Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          Hy649PrCbnqUE8sVF7vngqTr28eeiHVWRBIq+Q5mOJc=
Subject key identifier:   CC:92:14:C5:CF:87:27:CB:B8:16:C4:12:17:A7:FC:34:10:E0:46:B0
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       01988B0E6358BCA12EF32BA319A8C04C5D6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          1528
Signing time:             Fri 08 Aug 2025 19:00:32 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:32 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:32 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: XjnoGIT8Zy5vYUmulX+nWxn+K12b5Z19D+j1tvG3f70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:63:58:bc:a1:2e:f3:2b:a3:19:a8:c0:4c:5d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Aug  8 19:00:32 2025 GMT
            Not After : Aug  9 19:00:32 2025 GMT
        Subject: CN=cc9214c5cf8727cbb816c41217a7fc3410e046b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:b6:f6:81:e2:3b:11:5e:18:67:ca:6e:f6:ac:
                    64:53:6a:b1:98:77:46:2c:be:67:93:96:05:9e:76:
                    c1:01:8f:5d:90:d5:23:b5:90:30:46:8f:c8:71:8a:
                    a3:2b:3c:68:0e:a9:50:77:bc:15:14:1d:57:22:15:
                    0d:02:d5:cc:4c:88:1e:59:98:da:38:ce:62:87:37:
                    5c:00:28:d6:a1:76:3e:0e:3b:16:3b:bf:eb:47:7d:
                    b7:3d:c6:06:89:11:08:d6:b0:b9:c1:c5:7f:97:bd:
                    57:04:63:e0:88:84:83:cb:23:d5:5e:2f:7d:ac:b2:
                    13:8d:9f:17:07:f1:c9:57:78:1a:fd:03:35:b0:57:
                    35:7a:9e:b6:ef:e0:c4:c1:7c:3d:f8:c7:ed:41:93:
                    39:41:0c:75:0d:d3:d9:7b:61:33:3c:a2:b9:8f:51:
                    e5:d2:41:1a:54:0b:a5:9d:bd:71:ec:1b:7f:1a:76:
                    05:84:c8:1c:2d:9f:a9:02:43:c7:54:da:d5:49:ce:
                    9b:d2:b4:76:53:39:29:5f:de:27:2e:79:1b:7a:1c:
                    db:a5:bf:48:e3:e1:6f:03:e4:5b:b0:1c:cd:60:78:
                    26:6f:86:1f:86:ab:29:d0:6d:cd:f3:71:50:c1:ed:
                    5b:f3:f0:0e:ea:8b:36:ef:ce:b8:fb:c3:40:b1:16:
                    5d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:92:14:C5:CF:87:27:CB:B8:16:C4:12:17:A7:FC:34:10:E0:46:B0
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:6e:49:d4:65:9c:99:19:3b:41:d0:bd:b5:a6:f2:27:92:62:
         7b:4e:79:f8:17:38:3c:38:39:24:99:f5:2a:4d:38:86:f6:3c:
         77:2f:24:29:81:0e:b4:63:1f:8a:cb:d8:5d:f3:f0:19:50:7b:
         70:2c:fd:df:65:ce:b2:99:6d:1b:b6:60:e5:8d:1f:3e:f5:9b:
         f8:ac:32:8e:a5:c8:fc:35:0d:b2:9b:98:f0:3b:ec:b1:e9:ab:
         1a:16:d6:87:6e:53:22:c2:ea:59:99:3b:2e:8a:0e:55:61:7c:
         f6:24:32:83:1a:0a:3d:52:b0:3d:10:f0:aa:30:5e:ff:de:57:
         04:62:a0:ff:b3:6a:79:44:2f:9e:2e:6b:ee:93:2c:73:df:31:
         38:51:d1:73:79:0a:b1:a7:fa:b4:46:f2:5d:12:1b:8b:51:e1:
         09:b0:04:90:12:13:18:58:84:01:05:14:d8:f0:de:e8:3d:48:
         d6:f5:4f:5e:bd:e1:0a:9c:f9:3b:e4:de:52:a4:dc:11:cb:b1:
         1e:ed:aa:17:ea:bb:e3:12:5e:aa:ad:40:84:35:bd:f7:77:23:
         9b:1a:84:69:34:28:1f:60:42:e7:f7:22:18:0a:83:b0:54:6c:
         47:13:86:57:df:95:c6:e7:74:7c:d8:01:78:5a:fa:58:2a:02:
         1a:ef:1f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDmNYvKEu8yujGajATF1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwODA4MTkwMDMyWhcNMjUwODA5MTkwMDMyWjAzMTEwLwYDVQQD
EyhjYzkyMTRjNWNmODcyN2NiYjgxNmM0MTIxN2E3ZmMzNDEwZTA0NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bb2geI7EV4YZ8pu9qxkU2qxmHdG
LL5nk5YFnnbBAY9dkNUjtZAwRo/IcYqjKzxoDqlQd7wVFB1XIhUNAtXMTIgeWZja
OM5ihzdcACjWoXY+DjsWO7/rR323PcYGiREI1rC5wcV/l71XBGPgiISDyyPVXi99
rLITjZ8XB/HJV3ga/QM1sFc1ep627+DEwXw9+MftQZM5QQx1DdPZe2EzPKK5j1Hl
0kEaVAulnb1x7Bt/GnYFhMgcLZ+pAkPHVNrVSc6b0rR2UzkpX94nLnkbehzbpb9I
4+FvA+RbsBzNYHgmb4Yfhqsp0G3N83FQwe1b8/AO6os27864+8NAsRZdiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMySFMXPhyfLuBbEEhen/DQQ4EawMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQW5J1GWc
mRk7QdC9tabyJ5Jie055+Bc4PDg5JJn1Kk04hvY8dy8kKYEOtGMfisvYXfPwGVB7
cCz932XOspltG7Zg5Y0fPvWb+KwyjqXI/DUNspuY8DvssemrGhbWh25TIsLqWZk7
LooOVWF89iQygxoKPVKwPRDwqjBe/95XBGKg/7NqeUQvni5r7pMsc98xOFHRc3kK
saf6tEbyXRIbi1HhCbAEkBITGFiEAQUU2PDe6D1I1vVPXr3hCpz5O+TeUqTcEcux
Hu2qF+q74xJeqq1AhDW993cjmxqEaTQoH2BC5/ciGAqDsFRsRxOGV9+Vxud0fNgB
eFr6WCoCGu8ftw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:32 2025 by rpki-client