Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          Yb5Yv4w2ttcISnKamgPsEWI+heM0OC+4L0S60LBmPqc=
Subject key identifier:   9A:D0:DB:E9:CB:8A:11:8D:80:50:78:75:C7:17:FF:13:97:A8:00:92
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       0198A128BF26EFF9C36BBF63CC73F981F595
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          15BC
Signing time:             Wed 13 Aug 2025 02:00:58 +0000
Manifest this update:     Wed 13 Aug 2025 02:00:58 +0000
Manifest next update:     Thu 14 Aug 2025 02:00:58 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: fzUm4nRmjLLWJwXngoutchJlSzEMwO3xVFYd+syDTtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a1:28:bf:26:ef:f9:c3:6b:bf:63:cc:73:f9:81:f5:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Aug 13 02:00:58 2025 GMT
            Not After : Aug 14 02:00:58 2025 GMT
        Subject: CN=9ad0dbe9cb8a118d80507875c717ff1397a80092
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2f:b2:78:b0:d5:b7:4a:12:41:92:2d:c3:a1:
                    50:d1:25:15:34:0e:43:fa:12:d2:e6:6f:89:f7:20:
                    a1:69:13:3b:d3:00:7c:69:83:b8:19:db:00:c9:15:
                    87:ab:8c:e1:e3:10:a3:3b:28:92:3d:b1:d0:3f:57:
                    43:f0:55:51:35:ba:67:7e:e7:87:fd:89:80:af:b3:
                    b9:4e:1f:2b:67:6a:fe:ea:af:27:48:5e:ad:33:13:
                    87:e3:78:14:7b:38:ae:4a:69:6b:53:e0:10:05:c6:
                    f1:ef:6e:36:2f:44:86:9e:ac:cb:43:e8:3a:95:31:
                    d5:05:54:fc:6d:a6:d1:5f:3b:4d:50:a6:e5:50:f9:
                    7b:34:30:38:3e:0a:88:78:3a:a6:53:29:59:18:66:
                    de:70:52:1d:e2:a2:95:79:78:ce:ff:fb:f6:5a:de:
                    29:98:37:d5:50:dd:a4:8d:c6:94:c4:c0:05:49:3f:
                    68:a4:29:b4:47:85:9d:a8:9c:95:d1:fb:f3:cf:82:
                    fa:63:94:f6:45:b6:a8:4c:d4:d7:64:8c:88:63:d0:
                    31:90:2d:df:2e:a5:39:67:cf:21:93:66:dd:7f:76:
                    7d:f4:07:bb:a7:6d:f0:cb:30:ca:b8:de:a6:0f:12:
                    7d:ef:14:4e:86:a4:47:26:13:3e:41:60:37:53:5c:
                    7f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:D0:DB:E9:CB:8A:11:8D:80:50:78:75:C7:17:FF:13:97:A8:00:92
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:d9:65:92:ef:36:21:c7:10:7f:fc:bb:ed:fd:ad:f1:27:0d:
         d6:28:ea:bf:de:52:ba:af:6d:f5:bf:aa:5b:44:c2:93:ab:ef:
         9b:2e:82:fa:d8:04:3d:6a:5c:e0:b6:5d:9b:7d:88:86:65:d2:
         9a:4b:2a:d0:8e:66:22:79:f4:fc:4f:da:1b:d9:36:3a:46:60:
         7c:46:44:97:9c:5f:37:af:56:da:cd:54:d9:c0:b6:88:fd:4a:
         4b:cb:ff:94:6e:fc:9e:5e:1b:35:1e:50:8d:1d:fc:17:a2:74:
         8f:91:89:d8:64:77:c3:08:83:89:1a:a0:f7:4e:35:a9:09:b7:
         61:a2:53:76:95:87:e9:a7:e4:12:17:0b:3a:3d:a3:ad:2d:d4:
         9a:8a:61:22:ea:ad:84:ff:a0:fb:8d:35:b7:0c:84:54:e8:6e:
         f2:2a:ab:2d:c7:0a:a5:dd:64:b5:aa:a4:d1:82:92:00:f4:24:
         33:19:85:c0:2a:7c:dc:08:99:71:50:c0:6b:37:69:89:7b:a0:
         ac:8a:46:e7:9a:be:3f:e7:11:0d:27:0e:72:a8:98:ee:49:d0:
         ac:f6:4f:2c:2d:05:a2:26:26:d7:d1:6a:6c:3b:20:00:64:a1:
         f4:b3:ba:a7:96:fc:bd:33:e9:78:f7:30:ed:d5:5c:e9:24:a5:
         07:a7:39:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZihKL8m7/nDa79jzHP5gfWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUwODEzMDIwMDU4WhcNMjUwODE0MDIwMDU4WjAzMTEwLwYDVQQD
Eyg5YWQwZGJlOWNiOGExMThkODA1MDc4NzVjNzE3ZmYxMzk3YTgwMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi+yeLDVt0oSQZItw6FQ0SUVNA5D
+hLS5m+J9yChaRM70wB8aYO4GdsAyRWHq4zh4xCjOyiSPbHQP1dD8FVRNbpnfueH
/YmAr7O5Th8rZ2r+6q8nSF6tMxOH43gUeziuSmlrU+AQBcbx7242L0SGnqzLQ+g6
lTHVBVT8babRXztNUKblUPl7NDA4PgqIeDqmUylZGGbecFId4qKVeXjO//v2Wt4p
mDfVUN2kjcaUxMAFST9opCm0R4WdqJyV0fvzz4L6Y5T2RbaoTNTXZIyIY9AxkC3f
LqU5Z88hk2bdf3Z99Ae7p23wyzDKuN6mDxJ97xROhqRHJhM+QWA3U1x/jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrQ2+nLihGNgFB4dccX/xOXqACSMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9llku82
IccQf/y77f2t8ScN1ijqv95Suq9t9b+qW0TCk6vvmy6C+tgEPWpc4LZdm32IhmXS
mksq0I5mInn0/E/aG9k2OkZgfEZEl5xfN69W2s1U2cC2iP1KS8v/lG78nl4bNR5Q
jR38F6J0j5GJ2GR3wwiDiRqg9041qQm3YaJTdpWH6afkEhcLOj2jrS3UmophIuqt
hP+g+401twyEVOhu8iqrLccKpd1ktaqk0YKSAPQkMxmFwCp83AiZcVDAazdpiXug
rIpG55q+P+cRDScOcqiY7knQrPZPLC0FoiYm19FqbDsgAGSh9LO6p5b8vTPpePcw
7dVc6SSlB6c55Q==
-----END CERTIFICATE-----