Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
File:                     gbv0m8K-YG6m9Ivb-WJX3natfMA.mft (raw, json)
Hash identifier:          mzOA0DZqUoBRYiEaiUvy0rRf2ff0PNU3dUhxZF/5oso=
Subject key identifier:   23:E4:0A:8F:07:12:DF:92:05:96:70:BB:42:F1:45:65:7E:C8:08:17
Authority key identifier: 81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0
Certificate issuer:       /CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
Certificate serial:       019763956770C8DA73C678AE6221C43BDEE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
Manifest number:          1587
Signing time:             Thu 12 Jun 2025 10:00:25 +0000
Manifest this update:     Thu 12 Jun 2025 10:00:25 +0000
Manifest next update:     Fri 13 Jun 2025 10:00:25 +0000
Files and hashes:         1: gbv0m8K-YG6m9Ivb-WJX3natfMA.crl (hash: OPjjnljmojaob0DFbygrbeCP4cfF7aiufjhNakpvjAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:95:67:70:c8:da:73:c6:78:ae:62:21:c4:3b:de:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
        Validity
            Not Before: Jun 12 10:00:25 2025 GMT
            Not After : Jun 13 10:00:25 2025 GMT
        Subject: CN=23e40a8f0712df92059670bb42f145657ec80817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2b:94:e9:f6:2e:c3:cc:f1:19:38:ab:1d:c1:
                    f9:fd:89:7b:05:dc:2d:6e:4d:0d:7c:b7:e8:ea:29:
                    e3:63:3c:0d:f2:22:39:7e:69:c5:a5:52:5f:66:d1:
                    e8:0a:58:48:1b:3b:3f:9a:ca:04:5d:53:9f:46:39:
                    59:ea:b9:a7:3f:ba:bc:15:23:f4:40:f3:e3:ad:e4:
                    80:2c:c1:93:ca:dd:97:91:bf:aa:4f:da:32:1d:c2:
                    6a:d9:99:68:91:e3:75:d6:35:3b:ad:a6:c0:8d:f2:
                    91:40:80:08:9c:08:fb:59:ea:97:8f:67:06:84:b7:
                    40:ed:91:80:43:a3:c1:43:51:a3:fb:0d:4e:32:2d:
                    cf:02:36:e5:7d:04:24:9d:0e:90:db:1f:0e:14:8f:
                    d0:7f:49:3c:cc:d5:de:de:7d:32:1d:25:85:78:ec:
                    30:b8:de:1b:bf:58:28:9d:b7:fc:80:c9:59:99:f4:
                    12:89:7a:0f:3f:be:63:7f:0e:3c:ce:c7:ef:10:2d:
                    21:ff:7c:fa:4e:04:59:31:66:ec:e4:46:bf:bb:5f:
                    db:e1:09:50:10:93:89:e9:39:3b:52:8c:9c:c8:ed:
                    fe:83:4c:17:9b:a1:b3:de:92:10:5e:51:13:71:4f:
                    7b:0d:a3:bc:38:0c:b5:9d:37:33:70:fe:22:4e:5a:
                    09:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:E4:0A:8F:07:12:DF:92:05:96:70:BB:42:F1:45:65:7E:C8:08:17
            X509v3 Authority Key Identifier:
                keyid:81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:13:cd:d5:aa:87:a8:d3:be:a6:d9:42:6e:e3:ad:51:05:a4:
         ba:cc:57:87:3e:82:05:0f:19:7f:49:79:c5:68:08:2b:81:6a:
         54:82:f2:9d:d7:02:e7:55:04:03:b2:bc:2d:a7:59:53:d8:05:
         ad:7c:d0:e6:10:24:c1:c1:78:3a:86:3d:ff:0f:fc:3a:c2:87:
         f1:31:10:52:4a:dc:3d:2e:1e:da:c1:7b:ef:fd:cc:1d:46:b9:
         49:2d:52:34:55:02:ed:f4:74:85:a2:6b:1b:c8:9e:f9:65:40:
         56:9d:49:3c:bf:db:33:31:b9:94:25:93:1b:bd:e0:39:64:6b:
         e9:5d:86:5c:05:47:78:94:37:83:8f:f8:07:f6:e6:7d:c4:d2:
         58:06:9c:d5:19:7f:16:62:eb:8f:ae:7d:5b:8e:7d:7a:ac:25:
         dc:7b:8a:0b:93:f5:fd:a7:36:cd:fd:77:96:60:2c:94:6c:23:
         12:82:86:93:53:5e:7a:9c:1a:79:2c:29:b0:5c:ce:97:e0:d2:
         cc:25:1c:8e:72:4a:6d:77:76:ec:d4:f4:80:0c:41:07:20:cd:
         40:f6:70:4d:2f:43:45:21:7a:83:c7:e3:b2:37:5d:b4:dd:ea:
         e2:04:06:ba:bb:c9:59:dd:ae:aa:5e:06:a8:f4:31:53:df:20:
         08:77:13:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlWdwyNpzxniuYiHEO97lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmJmNDliYzJiZTYwNmVhNmY0OGJkYmY5NjI1N2RlNzZh
ZDdjYzAwHhcNMjUwNjEyMTAwMDI1WhcNMjUwNjEzMTAwMDI1WjAzMTEwLwYDVQQD
EygyM2U0MGE4ZjA3MTJkZjkyMDU5NjcwYmI0MmYxNDU2NTdlYzgwODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCuU6fYuw8zxGTirHcH5/Yl7Bdwt
bk0NfLfo6injYzwN8iI5fmnFpVJfZtHoClhIGzs/msoEXVOfRjlZ6rmnP7q8FSP0
QPPjreSALMGTyt2Xkb+qT9oyHcJq2ZlokeN11jU7rabAjfKRQIAInAj7WeqXj2cG
hLdA7ZGAQ6PBQ1Gj+w1OMi3PAjblfQQknQ6Q2x8OFI/Qf0k8zNXe3n0yHSWFeOww
uN4bv1gonbf8gMlZmfQSiXoPP75jfw48zsfvEC0h/3z6TgRZMWbs5Ea/u1/b4QlQ
EJOJ6Tk7UoycyO3+g0wXm6Gz3pIQXlETcU97DaO8OAy1nTczcP4iTloJgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPkCo8HEt+SBZZwu0LxRWV+yAgXMB8GA1UdIwQY
MBaAFIG79JvCvmBupvSL2/liV952rXzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgt
NDE2OTQyMDJkZTY4LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgtNDE2OTQyMDJkZTY4
LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRPN1aqH
qNO+ptlCbuOtUQWkusxXhz6CBQ8Zf0l5xWgIK4FqVILyndcC51UEA7K8LadZU9gF
rXzQ5hAkwcF4OoY9/w/8OsKH8TEQUkrcPS4e2sF77/3MHUa5SS1SNFUC7fR0haJr
G8ie+WVAVp1JPL/bMzG5lCWTG73gOWRr6V2GXAVHeJQ3g4/4B/bmfcTSWAac1Rl/
FmLrj659W459eqwl3HuKC5P1/ac2zf13lmAslGwjEoKGk1NeepwaeSwpsFzOl+DS
zCUcjnJKbXd27NT0gAxBByDNQPZwTS9DRSF6g8fjsjddtN3q4gQGurvJWd2uql4G
qPQxU98gCHcTCg==
-----END CERTIFICATE-----