Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          NZ7xnzfpl8ICSx+XnyqXuhRZ49E/KuHxnJQsZGGLKuQ=
Subject key identifier:   20:00:D6:7B:7C:5B:0E:67:B2:B8:6D:EB:BF:6A:94:FB:B2:13:46:4C
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       019A4DE1BEEF119EA84C55ADB99A527B9D5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          169A
Signing time:             Tue 04 Nov 2025 08:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:31 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: TnbcTc74h44S5phcikR2mhn737xKJpfO+lcIcS9RJTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:be:ef:11:9e:a8:4c:55:ad:b9:9a:52:7b:9d:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Nov  4 08:00:31 2025 GMT
            Not After : Nov  5 08:00:31 2025 GMT
        Subject: CN=2000d67b7c5b0e67b2b86debbf6a94fbb213464c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c0:6f:b9:33:fe:f6:cd:74:d4:71:d3:18:09:
                    1e:d1:5d:7c:0e:dd:72:75:f7:fb:25:77:49:01:67:
                    eb:f1:00:34:38:31:ab:65:90:7e:ae:99:57:fd:0f:
                    03:70:d1:0c:2c:4d:b0:1f:70:34:8d:a1:a3:78:cc:
                    f4:9a:ef:c6:37:41:ce:c1:e7:e1:fa:e1:cd:03:ff:
                    07:92:d3:0c:de:66:82:87:c7:e9:27:dd:08:22:cf:
                    dd:21:f3:54:69:94:03:68:b8:c2:41:5d:c0:29:42:
                    48:fd:44:a1:ce:e0:58:03:c8:e9:6b:a4:6c:13:4c:
                    07:d1:32:93:f2:96:a2:b4:8d:55:4a:15:21:d7:0e:
                    49:8a:bb:14:2b:1e:30:f8:d3:1c:de:10:97:c5:e7:
                    24:2f:fc:ae:51:4d:02:45:f9:a5:24:a4:84:4d:d1:
                    87:70:42:3f:d5:ab:4b:2b:6d:be:2b:ea:02:8e:83:
                    6b:42:89:7d:18:75:46:c3:26:61:79:d9:1c:ad:c7:
                    20:e3:de:8e:cc:f3:ef:e5:d5:ea:98:a9:06:3a:19:
                    46:f2:37:e9:20:19:48:3d:d5:f5:3b:04:fc:dc:1b:
                    a0:84:3c:fa:4f:3f:9a:0a:58:58:52:15:41:6f:f8:
                    c4:7a:fb:6e:75:ac:b2:b9:f0:30:c0:d1:88:71:2a:
                    ab:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:00:D6:7B:7C:5B:0E:67:B2:B8:6D:EB:BF:6A:94:FB:B2:13:46:4C
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:de:5e:d2:63:55:5a:72:63:92:6b:af:cc:ae:0e:24:cf:66:
         06:19:34:0e:08:5f:38:56:80:d5:54:c5:ca:95:16:ba:17:2f:
         c3:88:4e:77:ac:50:32:f3:41:1e:b3:a9:d2:42:02:98:f0:11:
         bb:55:cc:c7:aa:5a:96:bf:2f:b4:c3:10:92:75:41:dd:28:90:
         eb:5d:79:33:ce:86:de:4c:72:ae:61:3c:2b:27:e6:71:e1:b9:
         da:5d:9c:88:08:27:f3:85:a4:2b:71:16:6e:c6:f1:39:62:2c:
         a7:f7:63:20:ec:7d:58:5f:23:aa:2d:dc:e5:f9:a9:28:54:aa:
         57:44:5e:1d:53:c5:c6:7d:84:11:9b:81:61:61:1a:e9:b5:91:
         08:d7:6a:91:c3:a0:13:65:2d:98:16:ec:99:a1:3e:67:46:fd:
         f3:5d:cf:01:31:d7:89:ab:86:9f:74:4d:76:ea:8a:3b:6c:45:
         4d:37:1a:2f:fa:15:56:80:80:36:9a:31:dd:38:c8:89:13:fa:
         f4:df:be:f5:f4:e8:00:a8:60:03:13:3e:ab:33:b9:b4:98:2d:
         3c:b2:27:be:b0:8c:9f:e3:13:04:f4:b8:50:bc:7c:51:2d:8f:
         a2:d1:9a:20:49:87:c5:a6:7d:42:6c:90:cf:85:e4:15:48:22:
         d9:8a:95:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4b7vEZ6oTFWtuZpSe51bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUxMTA0MDgwMDMxWhcNMjUxMTA1MDgwMDMxWjAzMTEwLwYDVQQD
EygyMDAwZDY3YjdjNWIwZTY3YjJiODZkZWJiZjZhOTRmYmIyMTM0NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosBvuTP+9s101HHTGAke0V18Dt1y
dff7JXdJAWfr8QA0ODGrZZB+rplX/Q8DcNEMLE2wH3A0jaGjeMz0mu/GN0HOwefh
+uHNA/8HktMM3maCh8fpJ90IIs/dIfNUaZQDaLjCQV3AKUJI/UShzuBYA8jpa6Rs
E0wH0TKT8paitI1VShUh1w5JirsUKx4w+NMc3hCXxeckL/yuUU0CRfmlJKSETdGH
cEI/1atLK22+K+oCjoNrQol9GHVGwyZhedkcrccg496OzPPv5dXqmKkGOhlG8jfp
IBlIPdX1OwT83BughDz6Tz+aClhYUhVBb/jEevtudayyufAwwNGIcSqr1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAA1nt8Ww5nsrht679qlPuyE0ZMMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlt5e0mNV
WnJjkmuvzK4OJM9mBhk0DghfOFaA1VTFypUWuhcvw4hOd6xQMvNBHrOp0kICmPAR
u1XMx6palr8vtMMQknVB3SiQ6115M86G3kxyrmE8KyfmceG52l2ciAgn84WkK3EW
bsbxOWIsp/djIOx9WF8jqi3c5fmpKFSqV0ReHVPFxn2EEZuBYWEa6bWRCNdqkcOg
E2UtmBbsmaE+Z0b9813PATHXiauGn3RNduqKO2xFTTcaL/oVVoCANpox3TjIiRP6
9N++9fToAKhgAxM+qzO5tJgtPLInvrCMn+MTBPS4ULx8US2PotGaIEmHxaZ9QmyQ
z4XkFUgi2YqVPQ==
-----END CERTIFICATE-----