Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
File:                     GD41veDiUEYFoX1O0FVDfo00ql8.mft (raw, json)
Hash identifier:          B421iBUDw1zQYvRCB+/OHL5w078i8ZpF07S/M+sig3o=
Subject key identifier:   D0:35:76:08:74:D7:FD:C9:9D:F7:62:23:6A:E4:97:39:57:6E:B9:76
Authority key identifier: 18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F
Certificate issuer:       /CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
Certificate serial:       01976DE242770D498B65E5ECC05A554F7E3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 10:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 10:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 10:00:33 +0000
Files and hashes:         1: GD41veDiUEYFoX1O0FVDfo00ql8.crl (hash: jO6j0ecA9xQqoDIMdYR+L46vi0TljZS9XZeqXe+QoEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:e2:42:77:0d:49:8b:65:e5:ec:c0:5a:55:4f:7e:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
        Validity
            Not Before: Jun 14 10:00:33 2025 GMT
            Not After : Jun 15 10:00:33 2025 GMT
        Subject: CN=d035760874d7fdc99df762236ae49739576eb976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:09:cd:d8:cf:33:86:df:3d:0c:6b:7f:83:01:
                    30:f0:51:bb:6c:df:ee:03:2e:5f:11:83:6c:a5:24:
                    7e:25:eb:c1:de:0d:0a:17:ac:f9:08:9f:d6:11:3d:
                    cb:d6:0e:57:6f:2b:18:b7:df:37:0f:f9:16:00:b2:
                    de:c9:f2:99:3e:99:84:8e:e0:98:19:71:4d:a2:31:
                    14:73:ad:e7:b7:60:90:c5:70:c7:71:bc:ca:60:09:
                    b4:b8:e9:fa:f8:1a:dd:ba:63:be:a4:50:ec:07:e8:
                    cb:12:44:51:99:34:2f:a1:d4:62:85:b7:45:0c:fb:
                    dc:34:ef:4c:59:cb:2f:4d:fb:fa:c0:e6:3c:04:b4:
                    50:81:01:83:6c:49:39:57:3e:b6:17:f9:86:1f:ea:
                    28:b1:42:fc:13:d3:72:50:dd:e9:a6:ae:f0:4a:9d:
                    e2:e8:87:c1:b9:21:2f:0e:70:f6:c3:e3:87:ec:61:
                    51:ef:10:1c:1e:bc:e5:78:22:23:c5:9c:08:e1:53:
                    5d:e4:b6:1b:07:18:8f:f4:50:4a:ff:ec:5e:a3:f1:
                    57:27:71:33:f0:85:c0:da:36:46:e4:64:49:8f:ef:
                    7e:18:25:4b:d5:62:da:c4:55:36:5a:ea:fa:24:b6:
                    8e:a5:04:f4:f3:19:6a:f0:38:ac:8d:40:c1:9a:40:
                    0a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:35:76:08:74:D7:FD:C9:9D:F7:62:23:6A:E4:97:39:57:6E:B9:76
            X509v3 Authority Key Identifier:
                keyid:18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ec:05:3d:78:52:8e:5d:6a:b2:13:25:69:3c:a8:e5:5c:eb:
         84:94:98:90:88:ed:a6:60:39:de:28:7e:2a:8b:a9:37:8a:2a:
         ab:e0:4c:3d:8d:b7:2d:b9:4f:68:ca:eb:36:76:87:24:eb:00:
         15:68:ed:ba:09:8d:20:e3:66:f2:65:44:50:79:b7:50:c4:e3:
         75:e7:ca:05:cd:cd:22:e1:ba:02:f3:f5:87:c5:ab:9a:5b:99:
         a5:87:3e:85:e7:7d:59:77:49:f8:42:21:19:59:8d:68:1e:32:
         7f:fb:19:02:56:16:b9:03:52:f2:ff:ec:a9:48:08:ee:86:d1:
         60:b1:79:d9:d8:c6:16:56:d7:c1:d1:49:d9:63:f4:98:ae:c2:
         e8:a1:65:13:6b:8d:b6:23:38:bd:8f:1f:59:3c:b2:87:bd:5b:
         60:0f:b8:52:ff:1a:fd:2e:02:d7:12:e4:84:01:c5:32:4e:15:
         8e:12:1b:68:12:c7:41:61:6e:80:ce:85:3e:48:35:b9:25:6e:
         99:b9:5c:3f:28:fa:3f:53:4b:ec:c6:f9:06:82:3e:a5:5e:32:
         8c:91:a0:33:ea:c2:c9:ca:74:20:16:e6:f1:9f:e2:b1:0f:b9:
         d1:24:43:90:19:37:6a:98:1e:59:24:96:5c:be:d9:75:f8:10:
         3c:43:c5:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdt4kJ3DUmLZeXswFpVT348MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4M2UzNWJkZTBlMjUwNDYwNWExN2Q0ZWQwNTU0MzdlOGQz
NGFhNWYwHhcNMjUwNjE0MTAwMDMzWhcNMjUwNjE1MTAwMDMzWjAzMTEwLwYDVQQD
EyhkMDM1NzYwODc0ZDdmZGM5OWRmNzYyMjM2YWU0OTczOTU3NmViOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwnN2M8zht89DGt/gwEw8FG7bN/u
Ay5fEYNspSR+JevB3g0KF6z5CJ/WET3L1g5XbysYt983D/kWALLeyfKZPpmEjuCY
GXFNojEUc63nt2CQxXDHcbzKYAm0uOn6+BrdumO+pFDsB+jLEkRRmTQvodRihbdF
DPvcNO9MWcsvTfv6wOY8BLRQgQGDbEk5Vz62F/mGH+oosUL8E9NyUN3ppq7wSp3i
6IfBuSEvDnD2w+OH7GFR7xAcHrzleCIjxZwI4VNd5LYbBxiP9FBK/+xeo/FXJ3Ez
8IXA2jZG5GRJj+9+GCVL1WLaxFU2Wur6JLaOpQT08xlq8DisjUDBmkAKgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNA1dgh01/3JnfdiI2rklzlXbrl2MB8GA1UdIwQY
MBaAFBg+Nb3g4lBGBaF9TtBVQ36NNKpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYt
Y2M4YzJkYjZjZjI1LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYtY2M4YzJkYjZjZjI1
LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+wFPXhS
jl1qshMlaTyo5VzrhJSYkIjtpmA53ih+KoupN4oqq+BMPY23LblPaMrrNnaHJOsA
FWjtugmNIONm8mVEUHm3UMTjdefKBc3NIuG6AvP1h8WrmluZpYc+hed9WXdJ+EIh
GVmNaB4yf/sZAlYWuQNS8v/sqUgI7obRYLF52djGFlbXwdFJ2WP0mK7C6KFlE2uN
tiM4vY8fWTyyh71bYA+4Uv8a/S4C1xLkhAHFMk4VjhIbaBLHQWFugM6FPkg1uSVu
mblcPyj6P1NL7Mb5BoI+pV4yjJGgM+rCycp0IBbm8Z/isQ+50SRDkBk3apgeWSSW
XL7ZdfgQPEPFJw==
-----END CERTIFICATE-----