Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
File:                     gbv0m8K-YG6m9Ivb-WJX3natfMA.mft (raw, json)
Hash identifier:          HSirqQ+eCn+Bs45v6oQ0dnf1fF5DJc3l5NpyD6ePTLw=
Subject key identifier:   F4:AC:22:B6:61:5D:E1:7B:4F:A0:4F:7F:25:ED:6F:8A:FB:B1:A1:0A
Authority key identifier: 81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0
Certificate issuer:       /CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
Certificate serial:       01975422FAC01955D36D09EDB70056E9D379
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
Manifest number:          157F
Signing time:             Mon 09 Jun 2025 10:01:07 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:07 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:07 +0000
Files and hashes:         1: gbv0m8K-YG6m9Ivb-WJX3natfMA.crl (hash: ODoLVS6UuhVy2si1WilqMQmlmWxo2fJplD503MXC+1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:fa:c0:19:55:d3:6d:09:ed:b7:00:56:e9:d3:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
        Validity
            Not Before: Jun  9 10:01:07 2025 GMT
            Not After : Jun 10 10:01:07 2025 GMT
        Subject: CN=f4ac22b6615de17b4fa04f7f25ed6f8afbb1a10a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:25:69:24:8d:b5:91:2d:29:91:0e:e4:bc:4e:
                    70:74:8e:24:64:83:d1:c6:7f:7c:09:9e:fa:60:c0:
                    24:69:08:c7:02:b5:18:10:65:24:6b:d1:58:7d:5f:
                    9f:fe:38:97:7d:71:e8:f2:4e:f6:2e:dd:c4:05:23:
                    df:59:03:43:60:a0:b2:5e:60:ea:11:2f:b9:a2:a3:
                    59:77:43:0c:08:f3:24:ec:ad:e9:0e:73:1c:e5:63:
                    12:cd:d1:68:52:5e:67:38:1f:ce:4e:17:6d:b6:c1:
                    9b:a2:93:b6:c1:b5:74:61:41:77:d2:37:69:67:3b:
                    9d:48:c7:14:5e:29:94:80:c2:b8:64:d9:4b:da:f3:
                    54:32:c6:45:0f:19:51:e1:f7:45:80:5e:f5:4d:7c:
                    b3:c8:c4:d7:11:05:29:ba:56:f3:88:e5:cb:a1:51:
                    15:a2:b1:55:46:a1:3a:4d:6a:14:05:57:1d:f7:96:
                    b8:57:58:82:33:52:a3:65:4d:74:85:10:a1:20:27:
                    68:49:25:1c:57:3b:96:ce:b0:d2:b8:e7:7a:1c:7d:
                    69:1c:8f:ea:ca:a9:3f:07:9a:26:30:09:13:71:55:
                    ca:bf:c2:2e:0e:3e:79:b6:2a:15:6d:a8:08:3d:7f:
                    9c:f4:cb:fd:34:d5:fc:41:95:f8:5d:64:97:db:b5:
                    d2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:AC:22:B6:61:5D:E1:7B:4F:A0:4F:7F:25:ED:6F:8A:FB:B1:A1:0A
            X509v3 Authority Key Identifier:
                keyid:81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:d2:00:88:7d:da:f6:04:f6:cb:4b:d2:d1:60:43:06:e4:20:
         f6:b1:8c:4b:cc:13:53:ec:95:e0:cb:72:88:da:e9:0a:ba:de:
         6c:b7:d8:2e:0e:6d:c6:14:37:cb:b9:1e:83:d7:22:bd:8e:f2:
         ff:78:c7:c2:14:3c:dc:95:5a:a5:ab:9e:0e:0c:72:ce:cb:02:
         0c:74:6f:68:ef:20:b0:b2:54:ae:f6:d2:2a:27:c9:d0:2a:18:
         69:7d:ec:2b:04:86:1b:a0:c6:53:71:47:f4:36:5c:f6:f8:ce:
         ec:43:5c:57:9a:2f:04:2e:59:12:4d:7e:88:42:0d:fb:52:ad:
         6c:75:84:31:e3:3a:22:88:1a:1b:a2:d3:4f:a0:62:97:b1:f9:
         fe:22:64:d0:53:17:d8:71:5e:c4:e3:2f:e2:1b:34:5d:d8:5f:
         33:89:ee:f7:93:15:65:64:c8:91:03:10:24:20:20:61:63:b5:
         98:fb:93:05:60:21:11:9c:b8:49:c4:8e:3e:ca:30:cc:7d:9a:
         f0:8a:41:49:51:9f:c1:6e:5c:39:0f:55:e0:c6:ec:d6:b9:0e:
         86:72:01:6b:bf:59:72:5d:e2:86:21:3f:48:33:77:f3:a2:c5:
         36:71:14:bc:80:41:e5:3d:f6:70:f7:68:ca:3e:7d:a7:be:66:
         db:d1:1a:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIvrAGVXTbQnttwBW6dN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmJmNDliYzJiZTYwNmVhNmY0OGJkYmY5NjI1N2RlNzZh
ZDdjYzAwHhcNMjUwNjA5MTAwMTA3WhcNMjUwNjEwMTAwMTA3WjAzMTEwLwYDVQQD
EyhmNGFjMjJiNjYxNWRlMTdiNGZhMDRmN2YyNWVkNmY4YWZiYjFhMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviVpJI21kS0pkQ7kvE5wdI4kZIPR
xn98CZ76YMAkaQjHArUYEGUka9FYfV+f/jiXfXHo8k72Lt3EBSPfWQNDYKCyXmDq
ES+5oqNZd0MMCPMk7K3pDnMc5WMSzdFoUl5nOB/OThdttsGbopO2wbV0YUF30jdp
ZzudSMcUXimUgMK4ZNlL2vNUMsZFDxlR4fdFgF71TXyzyMTXEQUpulbziOXLoVEV
orFVRqE6TWoUBVcd95a4V1iCM1KjZU10hRChICdoSSUcVzuWzrDSuOd6HH1pHI/q
yqk/B5omMAkTcVXKv8IuDj55tioVbagIPX+c9Mv9NNX8QZX4XWSX27XSOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSsIrZhXeF7T6BPfyXtb4r7saEKMB8GA1UdIwQY
MBaAFIG79JvCvmBupvSL2/liV952rXzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgt
NDE2OTQyMDJkZTY4LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgtNDE2OTQyMDJkZTY4
LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw9IAiH3a
9gT2y0vS0WBDBuQg9rGMS8wTU+yV4MtyiNrpCrrebLfYLg5txhQ3y7keg9civY7y
/3jHwhQ83JVapaueDgxyzssCDHRvaO8gsLJUrvbSKifJ0CoYaX3sKwSGG6DGU3FH
9DZc9vjO7ENcV5ovBC5ZEk1+iEIN+1KtbHWEMeM6IogaG6LTT6Bil7H5/iJk0FMX
2HFexOMv4hs0XdhfM4nu95MVZWTIkQMQJCAgYWO1mPuTBWAhEZy4ScSOPsowzH2a
8IpBSVGfwW5cOQ9V4Mbs1rkOhnIBa79Zcl3ihiE/SDN386LFNnEUvIBB5T32cPdo
yj59p75m29Ea1A==
-----END CERTIFICATE-----