Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
File:                     gbv0m8K-YG6m9Ivb-WJX3natfMA.mft (raw, json)
Hash identifier:          HaH31+lUcZZXzYFQQnOuZ6NqKEJ/gON9++38+An8eNY=
Subject key identifier:   9D:82:98:8D:C0:E1:41:4C:87:D9:85:B3:C2:EE:BC:4D:53:F2:93:08
Authority key identifier: 81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0
Certificate issuer:       /CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
Certificate serial:       019759EE29A528C41EE1A0E460F73BF4E6BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
Manifest number:          1582
Signing time:             Tue 10 Jun 2025 13:01:09 +0000
Manifest this update:     Tue 10 Jun 2025 13:01:09 +0000
Manifest next update:     Wed 11 Jun 2025 13:01:09 +0000
Files and hashes:         1: gbv0m8K-YG6m9Ivb-WJX3natfMA.crl (hash: jGCxX+a7zN1BvvH++FrMjHVZxxxnePy6cvkinDuzHMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ee:29:a5:28:c4:1e:e1:a0:e4:60:f7:3b:f4:e6:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
        Validity
            Not Before: Jun 10 13:01:09 2025 GMT
            Not After : Jun 11 13:01:09 2025 GMT
        Subject: CN=9d82988dc0e1414c87d985b3c2eebc4d53f29308
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:00:ce:dd:6d:23:ae:cd:11:e9:aa:7c:6e:2c:
                    a4:5a:e8:22:02:89:dc:50:0c:a8:2d:88:c4:81:60:
                    22:83:8e:d7:a2:b7:5d:8d:50:a0:03:f0:4a:f0:61:
                    d6:ab:fa:b5:67:9a:45:d0:0b:e3:66:b2:71:ff:31:
                    b8:33:8c:6c:05:55:4a:45:04:0a:54:6c:a1:c5:5f:
                    52:ad:d9:ca:7f:35:79:59:15:ea:29:47:f5:62:1e:
                    ef:cb:06:07:3c:ca:62:3f:e4:29:eb:c0:f4:5a:4f:
                    df:e7:40:54:bb:5a:b9:a0:86:a6:49:82:9c:e7:56:
                    3b:62:49:cd:7d:d9:34:8e:e2:a2:7d:2f:5b:c6:64:
                    c4:3f:30:2a:32:85:c6:a6:bb:60:25:93:4c:46:4c:
                    30:be:d6:de:98:29:58:2e:17:0a:0c:be:64:aa:6d:
                    d6:7a:8f:ff:d3:df:85:ac:1d:80:8c:ac:60:c0:0c:
                    c6:68:f7:d9:cd:97:f7:21:e3:79:22:20:c3:cb:59:
                    d8:98:53:a0:5f:15:8c:3f:af:a6:4a:73:7b:fa:b5:
                    0d:98:9a:d0:8a:e7:bf:20:98:91:38:17:20:b0:84:
                    1d:dd:c5:71:3c:f2:bf:7d:7d:c9:f1:8d:9e:b0:75:
                    03:c5:5f:38:53:92:14:a2:c4:f1:a5:54:69:83:28:
                    78:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:82:98:8D:C0:E1:41:4C:87:D9:85:B3:C2:EE:BC:4D:53:F2:93:08
            X509v3 Authority Key Identifier:
                keyid:81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:3b:7c:9d:88:6e:17:9a:e3:f4:7a:6c:9f:67:3b:c1:77:55:
         9e:b8:59:bd:2e:e2:88:59:cd:17:38:ee:a8:6a:f8:eb:28:86:
         0a:48:12:f3:50:85:30:ed:8c:b2:36:0c:47:7f:3c:4c:68:40:
         ea:cf:3e:0b:51:01:13:6e:a2:d8:8b:9d:c3:5d:21:47:47:ad:
         d5:e2:40:a6:00:a4:1d:25:05:9a:42:e9:fa:d5:6d:96:1c:9f:
         0c:d1:38:59:a7:cd:fe:a6:3d:f4:9c:09:c9:40:3f:cf:de:95:
         c7:24:9c:c3:8b:c6:d4:81:d5:8c:ba:2f:8f:b3:f8:4d:13:8d:
         8f:09:1c:d7:39:e5:a7:52:a7:38:a4:dd:31:4e:6c:0c:99:90:
         a6:93:5c:45:ad:d6:0b:a0:0c:b9:33:63:89:bf:f3:7a:66:46:
         19:18:b0:59:64:7f:85:64:1a:29:64:fd:fa:90:25:a6:6b:21:
         f3:6d:7c:ca:01:d1:25:dc:23:84:5c:5c:48:c2:19:0c:60:31:
         e4:d3:2e:d7:cb:2f:34:f8:38:c7:df:8a:33:90:05:db:56:20:
         10:f6:22:e2:17:0c:af:ff:6a:68:32:fb:3f:b2:c6:bc:60:bc:
         8f:dc:1b:78:d4:d9:e1:df:48:49:2e:32:a6:35:a4:f4:a5:4f:
         f9:79:83:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7imlKMQe4aDkYPc79Oa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmJmNDliYzJiZTYwNmVhNmY0OGJkYmY5NjI1N2RlNzZh
ZDdjYzAwHhcNMjUwNjEwMTMwMTA5WhcNMjUwNjExMTMwMTA5WjAzMTEwLwYDVQQD
Eyg5ZDgyOTg4ZGMwZTE0MTRjODdkOTg1YjNjMmVlYmM0ZDUzZjI5MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQDO3W0jrs0R6ap8biykWugiAonc
UAyoLYjEgWAig47XorddjVCgA/BK8GHWq/q1Z5pF0AvjZrJx/zG4M4xsBVVKRQQK
VGyhxV9SrdnKfzV5WRXqKUf1Yh7vywYHPMpiP+Qp68D0Wk/f50BUu1q5oIamSYKc
51Y7YknNfdk0juKifS9bxmTEPzAqMoXGprtgJZNMRkwwvtbemClYLhcKDL5kqm3W
eo//09+FrB2AjKxgwAzGaPfZzZf3IeN5IiDDy1nYmFOgXxWMP6+mSnN7+rUNmJrQ
iue/IJiROBcgsIQd3cVxPPK/fX3J8Y2esHUDxV84U5IUosTxpVRpgyh4AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2CmI3A4UFMh9mFs8LuvE1T8pMIMB8GA1UdIwQY
MBaAFIG79JvCvmBupvSL2/liV952rXzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgt
NDE2OTQyMDJkZTY4LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgtNDE2OTQyMDJkZTY4
LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDt8nYhu
F5rj9Hpsn2c7wXdVnrhZvS7iiFnNFzjuqGr46yiGCkgS81CFMO2MsjYMR388TGhA
6s8+C1EBE26i2Iudw10hR0et1eJApgCkHSUFmkLp+tVtlhyfDNE4WafN/qY99JwJ
yUA/z96VxyScw4vG1IHVjLovj7P4TRONjwkc1znlp1KnOKTdMU5sDJmQppNcRa3W
C6AMuTNjib/zemZGGRiwWWR/hWQaKWT9+pAlpmsh8218ygHRJdwjhFxcSMIZDGAx
5NMu18svNPg4x9+KM5AF21YgEPYi4hcMr/9qaDL7P7LGvGC8j9wbeNTZ4d9ISS4y
pjWk9KVP+XmDuA==
-----END CERTIFICATE-----