Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          yHhLjhZisOeigzpb+tlcuyPdUn/ZBcUCB8kMF2KJyGU=
Subject key identifier:   84:91:75:74:37:DD:80:F4:90:DE:08:20:A2:C9:88:10:69:EE:55:84
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019895FFEB5B8DCEECDBEC663B9EFB0089B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          09B3
Signing time:             Sun 10 Aug 2025 22:00:33 +0000
Manifest this update:     Sun 10 Aug 2025 22:00:33 +0000
Manifest next update:     Mon 11 Aug 2025 22:00:33 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: XrQUyDFz7Y+EYvb1vU6DfXBxn2XmruYW7meGCa65//A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 22:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:ff:eb:5b:8d:ce:ec:db:ec:66:3b:9e:fb:00:89:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Aug 10 22:00:33 2025 GMT
            Not After : Aug 11 22:00:33 2025 GMT
        Subject: CN=8491757437dd80f490de0820a2c9881069ee5584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:eb:df:53:ee:da:57:db:12:8d:e3:11:f3:0e:
                    5c:c7:40:14:64:3d:ed:e3:02:9e:1e:89:c9:a3:c9:
                    82:38:2e:39:d2:2e:4c:db:2b:97:e7:4d:56:c7:5f:
                    96:b5:0b:ba:ce:03:b3:85:5b:05:89:aa:64:34:1f:
                    0e:06:d3:de:01:02:44:74:cd:11:60:28:e0:a5:a6:
                    7d:0a:cd:c3:b9:b7:f3:6b:5f:f5:25:87:92:9b:18:
                    53:c3:90:eb:3b:fb:6e:f0:c8:ba:ee:ee:6f:1b:d7:
                    01:97:01:d1:50:cd:05:85:60:65:32:7e:2e:74:28:
                    e8:3f:1c:cf:66:db:88:2c:98:b6:56:12:25:37:82:
                    aa:cd:c3:f1:03:b2:01:4c:27:d7:62:ed:74:7b:72:
                    a5:11:8f:fd:bc:08:7d:52:89:b3:ae:6b:82:2b:16:
                    20:47:72:b4:1f:3b:54:18:9f:6a:0f:ed:cb:31:cc:
                    a4:f5:a4:1b:94:b0:7d:16:41:c9:f4:57:92:70:c2:
                    71:85:89:e2:7e:b8:ca:49:ac:fd:c8:57:8a:c7:08:
                    24:4a:8e:a3:7e:2f:72:23:14:3e:8d:3c:8b:02:af:
                    7e:e5:17:e5:f7:10:e8:a8:86:76:71:11:ae:b5:9b:
                    b6:99:37:5a:20:2f:be:d0:c9:80:55:91:f2:11:9c:
                    85:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:91:75:74:37:DD:80:F4:90:DE:08:20:A2:C9:88:10:69:EE:55:84
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:d2:5c:03:f3:60:5b:31:f2:6d:91:08:eb:4a:8c:b6:e4:99:
         66:97:5d:29:97:96:7e:d1:45:f3:62:b4:c8:5c:f1:20:00:5d:
         24:bc:a8:33:03:2e:cd:9d:d5:9f:37:8e:0e:5d:c7:cf:38:71:
         d9:73:a7:2e:56:71:d9:1a:b7:0f:c6:f2:16:1d:90:7b:4b:8d:
         d2:64:14:ff:71:35:11:ac:a9:5b:7e:ac:47:bb:31:ed:a3:85:
         3e:48:2a:4c:df:d4:9e:cc:07:fb:90:59:c8:9e:4e:1b:72:cc:
         70:11:d8:19:b3:2c:de:51:dc:4e:1b:8e:56:fd:43:8d:23:06:
         02:c6:90:c5:37:b1:6d:b8:ce:a0:d6:b9:c8:df:7d:fa:d4:5a:
         27:fa:6b:ff:42:e8:7b:32:50:c0:7d:1c:44:7c:57:70:07:b5:
         8d:7f:57:67:19:e5:ca:80:7b:b0:c7:58:88:cf:1d:19:e3:ce:
         46:85:ac:3b:e5:09:72:0e:0d:00:80:45:ab:c2:37:0a:a3:5a:
         6f:b0:be:d5:e9:c8:df:1e:07:0f:03:57:8e:a7:db:03:43:50:
         e6:bf:93:cb:a2:55:16:47:f1:87:07:5f:4e:f8:7e:30:ec:9e:
         6d:e1:95:2e:92:a3:46:49:f1:99:59:9a:c5:a4:c2:84:39:3a:
         ab:03:05:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiV/+tbjc7s2+xmO577AImzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwODEwMjIwMDMzWhcNMjUwODExMjIwMDMzWjAzMTEwLwYDVQQD
Eyg4NDkxNzU3NDM3ZGQ4MGY0OTBkZTA4MjBhMmM5ODgxMDY5ZWU1NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuvfU+7aV9sSjeMR8w5cx0AUZD3t
4wKeHonJo8mCOC450i5M2yuX501Wx1+WtQu6zgOzhVsFiapkNB8OBtPeAQJEdM0R
YCjgpaZ9Cs3Dubfza1/1JYeSmxhTw5DrO/tu8Mi67u5vG9cBlwHRUM0FhWBlMn4u
dCjoPxzPZtuILJi2VhIlN4KqzcPxA7IBTCfXYu10e3KlEY/9vAh9UomzrmuCKxYg
R3K0HztUGJ9qD+3LMcyk9aQblLB9FkHJ9FeScMJxhYnifrjKSaz9yFeKxwgkSo6j
fi9yIxQ+jTyLAq9+5Rfl9xDoqIZ2cRGutZu2mTdaIC++0MmAVZHyEZyFvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISRdXQ33YD0kN4IIKLJiBBp7lWEMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitJcA/Ng
WzHybZEI60qMtuSZZpddKZeWftFF82K0yFzxIABdJLyoMwMuzZ3VnzeODl3Hzzhx
2XOnLlZx2Rq3D8byFh2Qe0uN0mQU/3E1EaypW36sR7sx7aOFPkgqTN/UnswH+5BZ
yJ5OG3LMcBHYGbMs3lHcThuOVv1DjSMGAsaQxTexbbjOoNa5yN99+tRaJ/pr/0Lo
ezJQwH0cRHxXcAe1jX9XZxnlyoB7sMdYiM8dGePORoWsO+UJcg4NAIBFq8I3CqNa
b7C+1enI3x4HDwNXjqfbA0NQ5r+Ty6JVFkfxhwdfTvh+MOyebeGVLpKjRknxmVma
xaTChDk6qwMFsA==
-----END CERTIFICATE-----