Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          J3q9nGkb9V2sauehluftLSN6nekdG0X/WGy2bGCtEyU=
Subject key identifier:   A3:E1:B2:78:2B:D7:74:FE:1A:82:B4:A9:35:D9:66:E8:EB:DD:F7:06
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       01991808C386B05B05EC5F8F46A505A33438
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 04:00:51 +0000
Manifest this update:     Fri 05 Sep 2025 04:00:51 +0000
Manifest next update:     Sat 06 Sep 2025 04:00:51 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: 9bYeIUCOP+6oYuJy/eCIARpgXawhDsAEKck50/lMiZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:08:c3:86:b0:5b:05:ec:5f:8f:46:a5:05:a3:34:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Sep  5 04:00:51 2025 GMT
            Not After : Sep  6 04:00:51 2025 GMT
        Subject: CN=a3e1b2782bd774fe1a82b4a935d966e8ebddf706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f6:40:d1:77:fb:b6:2b:67:b2:a3:bf:ce:7b:
                    e7:48:0b:9e:81:0e:9e:de:72:25:00:33:96:b3:de:
                    42:a3:ac:f5:9e:49:9e:83:19:40:37:79:bf:d8:b9:
                    f0:67:95:19:2b:45:18:aa:2b:e9:43:94:27:a1:bd:
                    08:9f:75:64:28:f0:f6:ef:d0:13:3a:ec:92:57:a0:
                    74:df:49:28:49:ab:00:bb:2e:dc:91:91:43:af:66:
                    3d:c6:ea:cc:83:fc:6e:f8:c2:0e:75:f0:cf:f6:2d:
                    1b:5d:e6:f6:08:6d:77:de:7e:04:6d:10:54:c6:95:
                    ba:8a:d3:12:78:bf:39:52:e5:d8:0b:8e:6f:14:00:
                    83:26:2e:25:74:3b:43:4d:24:12:65:85:18:1b:e6:
                    48:a4:09:2f:8d:23:aa:ba:c5:6c:95:16:9a:ab:6e:
                    93:de:ef:4c:2b:e3:45:98:a1:9f:8b:8d:63:6c:c2:
                    fe:db:42:8b:55:66:c2:00:3c:4e:ca:8d:55:c9:f2:
                    6b:e4:ad:60:23:d3:c6:4c:98:89:47:c6:c7:01:9b:
                    04:d5:2c:5d:e4:19:1f:f9:13:ce:f1:d3:8a:09:91:
                    49:0e:0c:bb:7b:f7:84:3a:d2:a0:ed:01:25:de:12:
                    e1:62:67:a3:cf:f9:be:9e:f9:63:4d:80:eb:39:27:
                    e8:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E1:B2:78:2B:D7:74:FE:1A:82:B4:A9:35:D9:66:E8:EB:DD:F7:06
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:4f:7b:9c:32:40:fe:15:ab:6d:8f:07:0c:eb:92:70:1e:c1:
         3b:fe:7e:86:10:31:0b:01:87:db:f4:32:76:63:63:94:9c:7f:
         ac:3b:99:b1:0b:f5:9f:3c:61:bd:30:95:60:6a:e3:4f:15:42:
         5b:8c:f9:d1:d9:57:2e:39:d2:52:0a:a5:2a:90:50:66:0d:30:
         7a:dd:ad:3e:1a:13:56:85:2a:3e:8d:7b:f8:3d:9c:ae:75:3f:
         7a:6a:91:ba:4b:b9:16:b3:da:f1:69:0f:ec:1a:7c:92:81:d7:
         a0:59:3b:0c:44:a0:13:8c:0a:8c:73:a6:b6:b8:9e:f5:30:36:
         54:45:7e:30:22:e9:90:66:a9:19:24:85:91:f5:f9:11:34:07:
         52:d5:af:4e:dd:3b:0c:57:96:a1:31:b4:aa:3b:9b:fa:b3:4e:
         4f:7c:42:a3:53:77:4a:bc:cb:36:ff:c8:75:b3:e7:d5:13:c5:
         e8:72:6f:45:4b:36:9f:04:fe:a9:25:46:6f:0e:4f:22:d0:30:
         36:3f:ca:e2:61:d7:f9:91:0d:1e:b2:2d:e0:87:05:b0:ca:70:
         c7:28:f5:76:c6:19:94:23:34:7f:80:d6:93:10:06:c6:0f:dc:
         32:0c:03:e1:2e:57:1d:9d:13:9e:86:4d:9c:ba:cc:5d:be:67:
         46:0e:ee:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCMOGsFsF7F+PRqUFozQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUwOTA1MDQwMDUxWhcNMjUwOTA2MDQwMDUxWjAzMTEwLwYDVQQD
EyhhM2UxYjI3ODJiZDc3NGZlMWE4MmI0YTkzNWQ5NjZlOGViZGRmNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPZA0Xf7titnsqO/znvnSAuegQ6e
3nIlADOWs95Co6z1nkmegxlAN3m/2LnwZ5UZK0UYqivpQ5Qnob0In3VkKPD279AT
OuySV6B030koSasAuy7ckZFDr2Y9xurMg/xu+MIOdfDP9i0bXeb2CG133n4EbRBU
xpW6itMSeL85UuXYC45vFACDJi4ldDtDTSQSZYUYG+ZIpAkvjSOqusVslRaaq26T
3u9MK+NFmKGfi41jbML+20KLVWbCADxOyo1VyfJr5K1gI9PGTJiJR8bHAZsE1Sxd
5Bkf+RPO8dOKCZFJDgy7e/eEOtKg7QEl3hLhYmejz/m+nvljTYDrOSfoowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPhsngr13T+GoK0qTXZZujr3fcGMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATU97nDJA
/hWrbY8HDOuScB7BO/5+hhAxCwGH2/QydmNjlJx/rDuZsQv1nzxhvTCVYGrjTxVC
W4z50dlXLjnSUgqlKpBQZg0wet2tPhoTVoUqPo17+D2crnU/emqRuku5FrPa8WkP
7Bp8koHXoFk7DESgE4wKjHOmtrie9TA2VEV+MCLpkGapGSSFkfX5ETQHUtWvTt07
DFeWoTG0qjub+rNOT3xCo1N3SrzLNv/IdbPn1RPF6HJvRUs2nwT+qSVGbw5PItAw
Nj/K4mHX+ZENHrIt4IcFsMpwxyj1dsYZlCM0f4DWkxAGxg/cMgwD4S5XHZ0TnoZN
nLrMXb5nRg7uXA==
-----END CERTIFICATE-----