Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          I41rpDmupeyV5KB73tYphuslN8rJ05ga7HFHHXa/KQ8=
Subject key identifier:   F6:0A:1F:AD:5F:55:ED:6A:98:9C:3B:85:35:D5:5B:F0:EE:8D:FD:33
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       0197499F391A1E9EB0F791DD48A56EC37B2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          34
Signing time:             Sat 07 Jun 2025 09:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 09:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 09:01:00 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: u9wb4Q7lrjRFGvsYGy0ezPeBftTOQeh6rDLMSHgfDeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:39:1a:1e:9e:b0:f7:91:dd:48:a5:6e:c3:7b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Jun  7 09:01:00 2025 GMT
            Not After : Jun  8 09:01:00 2025 GMT
        Subject: CN=f60a1fad5f55ed6a989c3b8535d55bf0ee8dfd33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6b:44:85:48:36:7e:bc:54:1b:02:0d:3c:51:
                    46:e4:49:47:c9:0a:37:28:63:c7:86:02:7e:7f:a2:
                    ae:8f:88:d8:8c:fb:76:04:75:0a:49:15:f3:3a:94:
                    59:18:1a:75:e4:c7:87:31:1a:d1:32:0b:64:be:c9:
                    6c:9c:54:e5:19:f0:63:11:7b:35:f8:bb:14:84:d1:
                    31:6b:b5:c8:a1:f8:f4:03:07:73:a2:40:d9:17:1c:
                    ab:5a:60:c0:c3:3e:2b:f8:3f:7f:5b:6e:7f:8d:97:
                    96:b8:d4:70:0f:1c:2b:6f:f2:32:1d:26:06:8b:3f:
                    4a:02:74:34:21:41:d6:1a:09:9f:7f:00:f0:c4:aa:
                    79:00:5b:26:f3:ee:52:d5:0b:8b:05:af:a6:a7:56:
                    6d:6c:d5:44:fa:70:51:53:8b:77:6d:0b:6a:26:5a:
                    38:e1:16:61:aa:d5:b2:88:54:e5:5b:ad:4d:15:09:
                    bf:97:75:65:e9:b6:74:49:ad:98:cb:16:4a:6b:48:
                    61:c6:a8:e2:b5:a8:74:7b:f3:74:69:a8:c6:ee:42:
                    ef:9a:7a:ed:fa:21:aa:8c:5b:36:9f:1c:29:a4:c0:
                    97:d5:c4:9b:64:5b:3f:c1:a8:a4:98:92:9b:fd:31:
                    bc:29:52:5d:1a:9c:4f:80:77:14:41:62:de:50:d3:
                    cf:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:0A:1F:AD:5F:55:ED:6A:98:9C:3B:85:35:D5:5B:F0:EE:8D:FD:33
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:49:af:3e:b6:57:44:87:87:b7:22:d9:73:68:b4:6b:2c:58:
         0d:14:1e:36:76:a2:8e:06:bb:a5:60:6e:73:bf:f1:7e:2a:0f:
         e7:65:2f:7d:16:a4:93:40:5e:1b:42:68:11:c4:42:d5:7c:dd:
         5d:70:17:b2:95:6f:8c:c2:96:17:bb:e1:53:25:f3:df:cf:44:
         d4:fc:ab:cf:02:2f:0b:ea:06:51:88:b2:72:a7:24:9e:f0:1b:
         cd:a9:4f:b4:a5:ad:67:dc:6a:56:ee:d5:f7:13:ee:68:52:be:
         ea:5b:94:0a:6c:69:92:d0:e4:cf:7e:cf:c0:29:78:14:f1:f5:
         d7:77:bd:34:d7:99:8a:93:61:04:ef:96:9a:0b:a4:88:c6:62:
         79:9c:ea:9c:f2:e9:46:f6:56:ac:46:af:10:6f:75:e8:bd:bc:
         de:bf:04:5c:1c:f5:c9:ca:6f:23:1f:99:7d:f4:3b:b7:32:c2:
         62:73:9b:05:04:89:17:2d:dc:1d:00:09:fb:35:10:88:21:31:
         de:e2:f7:89:28:04:cd:1a:31:23:ef:65:ba:7e:e5:20:1d:d6:
         a3:95:ac:08:b7:8a:40:9e:fa:d0:9e:fc:0b:70:99:f1:5f:54:
         65:d2:3c:f1:ce:12:25:80:a5:60:55:5a:8d:0e:65:dc:db:23:
         17:3a:11:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnzkaHp6w95HdSKVuw3sqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjUwNjA3MDkwMTAwWhcNMjUwNjA4MDkwMTAwWjAzMTEwLwYDVQQD
EyhmNjBhMWZhZDVmNTVlZDZhOTg5YzNiODUzNWQ1NWJmMGVlOGRmZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mtEhUg2frxUGwINPFFG5ElHyQo3
KGPHhgJ+f6Kuj4jYjPt2BHUKSRXzOpRZGBp15MeHMRrRMgtkvslsnFTlGfBjEXs1
+LsUhNExa7XIofj0AwdzokDZFxyrWmDAwz4r+D9/W25/jZeWuNRwDxwrb/IyHSYG
iz9KAnQ0IUHWGgmffwDwxKp5AFsm8+5S1QuLBa+mp1ZtbNVE+nBRU4t3bQtqJlo4
4RZhqtWyiFTlW61NFQm/l3Vl6bZ0Sa2YyxZKa0hhxqjitah0e/N0aajG7kLvmnrt
+iGqjFs2nxwppMCX1cSbZFs/waikmJKb/TG8KVJdGpxPgHcUQWLeUNPPnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYKH61fVe1qmJw7hTXVW/Dujf0zMB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkmvPrZX
RIeHtyLZc2i0ayxYDRQeNnaijga7pWBuc7/xfioP52UvfRakk0BeG0JoEcRC1Xzd
XXAXspVvjMKWF7vhUyXz389E1PyrzwIvC+oGUYiycqcknvAbzalPtKWtZ9xqVu7V
9xPuaFK+6luUCmxpktDkz37PwCl4FPH113e9NNeZipNhBO+WmgukiMZieZzqnPLp
RvZWrEavEG916L283r8EXBz1ycpvIx+ZffQ7tzLCYnObBQSJFy3cHQAJ+zUQiCEx
3uL3iSgEzRoxI+9lun7lIB3Wo5WsCLeKQJ760J78C3CZ8V9UZdI88c4SJYClYFVa
jQ5l3NsjFzoRyA==
-----END CERTIFICATE-----