj2q3YVNzCaHe9PEuKt7p6WRoq0qwRSkZAsIjlb8spBB
3kOS+5kNS2y0ttuvQTBDNk0GF3N2SHt4IZm3NVg2d22hlfz6/2V5qjkvrY6zfSby
p6RNVdxmZbElzo4coFoZAnY9wXRDWHCu4NB31pCU8wHMBva2BvIZPn8THwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGy6KhK0YWUGxjh4fVT+R34OxI0lMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdyu/udiV
Ti9khatCSKoKTlgX27ddLE23SxcTrMHAiIO0XpItX1c4xr3Rwc1xfRNXRE7dxf+P
eavcezWSH+Yp1pf8GW+7DXxUrZBef3MShPJ2EjS884T3yC1lyZxLiklEl52lJVSC
wMSk1I9nIxUEMhhkkPUOzCOXmdTRcQxf7kXlX7Y7y5OHGU/qfjkHjHj+8dW+t9nb
+6J5FidJTZNPrMX0qve+ZrtkG2kiVAJ4374DKVCh3vs8l4nBjNOXlHr17oYWG24H
DseOFWSiYueknOMhpGiuBEICz4UZmZajRNjQ0zAj/iJQI3tKyV+L5i2He94l6X+j
vxB8rOAK5kxfaw==
-----END CERTIFICATE-----