Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          5MdT9s8UMgaF+2QCsKe/Sljml4uuu/SyprF87cHgaa0=
Subject key identifier:   59:09:5F:9B:D5:D9:C2:1A:4C:D5:A2:87:62:A3:FA:32:17:DE:2D:8E
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       01968B13B80A5A8D420DEA7733C95526FE12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          141F
Signing time:             Thu 01 May 2025 09:00:47 +0000
Manifest this update:     Thu 01 May 2025 09:00:47 +0000
Manifest next update:     Fri 02 May 2025 09:00:47 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: TUnkHOQbtaTh3F6VSqKt1RmY3pSRK3U9YKkWmEcjNww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:13:b8:0a:5a:8d:42:0d:ea:77:33:c9:55:26:fe:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: May  1 09:00:47 2025 GMT
            Not After : May  2 09:00:47 2025 GMT
        Subject: CN=59095f9bd5d9c21a4cd5a28762a3fa3217de2d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:60:d3:83:8f:78:8a:9f:55:3e:6b:22:1a:9f:
                    65:0f:b4:e5:ea:28:b1:d7:21:9a:e0:5c:47:05:31:
                    af:a0:71:66:90:bf:08:89:9c:66:e3:e4:95:45:2a:
                    3a:53:05:be:e8:b0:7f:55:71:e5:c0:8e:c5:45:f2:
                    2a:dd:31:5d:43:2c:80:f3:ea:a0:ab:e0:10:ba:01:
                    25:88:d3:12:c4:ba:73:9a:6d:0c:a3:16:9c:9e:36:
                    a9:d6:bb:06:fa:43:73:e1:cd:ed:0b:5c:72:3c:2b:
                    e5:2a:88:65:4a:54:56:dc:04:92:92:63:c4:c2:76:
                    4f:ef:fa:54:62:fb:73:77:74:84:2f:ac:9c:a5:37:
                    7b:d5:a5:80:3c:9e:a8:e8:67:f2:29:b8:36:fb:44:
                    f9:e8:00:f0:ba:9c:db:bd:f6:a2:21:5d:b5:1d:b9:
                    e0:99:ed:83:83:99:98:bd:e9:9c:29:15:7f:e3:c7:
                    8a:6a:f6:67:28:84:03:0f:e7:65:1e:e6:af:a4:8c:
                    5c:55:6f:41:0b:9b:e5:e4:cb:c0:96:1c:e7:85:8b:
                    a6:ba:71:1a:68:b7:66:0d:c4:33:90:50:68:d8:7b:
                    34:da:ca:f9:3b:11:c9:f7:90:42:c7:2e:1c:3c:e6:
                    48:a1:07:6a:e0:01:73:ed:2d:1c:7d:35:06:d5:bb:
                    98:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:09:5F:9B:D5:D9:C2:1A:4C:D5:A2:87:62:A3:FA:32:17:DE:2D:8E
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:39:1a:1f:06:0c:5e:e2:53:92:ac:ef:b2:e0:82:d6:17:c0:
         72:d0:fb:69:23:9c:8c:9b:4d:40:f8:c1:0d:e6:43:c6:a1:f1:
         57:6b:da:51:7a:3e:4b:10:4c:62:f4:05:07:af:bc:8e:3b:b3:
         a1:82:4b:99:c4:c5:87:57:b8:a6:2f:ea:bd:aa:ad:6c:c3:78:
         c0:ac:3c:09:7b:55:51:fe:62:52:12:e3:79:17:1b:b2:29:c7:
         ff:a4:49:51:1b:8b:27:b8:74:99:d7:81:1f:51:2d:ae:64:e0:
         37:41:65:25:1f:73:ce:3c:87:b1:29:b7:f7:43:99:3a:7f:8a:
         a4:f8:0c:2d:53:9f:2c:12:46:97:be:73:99:e4:d3:96:33:66:
         64:6b:fd:39:b3:eb:51:75:52:cd:3c:cc:14:65:16:fa:dd:91:
         91:96:6c:7c:fe:5f:3f:4f:49:f7:06:e1:24:51:ac:dc:64:21:
         04:6e:17:0f:4e:42:7c:9d:35:2c:6f:82:7f:fa:ad:a3:dc:6f:
         6d:2d:38:47:94:7d:b0:70:f5:42:a0:70:fc:cd:20:6f:59:8a:
         2d:96:ed:a5:df:69:69:ea:40:12:66:5d:a2:88:8e:13:80:fd:
         f8:61:e8:9f:9a:01:f7:ae:98:28:36:5b:2d:ab:88:f7:91:c1:
         cd:73:f9:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLE7gKWo1CDep3M8lVJv4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNTAxMDkwMDQ3WhcNMjUwNTAyMDkwMDQ3WjAzMTEwLwYDVQQD
Eyg1OTA5NWY5YmQ1ZDljMjFhNGNkNWEyODc2MmEzZmEzMjE3ZGUyZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmDTg494ip9VPmsiGp9lD7Tl6iix
1yGa4FxHBTGvoHFmkL8IiZxm4+SVRSo6UwW+6LB/VXHlwI7FRfIq3TFdQyyA8+qg
q+AQugEliNMSxLpzmm0Moxacnjap1rsG+kNz4c3tC1xyPCvlKohlSlRW3ASSkmPE
wnZP7/pUYvtzd3SEL6ycpTd71aWAPJ6o6GfyKbg2+0T56ADwupzbvfaiIV21Hbng
me2Dg5mYvemcKRV/48eKavZnKIQDD+dlHuavpIxcVW9BC5vl5MvAlhznhYumunEa
aLdmDcQzkFBo2Hs02sr5OxHJ95BCxy4cPOZIoQdq4AFz7S0cfTUG1buY4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkJX5vV2cIaTNWih2Kj+jIX3i2OMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtTkaHwYM
XuJTkqzvsuCC1hfActD7aSOcjJtNQPjBDeZDxqHxV2vaUXo+SxBMYvQFB6+8jjuz
oYJLmcTFh1e4pi/qvaqtbMN4wKw8CXtVUf5iUhLjeRcbsinH/6RJURuLJ7h0mdeB
H1EtrmTgN0FlJR9zzjyHsSm390OZOn+KpPgMLVOfLBJGl75zmeTTljNmZGv9ObPr
UXVSzTzMFGUW+t2RkZZsfP5fP09J9wbhJFGs3GQhBG4XD05CfJ01LG+Cf/qto9xv
bS04R5R9sHD1QqBw/M0gb1mKLZbtpd9paepAEmZdooiOE4D9+GHon5oB966YKDZb
LauI95HBzXP5Lw==
-----END CERTIFICATE-----