Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          Q0x/Fmkv5Tok8vC6jy9VbQ9+APkuEpqFwX7RZOUHCSk=
Subject key identifier:   2F:F5:57:8B:3D:9D:D4:D6:C9:5F:36:37:BC:18:5D:79:28:5E:29:FE
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       019A4F9933D6B32DB20FAE74B5CADCF2CE5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0CCF
Signing time:             Tue 04 Nov 2025 16:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:31 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: AB7Q1gXY+sMvuooHpFeoNNr/mFSCh0DtVoYV86DpEfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:33:d6:b3:2d:b2:0f:ae:74:b5:ca:dc:f2:ce:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Nov  4 16:00:31 2025 GMT
            Not After : Nov  5 16:00:31 2025 GMT
        Subject: CN=2ff5578b3d9dd4d6c95f3637bc185d79285e29fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a0:08:6b:8f:25:e2:73:cc:43:23:d5:05:f8:
                    e3:7f:ae:ad:4a:d3:e9:42:95:54:a9:f3:85:6b:16:
                    02:1b:34:16:52:7c:eb:cd:8b:77:b3:66:1a:00:29:
                    14:2f:51:7e:0d:82:23:17:ec:f9:f0:ea:84:56:63:
                    0b:89:af:a1:04:e4:92:3b:23:38:15:cf:a5:f5:28:
                    fb:14:71:13:5e:09:92:e4:75:02:3f:aa:3d:de:73:
                    b4:e7:15:bf:6c:2f:73:73:44:17:b8:bd:f6:4a:b3:
                    34:58:e3:a2:6f:93:1a:6a:73:0b:2c:c1:a3:61:35:
                    50:ec:19:62:13:c5:54:0b:94:8d:c9:6c:bf:29:0f:
                    52:73:21:8d:bb:f8:5d:88:77:07:f5:69:50:61:63:
                    ec:e9:84:2d:7f:8f:e6:75:52:fb:c0:48:d8:78:8d:
                    2f:7a:15:80:16:fe:00:42:d9:fb:02:30:05:11:17:
                    ce:e1:12:af:ab:ea:b7:c2:2c:12:7c:12:a3:f8:93:
                    3a:f5:fe:3b:f5:6f:f8:d0:0b:a8:68:fd:b1:bc:12:
                    5a:e5:33:1c:83:83:7b:bc:7e:68:44:58:79:4e:da:
                    1d:b4:bf:ea:28:e3:55:67:64:82:e2:67:f1:af:9e:
                    a4:c2:a2:16:12:a0:2e:4e:4b:9a:0a:72:c1:5f:4f:
                    35:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:F5:57:8B:3D:9D:D4:D6:C9:5F:36:37:BC:18:5D:79:28:5E:29:FE
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:b8:4b:67:02:21:3c:03:03:ed:e4:60:66:f9:56:b8:bc:57:
         d4:32:dd:51:82:88:42:9f:68:a3:03:99:cf:15:e2:df:0e:09:
         55:b1:94:18:ed:11:d9:32:43:dd:8b:1f:ce:22:3f:d2:18:ec:
         26:a8:84:15:02:a5:48:ca:3b:59:a4:ab:aa:c7:68:66:f0:24:
         78:b7:21:d1:d8:9d:a5:eb:f7:5e:7f:06:c7:df:4b:e2:f5:64:
         a4:df:86:98:62:77:7a:03:9b:be:18:e3:2a:ce:07:b9:b8:6f:
         9a:21:55:76:1b:c7:03:26:1c:f8:26:26:9f:c8:5a:70:81:46:
         22:44:03:c5:f6:e5:49:c0:00:22:43:45:cf:50:76:40:f5:50:
         d9:f8:ca:ef:d5:90:44:7b:21:fe:76:e0:8f:53:98:bc:f0:39:
         63:19:88:b6:32:1f:50:99:56:97:6a:a4:c5:1b:46:af:5e:8a:
         7c:bd:8a:8c:cd:f6:63:94:e2:32:6f:74:b7:4c:76:86:39:bd:
         70:26:e4:dd:e2:59:9b:fc:d9:8c:d5:6e:54:63:d7:fc:43:46:
         12:fa:b5:dc:eb:cb:03:cc:41:8d:56:8e:19:dc:f0:f8:f5:66:
         74:14:3a:f1:52:a4:b0:7d:64:c5:f9:ad:2b:c4:7a:ae:f8:be:
         10:18:e6:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmTPWsy2yD650tcrc8s5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjUxMTA0MTYwMDMxWhcNMjUxMTA1MTYwMDMxWjAzMTEwLwYDVQQD
EygyZmY1NTc4YjNkOWRkNGQ2Yzk1ZjM2MzdiYzE4NWQ3OTI4NWUyOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKAIa48l4nPMQyPVBfjjf66tStPp
QpVUqfOFaxYCGzQWUnzrzYt3s2YaACkUL1F+DYIjF+z58OqEVmMLia+hBOSSOyM4
Fc+l9Sj7FHETXgmS5HUCP6o93nO05xW/bC9zc0QXuL32SrM0WOOib5MaanMLLMGj
YTVQ7BliE8VUC5SNyWy/KQ9ScyGNu/hdiHcH9WlQYWPs6YQtf4/mdVL7wEjYeI0v
ehWAFv4AQtn7AjAFERfO4RKvq+q3wiwSfBKj+JM69f479W/40AuoaP2xvBJa5TMc
g4N7vH5oRFh5TtodtL/qKONVZ2SC4mfxr56kwqIWEqAuTkuaCnLBX081/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/1V4s9ndTWyV82N7wYXXkoXin+MB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqbhLZwIh
PAMD7eRgZvlWuLxX1DLdUYKIQp9oowOZzxXi3w4JVbGUGO0R2TJD3YsfziI/0hjs
JqiEFQKlSMo7WaSrqsdoZvAkeLch0didpev3Xn8Gx99L4vVkpN+GmGJ3egObvhjj
Ks4HubhvmiFVdhvHAyYc+CYmn8hacIFGIkQDxfblScAAIkNFz1B2QPVQ2fjK79WQ
RHsh/nbgj1OYvPA5YxmItjIfUJlWl2qkxRtGr16KfL2KjM32Y5TiMm90t0x2hjm9
cCbk3eJZm/zZjNVuVGPX/ENGEvq13OvLA8xBjVaOGdzw+PVmdBQ68VKksH1kxfmt
K8R6rvi+EBjmlw==
-----END CERTIFICATE-----