Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          qiCBVYGQ+k/RR+axX5HETElaIFnPVdcA9h9rDw322UQ=
Subject key identifier:   EC:D4:EA:5C:F0:7A:BA:6D:70:F9:75:3B:2F:A4:57:06:D5:45:F8:BB
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       01977C79EF544DEED9A84C4599570C2A2902
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          149C
Signing time:             Tue 17 Jun 2025 06:00:55 +0000
Manifest this update:     Tue 17 Jun 2025 06:00:55 +0000
Manifest next update:     Wed 18 Jun 2025 06:00:55 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: p8OpwpctjviZX+g9eRmbAQIoaxNl/zrvPZ5NPja+blM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 06:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7c:79:ef:54:4d:ee:d9:a8:4c:45:99:57:0c:2a:29:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Jun 17 06:00:55 2025 GMT
            Not After : Jun 18 06:00:55 2025 GMT
        Subject: CN=ecd4ea5cf07aba6d70f9753b2fa45706d545f8bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:72:4f:ea:60:41:01:41:59:7e:ea:cc:b8:d0:
                    5d:05:15:c7:42:ea:f1:af:cf:bb:b6:32:db:0c:98:
                    a8:6d:ff:b7:0b:d6:53:9f:d7:e5:60:81:e9:03:b2:
                    4a:67:a8:77:ba:64:75:9b:c4:64:08:ac:b6:2e:c5:
                    11:13:4a:92:cb:5b:aa:ae:23:31:a9:b9:b2:76:cd:
                    4d:6b:16:c6:c3:e0:ab:c4:c1:97:ab:e5:ff:ee:77:
                    0e:56:12:9d:6a:81:dc:25:f9:b0:df:14:ef:dc:2a:
                    18:70:cb:e1:1a:f4:bf:3b:97:78:ed:c8:c8:90:1e:
                    66:95:b0:3a:09:ee:5f:8e:1c:84:44:8b:bc:de:67:
                    59:5d:77:c3:ed:1e:d6:af:f3:fa:7e:ca:db:4d:15:
                    a1:a4:cd:93:4a:d9:7e:bc:ce:7f:04:2c:db:95:5d:
                    8a:4e:08:8e:57:9c:a1:cd:83:bd:f3:ec:44:03:f7:
                    47:ab:10:91:a4:47:45:7b:25:19:35:86:94:fb:48:
                    c0:6c:de:d9:0b:93:9b:41:0b:48:8e:ad:fa:05:d5:
                    0d:11:1e:9d:8c:df:c3:43:c0:17:75:e1:de:35:aa:
                    06:4f:94:d1:3c:26:3c:57:7f:7d:49:d5:00:a2:5f:
                    96:9f:46:fd:e9:df:47:04:4b:be:0d:05:81:7c:df:
                    07:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D4:EA:5C:F0:7A:BA:6D:70:F9:75:3B:2F:A4:57:06:D5:45:F8:BB
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:c7:9e:a1:0b:ec:68:63:52:79:50:36:2a:8b:0b:5a:5c:14:
         1c:cd:0a:05:66:4f:18:f3:b9:ad:a6:3a:c7:6a:45:24:4d:a9:
         da:a7:00:23:75:06:c0:99:2e:82:1c:40:55:d9:0e:83:e9:2c:
         97:01:20:0e:ef:16:8e:16:57:8f:93:f8:8d:5b:35:bb:f0:01:
         24:43:0d:a1:e1:b7:f4:1d:83:9f:1a:af:aa:94:9f:1a:20:0e:
         e9:ca:4a:b7:96:f3:89:9a:b2:f9:ca:92:81:b1:eb:9f:69:0e:
         c9:b0:85:4f:3f:57:03:05:4a:35:de:f8:95:86:ad:0c:f7:ea:
         cd:bb:3a:ea:79:a6:4d:26:47:26:17:8e:da:f1:9f:b3:56:d6:
         3d:f2:e4:03:7a:44:4d:ea:47:8a:2e:a8:0f:04:33:cb:9e:5b:
         08:a8:66:dc:71:4f:3d:91:ee:bc:c8:45:e5:d0:6f:62:7e:1c:
         dc:b8:cb:c8:b0:db:36:4b:85:22:9d:bc:e0:d7:36:6b:22:57:
         fe:ac:bd:13:fb:63:67:ba:b4:aa:b3:2c:50:4f:bd:89:48:94:
         45:e7:62:79:59:62:a5:cf:94:bb:41:64:1d:9f:2d:ee:4e:bb:
         1f:ae:7f:2d:1e:2d:39:40:d0:ef:67:12:cb:08:6b:39:0d:ee:
         d3:8f:98:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd8ee9UTe7ZqExFmVcMKikCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNjE3MDYwMDU1WhcNMjUwNjE4MDYwMDU1WjAzMTEwLwYDVQQD
EyhlY2Q0ZWE1Y2YwN2FiYTZkNzBmOTc1M2IyZmE0NTcwNmQ1NDVmOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXJP6mBBAUFZfurMuNBdBRXHQurx
r8+7tjLbDJiobf+3C9ZTn9flYIHpA7JKZ6h3umR1m8RkCKy2LsURE0qSy1uqriMx
qbmyds1NaxbGw+CrxMGXq+X/7ncOVhKdaoHcJfmw3xTv3CoYcMvhGvS/O5d47cjI
kB5mlbA6Ce5fjhyERIu83mdZXXfD7R7Wr/P6fsrbTRWhpM2TStl+vM5/BCzblV2K
TgiOV5yhzYO98+xEA/dHqxCRpEdFeyUZNYaU+0jAbN7ZC5ObQQtIjq36BdUNER6d
jN/DQ8AXdeHeNaoGT5TRPCY8V399SdUAol+Wn0b96d9HBEu+DQWBfN8HcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzU6lzwerptcPl1Oy+kVwbVRfi7MB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtceeoQvs
aGNSeVA2KosLWlwUHM0KBWZPGPO5raY6x2pFJE2p2qcAI3UGwJkughxAVdkOg+ks
lwEgDu8WjhZXj5P4jVs1u/ABJEMNoeG39B2DnxqvqpSfGiAO6cpKt5bziZqy+cqS
gbHrn2kOybCFTz9XAwVKNd74lYatDPfqzbs66nmmTSZHJheO2vGfs1bWPfLkA3pE
TepHii6oDwQzy55bCKhm3HFPPZHuvMhF5dBvYn4c3LjLyLDbNkuFIp284Nc2ayJX
/qy9E/tjZ7q0qrMsUE+9iUiURedieVlipc+Uu0FkHZ8t7k67H65/LR4tOUDQ72cS
ywhrOQ3u04+Yqw==
-----END CERTIFICATE-----