Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          MAzoafK8+nYlIHq5XOv0aAG9qfOkyZ9deVemZ6sO4Ow=
Subject key identifier:   E9:BF:9E:5B:1C:8D:15:D5:51:28:58:35:35:D6:2B:58:E8:AA:F3:86
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       01989C71B8D11610E8CD67A018C793D93DFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          162A
Signing time:             Tue 12 Aug 2025 04:02:35 +0000
Manifest this update:     Tue 12 Aug 2025 04:02:35 +0000
Manifest next update:     Wed 13 Aug 2025 04:02:35 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: IL5ks5SznuxeSgFS7JvXm7bqaPI/G5cURNarJ/+4Huo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 04:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9c:71:b8:d1:16:10:e8:cd:67:a0:18:c7:93:d9:3d:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Aug 12 04:02:35 2025 GMT
            Not After : Aug 13 04:02:35 2025 GMT
        Subject: CN=e9bf9e5b1c8d15d55128583535d62b58e8aaf386
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b7:bf:ed:04:53:da:84:0c:84:a7:e4:cd:64:
                    24:de:46:0f:bf:77:b5:44:0e:cc:4e:4b:d4:1d:1e:
                    60:bd:1d:4a:1c:25:00:67:4a:99:08:14:d8:49:20:
                    e7:00:cc:1c:39:a8:43:b4:b3:53:29:57:d9:33:31:
                    0c:da:ec:9f:a9:5b:29:5a:b0:25:30:28:32:23:9a:
                    55:f7:bc:f4:bf:df:05:74:a4:bb:52:6b:4d:41:82:
                    ac:90:e5:13:9a:ee:34:54:3e:98:41:bf:63:dd:82:
                    18:f2:2e:a8:6d:68:fc:bd:10:8a:9a:df:09:9d:59:
                    c0:5f:c5:00:d8:6e:19:2e:01:c8:ee:86:3a:55:c7:
                    b4:74:5b:23:ac:5a:92:1f:67:67:34:d2:3a:3f:63:
                    0f:91:a8:17:42:2d:77:27:1a:46:b2:68:fd:12:d1:
                    84:4d:2a:78:a1:46:c5:99:d3:10:04:89:e7:20:1c:
                    14:4e:1e:ba:38:9c:25:c4:3f:6d:64:d9:3f:3a:00:
                    83:11:cb:da:de:95:ae:d5:4f:f2:0f:4f:ea:fe:e6:
                    b9:c6:b0:03:ba:49:9c:c0:ef:b6:06:49:0c:70:e7:
                    63:ca:f1:51:2f:b2:cf:9b:ac:cc:32:52:4d:ed:6f:
                    05:97:99:6a:39:0a:22:f2:ae:82:15:be:f8:38:d8:
                    1a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:BF:9E:5B:1C:8D:15:D5:51:28:58:35:35:D6:2B:58:E8:AA:F3:86
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:33:aa:1f:d5:ce:80:92:bf:cd:30:3c:e6:50:23:aa:21:c8:
         29:4b:09:29:1b:48:a7:b2:cb:fc:ff:e1:df:be:65:68:6f:75:
         cd:16:96:ce:7a:80:9d:e2:c0:a7:c7:a5:ce:38:30:20:5c:17:
         6c:a6:89:4f:92:85:32:ba:3b:ca:52:bb:af:aa:9c:85:e0:3c:
         3f:87:82:d1:a3:68:81:67:43:ea:f8:9b:95:63:40:77:b4:54:
         27:e3:f0:99:3e:76:72:10:aa:34:23:84:6f:3f:43:74:d7:ff:
         b8:1c:e8:22:20:aa:cf:7f:72:f8:84:c9:2b:5c:05:9c:4f:0b:
         d1:95:71:4f:63:51:d5:fd:fe:79:05:c5:d5:4a:a3:1c:8f:6d:
         5e:a1:fd:7b:35:bd:1a:30:76:54:6e:9d:d5:fa:f8:8b:13:14:
         35:e8:d0:71:e9:10:92:d0:65:c4:3d:f6:18:72:1d:80:f3:bb:
         19:c6:43:f4:0a:05:cf:67:3d:1e:b4:98:08:85:3b:34:93:9b:
         36:56:d7:8d:63:2c:30:8f:c2:c6:07:ba:af:c0:ed:4d:f7:08:
         6a:eb:2b:86:eb:d1:d0:bc:a2:c0:0c:7e:a3:e1:5c:96:08:ea:
         a5:3b:bd:26:c6:18:35:8e:4b:95:8a:17:90:60:ac:66:43:e6:
         1f:f4:b6:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiccbjRFhDozWegGMeT2T38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwODEyMDQwMjM1WhcNMjUwODEzMDQwMjM1WjAzMTEwLwYDVQQD
EyhlOWJmOWU1YjFjOGQxNWQ1NTEyODU4MzUzNWQ2MmI1OGU4YWFmMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsre/7QRT2oQMhKfkzWQk3kYPv3e1
RA7MTkvUHR5gvR1KHCUAZ0qZCBTYSSDnAMwcOahDtLNTKVfZMzEM2uyfqVspWrAl
MCgyI5pV97z0v98FdKS7UmtNQYKskOUTmu40VD6YQb9j3YIY8i6obWj8vRCKmt8J
nVnAX8UA2G4ZLgHI7oY6Vce0dFsjrFqSH2dnNNI6P2MPkagXQi13JxpGsmj9EtGE
TSp4oUbFmdMQBInnIBwUTh66OJwlxD9tZNk/OgCDEcva3pWu1U/yD0/q/ua5xrAD
ukmcwO+2BkkMcOdjyvFRL7LPm6zMMlJN7W8Fl5lqOQoi8q6CFb74ONgaPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOm/nlscjRXVUShYNTXWK1joqvOGMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDOqH9XO
gJK/zTA85lAjqiHIKUsJKRtIp7LL/P/h375laG91zRaWznqAneLAp8elzjgwIFwX
bKaJT5KFMro7ylK7r6qcheA8P4eC0aNogWdD6viblWNAd7RUJ+PwmT52chCqNCOE
bz9DdNf/uBzoIiCqz39y+ITJK1wFnE8L0ZVxT2NR1f3+eQXF1UqjHI9tXqH9ezW9
GjB2VG6d1fr4ixMUNejQcekQktBlxD32GHIdgPO7GcZD9AoFz2c9HrSYCIU7NJOb
NlbXjWMsMI/Cxge6r8DtTfcIausrhuvR0LyiwAx+o+FclgjqpTu9JsYYNY5LlYoX
kGCsZkPmH/S2LQ==
-----END CERTIFICATE-----