Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          k3JQ0oL2Stxv65LQqoH4K38KQBH6U7hcQMOmMgW88PY=
Subject key identifier:   6A:69:AF:28:C2:A1:63:A9:BA:E8:50:B1:49:B0:7C:F1:23:08:B2:B8
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       019A72CA99A5C324572054531BA21EB3E898
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          01D7
Signing time:             Tue 11 Nov 2025 12:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:11 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: paeRC3I3yUNjpDEf/vrMwtSopsyauyqs/rCFy7VzmDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:99:a5:c3:24:57:20:54:53:1b:a2:1e:b3:e8:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Nov 11 12:01:11 2025 GMT
            Not After : Nov 12 12:01:11 2025 GMT
        Subject: CN=6a69af28c2a163a9bae850b149b07cf12308b2b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:44:b3:99:2c:01:b0:50:73:59:f5:25:d7:13:
                    9c:dc:c9:b0:27:06:09:54:1a:d4:89:2b:0b:45:c2:
                    e8:7d:c3:4d:93:96:f2:7c:d5:80:3f:76:b6:63:fd:
                    69:fa:13:c7:55:56:19:18:f1:0f:51:3d:aa:7c:f5:
                    cf:2e:b8:0c:fb:6c:7f:50:b2:3e:42:9b:dd:1f:f8:
                    ea:d6:16:4d:0e:74:fc:70:c7:93:69:4c:0c:68:5f:
                    30:a6:9b:81:af:1e:6c:e7:f4:31:b5:9b:7e:86:a4:
                    d4:bb:cc:1c:05:6a:06:0e:85:22:0f:02:d4:7b:ae:
                    de:6f:cb:6c:f5:00:3f:f4:84:ce:26:99:87:e2:8f:
                    09:bb:38:e7:ea:a6:69:5f:76:2a:47:f1:c1:c5:ff:
                    d1:02:be:76:f2:53:ee:17:c5:05:7c:1c:dd:f3:46:
                    fa:71:bf:eb:04:b3:b6:5f:8d:94:05:6b:79:92:35:
                    a7:25:ed:3c:20:47:ab:9a:aa:f8:78:51:2a:9c:08:
                    80:2a:04:52:2c:1d:29:d1:7e:a5:fe:68:60:9e:c1:
                    67:b1:99:16:aa:63:d9:1a:f7:cd:c0:1d:2a:33:bb:
                    9f:43:44:f6:09:a1:45:cc:a2:59:b3:9d:d2:c4:9f:
                    97:91:da:87:13:47:dd:c4:6c:84:f7:90:d0:7a:9a:
                    55:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:69:AF:28:C2:A1:63:A9:BA:E8:50:B1:49:B0:7C:F1:23:08:B2:B8
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:58:21:60:ca:a2:6d:8b:15:2e:7b:91:61:76:07:48:fe:bc:
         2b:2d:a7:70:dd:62:b4:01:e5:2a:62:5e:a4:d2:5d:84:22:20:
         28:2f:1f:98:ce:4a:bf:d1:c8:b4:83:1d:f3:d5:47:45:af:dd:
         80:7e:74:89:2d:49:78:cc:7c:54:42:a2:0d:61:7c:1a:82:ca:
         cb:68:af:68:cb:4d:16:2f:cd:2a:39:5b:47:68:ac:0b:a5:79:
         c7:16:4f:b1:c4:59:98:ea:f0:32:27:02:a6:ab:58:93:74:0e:
         6f:6a:e0:b1:cc:28:39:f0:0c:87:c8:04:ac:df:3d:0b:77:91:
         c3:c6:6e:e4:8e:0c:38:62:1f:3f:84:2b:29:9c:e6:fe:09:5f:
         64:b0:24:fb:52:1c:58:70:89:c4:4c:35:ab:cc:86:12:97:54:
         96:86:1f:78:a3:d5:5d:4a:43:b7:b6:4e:85:77:3f:47:47:96:
         c8:21:97:36:b5:59:65:7d:b8:f1:e6:a5:73:09:7a:d8:0b:c2:
         81:0b:8d:9d:26:4d:c8:b3:9f:0d:7b:bf:1d:1e:96:27:20:c5:
         dc:97:5c:d5:e0:29:ee:40:3b:36:1f:62:81:87:9a:91:76:76:
         f5:8e:b5:d7:06:65:d8:8b:86:e9:3b:44:72:f9:84:42:e2:44:
         10:0f:b9:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyypmlwyRXIFRTG6Ies+iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjUxMTExMTIwMTExWhcNMjUxMTEyMTIwMTExWjAzMTEwLwYDVQQD
Eyg2YTY5YWYyOGMyYTE2M2E5YmFlODUwYjE0OWIwN2NmMTIzMDhiMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzESzmSwBsFBzWfUl1xOc3MmwJwYJ
VBrUiSsLRcLofcNNk5byfNWAP3a2Y/1p+hPHVVYZGPEPUT2qfPXPLrgM+2x/ULI+
QpvdH/jq1hZNDnT8cMeTaUwMaF8wppuBrx5s5/QxtZt+hqTUu8wcBWoGDoUiDwLU
e67eb8ts9QA/9ITOJpmH4o8Juzjn6qZpX3YqR/HBxf/RAr528lPuF8UFfBzd80b6
cb/rBLO2X42UBWt5kjWnJe08IEermqr4eFEqnAiAKgRSLB0p0X6l/mhgnsFnsZkW
qmPZGvfNwB0qM7ufQ0T2CaFFzKJZs53SxJ+XkdqHE0fdxGyE95DQeppVrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGppryjCoWOpuuhQsUmwfPEjCLK4MB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXVghYMqi
bYsVLnuRYXYHSP68Ky2ncN1itAHlKmJepNJdhCIgKC8fmM5Kv9HItIMd89VHRa/d
gH50iS1JeMx8VEKiDWF8GoLKy2ivaMtNFi/NKjlbR2isC6V5xxZPscRZmOrwMicC
pqtYk3QOb2rgscwoOfAMh8gErN89C3eRw8Zu5I4MOGIfP4QrKZzm/glfZLAk+1Ic
WHCJxEw1q8yGEpdUloYfeKPVXUpDt7ZOhXc/R0eWyCGXNrVZZX248ealcwl62AvC
gQuNnSZNyLOfDXu/HR6WJyDF3Jdc1eAp7kA7Nh9igYeakXZ29Y611wZl2IuG6TtE
cvmEQuJEEA+5Ug==
-----END CERTIFICATE-----