Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          Ott2geue78eh38uclR+lH6OOOgj3HH21Qnn9+WbFy2M=
Subject key identifier:   E2:73:99:C9:DB:0A:BC:EE:E3:51:93:BC:58:2A:D9:1E:04:A3:76:02
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019690713E935689725ACB8AE2EE90B09363
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          08A7
Signing time:             Fri 02 May 2025 10:01:02 +0000
Manifest this update:     Fri 02 May 2025 10:01:02 +0000
Manifest next update:     Sat 03 May 2025 10:01:02 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: HWZG1tpUTun7mzozRBmxeTVTqrjg/CW5iEMKiHvLXxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:71:3e:93:56:89:72:5a:cb:8a:e2:ee:90:b0:93:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: May  2 10:01:02 2025 GMT
            Not After : May  3 10:01:02 2025 GMT
        Subject: CN=e27399c9db0abceee35193bc582ad91e04a37602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:2d:b2:c3:c5:30:1f:85:fc:7b:fa:92:1c:74:
                    4d:98:f8:50:d9:96:63:d5:b2:bf:74:a4:ae:8e:b9:
                    42:fa:5a:a7:1f:54:84:b6:2a:5f:28:11:dd:0e:39:
                    c2:0e:8e:e8:88:de:84:d0:f6:8a:2a:64:1d:8f:9a:
                    e8:d8:4f:af:27:78:a8:5e:83:d5:a0:a1:1e:f1:97:
                    b2:87:99:37:c8:a4:ab:28:5b:96:83:d5:74:b2:da:
                    96:57:85:7f:1c:a7:42:ee:64:cf:d3:fc:cf:dd:57:
                    0a:91:af:f8:c5:45:64:ca:90:28:e0:a6:23:dd:bc:
                    f3:d5:f1:0a:e6:b7:83:d1:3a:1c:18:33:a7:ae:ab:
                    ab:be:97:3c:89:45:ec:1e:cd:9b:14:2a:f2:ce:46:
                    fa:e7:3e:36:91:d9:22:3b:bb:7b:d0:ce:8c:e0:c9:
                    08:b4:73:df:81:4c:3e:a8:40:ec:a8:ad:28:44:31:
                    74:82:42:c9:c9:c5:de:05:17:08:56:a5:a4:e1:4f:
                    98:09:69:aa:65:73:0e:b4:ff:f0:e9:68:e7:b4:24:
                    df:f3:98:98:be:04:04:c3:0d:01:0d:93:0e:85:43:
                    e4:d2:a9:44:75:8e:7c:87:a4:b3:49:9b:8c:2e:5b:
                    77:b3:0b:0e:df:e8:3a:03:e9:7a:f8:48:bc:b9:40:
                    99:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:73:99:C9:DB:0A:BC:EE:E3:51:93:BC:58:2A:D9:1E:04:A3:76:02
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:27:f8:a4:76:50:6f:52:da:28:e0:02:ef:58:7f:3e:85:58:
         3d:ab:fb:a3:4a:fd:15:4a:54:9f:dc:5b:47:b2:95:0b:f8:e9:
         35:86:4f:9d:0a:91:fe:ef:29:96:e8:0e:39:d6:5d:aa:f1:50:
         0f:7a:e6:36:8e:f0:b9:46:e1:61:2f:29:12:bd:9f:b5:3c:90:
         eb:5d:ba:d0:b4:7f:9d:06:b5:01:a6:fb:2c:f2:e4:e8:57:89:
         c0:80:6e:e1:e3:04:e0:f7:f7:3a:11:a5:6d:61:d2:e5:97:6b:
         9b:2b:5b:ea:b5:64:7e:80:ff:e7:8c:0a:f7:3b:1b:16:df:e6:
         46:24:bb:34:18:b7:2b:38:e4:58:3d:d5:64:86:98:37:fb:01:
         f5:4e:29:1f:43:ae:3a:03:bc:03:51:de:ef:ee:ec:6a:e4:10:
         ad:dc:22:8d:b7:3b:42:8e:26:31:dc:30:10:18:4e:2b:a6:a0:
         0e:04:c4:3d:23:a4:af:3f:2b:11:15:c2:40:c6:12:0e:32:e0:
         90:e5:f1:6a:05:c4:2f:32:48:bc:4e:aa:79:45:97:8c:d6:a5:
         03:42:01:02:76:32:c2:7b:22:b2:0a:f4:ea:5b:77:71:ca:93:
         52:f9:73:2d:cf:fe:ad:ed:c4:76:55:eb:3d:d5:61:41:e2:e1:
         86:3c:3f:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQcT6TVolyWsuK4u6QsJNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwNTAyMTAwMTAyWhcNMjUwNTAzMTAwMTAyWjAzMTEwLwYDVQQD
EyhlMjczOTljOWRiMGFiY2VlZTM1MTkzYmM1ODJhZDkxZTA0YTM3NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni2yw8UwH4X8e/qSHHRNmPhQ2ZZj
1bK/dKSujrlC+lqnH1SEtipfKBHdDjnCDo7oiN6E0PaKKmQdj5ro2E+vJ3ioXoPV
oKEe8Zeyh5k3yKSrKFuWg9V0stqWV4V/HKdC7mTP0/zP3VcKka/4xUVkypAo4KYj
3bzz1fEK5reD0TocGDOnrqurvpc8iUXsHs2bFCryzkb65z42kdkiO7t70M6M4MkI
tHPfgUw+qEDsqK0oRDF0gkLJycXeBRcIVqWk4U+YCWmqZXMOtP/w6WjntCTf85iY
vgQEww0BDZMOhUPk0qlEdY58h6SzSZuMLlt3swsO3+g6A+l6+Ei8uUCZ0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJzmcnbCrzu41GTvFgq2R4Eo3YCMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALSf4pHZQ
b1LaKOAC71h/PoVYPav7o0r9FUpUn9xbR7KVC/jpNYZPnQqR/u8plugOOdZdqvFQ
D3rmNo7wuUbhYS8pEr2ftTyQ61260LR/nQa1Aab7LPLk6FeJwIBu4eME4Pf3OhGl
bWHS5Zdrmytb6rVkfoD/54wK9zsbFt/mRiS7NBi3KzjkWD3VZIaYN/sB9U4pH0Ou
OgO8A1He7+7sauQQrdwijbc7Qo4mMdwwEBhOK6agDgTEPSOkrz8rERXCQMYSDjLg
kOXxagXELzJIvE6qeUWXjNalA0IBAnYywnsisgr06lt3ccqTUvlzLc/+re3EdlXr
PdVhQeLhhjw/og==
-----END CERTIFICATE-----