Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          xJZWNgMO/rRGc4WOKFjmAc39twKzxyZqdGz2ccpmp34=
Subject key identifier:   A0:E9:A5:94:A8:C3:44:BD:A0:87:D3:30:43:5E:06:AB:9D:54:AE:54
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       0196A352BF6A8888A87B591598B58F4584A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          14B4
Signing time:             Tue 06 May 2025 02:00:31 +0000
Manifest this update:     Tue 06 May 2025 02:00:31 +0000
Manifest next update:     Wed 07 May 2025 02:00:31 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: 5i0T0uBYSOCj4XkTvsTsQZB7i83Lq2JzHag4+cndYUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:52:bf:6a:88:88:a8:7b:59:15:98:b5:8f:45:84:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: May  6 02:00:31 2025 GMT
            Not After : May  7 02:00:31 2025 GMT
        Subject: CN=a0e9a594a8c344bda087d330435e06ab9d54ae54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f4:e5:c4:67:a0:90:de:38:6a:c9:a7:05:08:
                    35:65:22:57:86:f1:21:7a:cb:d9:52:ed:b1:c0:31:
                    a8:8f:ee:6a:ac:f2:0f:88:9c:d1:5c:29:d5:2f:63:
                    7e:44:bd:47:64:5e:db:0a:ba:71:ff:7a:97:f1:53:
                    06:77:dd:ac:0d:8e:fc:80:28:74:eb:4c:d9:73:2c:
                    3e:82:57:84:98:82:65:08:d3:5d:45:07:01:ae:05:
                    87:e4:d7:52:3b:d9:8b:eb:79:3a:fc:67:2f:23:71:
                    e2:ec:7f:22:57:e2:ea:5b:6a:60:ec:5f:85:15:7b:
                    74:48:c6:91:6d:97:5d:16:c7:2c:58:ce:54:51:b4:
                    1a:f9:3f:ec:cd:a8:c4:a8:9e:82:b4:f7:71:3e:51:
                    02:4b:0c:a5:87:7b:61:69:7d:1f:0d:93:d7:04:3f:
                    d8:c6:4c:d3:df:e5:bb:9e:cf:aa:37:1b:64:d9:7e:
                    a7:27:a7:c8:fe:f7:16:87:a6:cc:f0:4a:3c:94:a1:
                    61:0a:12:6c:53:b4:6b:a7:81:dd:88:c6:23:07:92:
                    51:a8:4e:b1:b1:8c:ca:50:5f:5b:7c:f6:b9:b5:40:
                    17:fc:33:28:e7:2d:14:72:25:b7:95:36:52:80:ae:
                    46:b9:f6:dc:3c:4f:29:23:9c:bc:e0:10:8c:df:0f:
                    bb:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:E9:A5:94:A8:C3:44:BD:A0:87:D3:30:43:5E:06:AB:9D:54:AE:54
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:72:e7:5a:09:7b:e2:92:cd:2b:3c:7c:42:b6:f1:c3:24:bf:
         62:1a:33:f9:d5:d6:f6:6e:a4:2b:6d:22:32:55:a9:8c:09:b6:
         81:00:3b:bd:e5:50:de:fa:c9:84:51:93:5d:eb:ae:3f:16:af:
         a1:48:cb:15:88:02:ed:8f:2c:85:c0:7c:4e:63:66:50:f6:d8:
         7c:5e:95:3e:f3:4e:d5:04:54:03:a2:27:bb:5e:41:7d:67:16:
         d5:d7:3b:e2:e1:ec:7b:a9:82:58:32:b2:92:97:9d:48:17:4e:
         3f:ba:26:68:f3:8e:cc:95:af:d2:73:15:a7:e8:5a:0d:2f:46:
         86:24:d9:1d:d7:fd:08:5e:98:8a:1e:c9:98:c7:3f:bc:71:db:
         7c:a2:02:5d:e9:17:18:60:57:e9:b4:d5:29:5f:74:ed:9b:1b:
         89:55:99:05:ef:04:95:3e:72:c0:60:ad:5e:0f:a8:6f:a7:74:
         54:e3:c3:44:e5:49:da:3d:0f:48:df:ba:6e:0e:6f:8e:1a:cb:
         7f:86:9a:5f:a4:a3:06:fd:a8:d4:54:25:10:ff:20:f3:2a:69:
         d0:91:e1:a8:9b:67:e5:79:9a:6d:f8:45:f8:c9:9e:55:93:38:
         93:30:4b:5f:10:b0:b6:79:90:d4:b8:21:a7:6e:d3:cd:e6:8a:
         e2:bb:13:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajUr9qiIioe1kVmLWPRYSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUwNTA2MDIwMDMxWhcNMjUwNTA3MDIwMDMxWjAzMTEwLwYDVQQD
EyhhMGU5YTU5NGE4YzM0NGJkYTA4N2QzMzA0MzVlMDZhYjlkNTRhZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPTlxGegkN44asmnBQg1ZSJXhvEh
esvZUu2xwDGoj+5qrPIPiJzRXCnVL2N+RL1HZF7bCrpx/3qX8VMGd92sDY78gCh0
60zZcyw+gleEmIJlCNNdRQcBrgWH5NdSO9mL63k6/GcvI3Hi7H8iV+LqW2pg7F+F
FXt0SMaRbZddFscsWM5UUbQa+T/szajEqJ6CtPdxPlECSwylh3thaX0fDZPXBD/Y
xkzT3+W7ns+qNxtk2X6nJ6fI/vcWh6bM8Eo8lKFhChJsU7Rrp4HdiMYjB5JRqE6x
sYzKUF9bfPa5tUAX/DMo5y0UciW3lTZSgK5GufbcPE8pI5y84BCM3w+7GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDppZSow0S9oIfTMENeBqudVK5UMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWXLnWgl7
4pLNKzx8QrbxwyS/Yhoz+dXW9m6kK20iMlWpjAm2gQA7veVQ3vrJhFGTXeuuPxav
oUjLFYgC7Y8shcB8TmNmUPbYfF6VPvNO1QRUA6Inu15BfWcW1dc74uHse6mCWDKy
kpedSBdOP7omaPOOzJWv0nMVp+haDS9GhiTZHdf9CF6Yih7JmMc/vHHbfKICXekX
GGBX6bTVKV907ZsbiVWZBe8ElT5ywGCtXg+ob6d0VOPDROVJ2j0PSN+6bg5vjhrL
f4aaX6SjBv2o1FQlEP8g8ypp0JHhqJtn5XmabfhF+MmeVZM4kzBLXxCwtnmQ1Lgh
p27TzeaK4rsTzg==
-----END CERTIFICATE-----