Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          L67QPr5T0y0Vm4TbJtA1MPXTGoDOo2fax/24lFZO6Zo=
Subject key identifier:   28:AB:E6:3D:CD:AA:D5:50:FD:26:53:B8:7C:66:92:A5:13:38:6A:76
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       01987E2F0D331FE0AD276EDFC302221E2FF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0BDE
Signing time:             Wed 06 Aug 2025 07:01:09 +0000
Manifest this update:     Wed 06 Aug 2025 07:01:09 +0000
Manifest next update:     Thu 07 Aug 2025 07:01:09 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: HgttkXnyiCMZV3Im3j2XYsR8dIj0C5vMH1BvgwSQL2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 07:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:2f:0d:33:1f:e0:ad:27:6e:df:c3:02:22:1e:2f:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Aug  6 07:01:09 2025 GMT
            Not After : Aug  7 07:01:09 2025 GMT
        Subject: CN=28abe63dcdaad550fd2653b87c6692a513386a76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fc:18:e0:0c:f5:29:f2:be:96:1c:a5:1a:4d:
                    3b:99:9f:a8:18:29:09:74:d7:00:4d:f4:1a:c2:03:
                    77:cf:b1:c8:e3:0a:77:7c:4f:44:cf:6a:ef:83:1b:
                    ca:a9:a0:fb:2e:bd:61:81:8b:6c:0a:21:a6:41:1b:
                    2f:11:fb:a9:6f:0e:37:46:4f:5b:01:99:fb:4f:69:
                    8c:36:46:20:cc:35:07:e0:c2:7c:fe:72:0a:53:a3:
                    b7:b4:93:bf:ca:85:f8:8c:a9:75:74:33:de:aa:9d:
                    4b:5f:42:d1:10:4c:29:77:b9:42:6d:0f:1a:72:3d:
                    0f:81:0d:97:b9:40:86:88:d1:a4:4c:d8:24:6c:14:
                    a3:d6:7a:ca:8d:d6:4c:62:27:49:68:f7:49:b0:99:
                    85:0e:2c:a4:7d:61:ff:28:4d:bb:05:8c:04:01:5c:
                    10:6c:b7:d9:02:ae:5b:de:6b:39:92:c7:de:83:eb:
                    67:b9:15:cb:61:27:ea:a6:0a:dc:2e:ff:26:d0:96:
                    61:b6:29:82:58:ea:50:3e:c5:57:00:db:6f:1d:c0:
                    d4:a9:f5:5b:54:a9:99:00:a1:52:be:d8:f7:f4:ed:
                    d6:4c:58:0a:01:8b:c8:fc:eb:b9:b9:4e:60:d7:b7:
                    70:1b:3f:d4:68:5f:06:42:62:d8:d0:fe:b1:f0:cd:
                    d7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:AB:E6:3D:CD:AA:D5:50:FD:26:53:B8:7C:66:92:A5:13:38:6A:76
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:44:c3:93:1a:2a:dc:b1:d7:c0:f2:8e:25:b3:47:86:96:42:
         2d:cf:1d:48:47:4f:24:6f:43:a1:bc:a4:6e:51:f5:ba:28:42:
         81:d4:ed:a0:45:80:17:4c:33:bc:8c:9e:9f:81:4e:6a:68:01:
         0a:02:6e:61:e0:c9:18:ca:b1:0b:8c:8f:6e:5f:67:db:3e:bd:
         ec:f5:06:de:74:d8:84:23:62:ac:da:a8:1c:59:63:f0:b9:6a:
         03:70:22:68:26:e7:5c:01:d8:84:48:90:b1:9e:c9:6e:9f:0b:
         5c:de:48:d7:41:3a:57:2f:b3:f6:75:1f:26:82:56:8d:cd:1d:
         b8:0f:9b:99:8d:0f:08:b7:6a:3c:e3:f6:75:ba:9d:c5:9a:3d:
         8e:52:ee:50:47:24:f0:19:67:58:a8:eb:e0:62:bc:60:b9:52:
         f7:c8:8b:aa:b0:fd:2a:9f:9e:65:bf:d2:72:fd:58:6c:54:82:
         e2:b6:df:28:02:30:87:58:07:ed:29:ef:d1:e4:59:03:51:6f:
         66:ea:1b:df:2d:51:44:58:51:dc:de:89:b3:54:d7:9a:3c:ce:
         b4:3c:d9:7d:17:7c:d2:a0:25:2b:63:59:f8:ce:b6:2a:d4:e9:
         b4:1b:56:43:65:78:fc:42:80:2d:59:7e:03:cf:ba:43:c3:78:
         00:c6:ed:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+Lw0zH+CtJ27fwwIiHi/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjUwODA2MDcwMTA5WhcNMjUwODA3MDcwMTA5WjAzMTEwLwYDVQQD
EygyOGFiZTYzZGNkYWFkNTUwZmQyNjUzYjg3YzY2OTJhNTEzMzg2YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvwY4Az1KfK+lhylGk07mZ+oGCkJ
dNcATfQawgN3z7HI4wp3fE9Ez2rvgxvKqaD7Lr1hgYtsCiGmQRsvEfupbw43Rk9b
AZn7T2mMNkYgzDUH4MJ8/nIKU6O3tJO/yoX4jKl1dDPeqp1LX0LREEwpd7lCbQ8a
cj0PgQ2XuUCGiNGkTNgkbBSj1nrKjdZMYidJaPdJsJmFDiykfWH/KE27BYwEAVwQ
bLfZAq5b3ms5ksfeg+tnuRXLYSfqpgrcLv8m0JZhtimCWOpQPsVXANtvHcDUqfVb
VKmZAKFSvtj39O3WTFgKAYvI/Ou5uU5g17dwGz/UaF8GQmLY0P6x8M3XmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCir5j3NqtVQ/SZTuHxmkqUTOGp2MB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUTDkxoq
3LHXwPKOJbNHhpZCLc8dSEdPJG9DobykblH1uihCgdTtoEWAF0wzvIyen4FOamgB
CgJuYeDJGMqxC4yPbl9n2z697PUG3nTYhCNirNqoHFlj8LlqA3AiaCbnXAHYhEiQ
sZ7Jbp8LXN5I10E6Vy+z9nUfJoJWjc0duA+bmY0PCLdqPOP2dbqdxZo9jlLuUEck
8BlnWKjr4GK8YLlS98iLqrD9Kp+eZb/Scv1YbFSC4rbfKAIwh1gH7Snv0eRZA1Fv
Zuob3y1RRFhR3N6Js1TXmjzOtDzZfRd80qAlK2NZ+M62KtTptBtWQ2V4/EKALVl+
A8+6Q8N4AMbtgg==
-----END CERTIFICATE-----