Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
File:                     vtJXlaaCsRmplIBal2V4U9dUoFw.mft (raw, json)
Hash identifier:          Vh5inLqneNKfw781WTskNPekFpSKMLA8N1x90vxRna8=
Subject key identifier:   ED:D0:05:35:3D:5B:04:FC:8A:3C:CF:1D:40:02:9D:72:F0:EE:84:CA
Authority key identifier: BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C
Certificate issuer:       /CN=bed25795a682b119a994805a97657853d754a05c
Certificate serial:       01976F9982B9E10DB128C28C800E445A28F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
Manifest number:          0A1E
Signing time:             Sat 14 Jun 2025 18:00:20 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:20 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:20 +0000
Files and hashes:         1: vtJXlaaCsRmplIBal2V4U9dUoFw.crl (hash: kmf6G2DMuJWjcIkp25hfO1HOeDSJlF6gXnfQw/Q+t/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:82:b9:e1:0d:b1:28:c2:8c:80:0e:44:5a:28:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bed25795a682b119a994805a97657853d754a05c
        Validity
            Not Before: Jun 14 18:00:20 2025 GMT
            Not After : Jun 15 18:00:20 2025 GMT
        Subject: CN=edd005353d5b04fc8a3ccf1d40029d72f0ee84ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:58:95:1d:91:2c:b4:89:ad:86:c1:90:2e:92:
                    6c:63:76:64:16:38:71:e0:85:b8:4a:1e:b7:07:cc:
                    f8:64:51:73:d4:e8:27:1c:76:df:9c:db:54:f3:22:
                    ee:e5:b8:79:d1:e3:6e:ad:ed:9d:13:aa:e5:57:6d:
                    f1:30:2c:2b:db:df:7e:b4:3b:c3:2f:f4:4f:b5:9e:
                    f3:7c:3c:bf:ca:95:bf:42:e0:05:31:b0:1c:b0:da:
                    7a:f7:bf:f6:13:f7:1c:49:1b:b4:8d:90:95:1c:5e:
                    67:50:0a:95:96:b2:02:e8:b7:3e:9f:d8:4b:1d:29:
                    8d:f5:20:0a:32:07:b9:ff:89:c9:39:66:7b:44:39:
                    0f:f8:24:34:eb:2d:f5:58:b9:98:50:30:ea:7e:df:
                    78:51:34:04:7b:30:ca:6e:e3:88:75:07:32:2d:1b:
                    b6:02:fe:e7:f4:7c:0c:93:2f:cf:c1:93:b9:2a:fd:
                    bd:be:3e:13:af:d8:53:45:ec:dd:ef:9f:eb:7f:ea:
                    c0:a9:cd:43:c3:de:d9:bc:a3:3e:11:16:5e:24:58:
                    cf:d8:57:b1:f7:39:1b:a7:3e:34:21:d3:fe:de:c9:
                    42:1a:00:0a:23:8d:82:64:79:05:e9:5c:f6:43:22:
                    60:e3:96:4f:16:a5:53:63:df:f4:59:e5:5f:7a:97:
                    1d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D0:05:35:3D:5B:04:FC:8A:3C:CF:1D:40:02:9D:72:F0:EE:84:CA
            X509v3 Authority Key Identifier:
                keyid:BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:28:75:b7:cf:7d:c9:9b:1c:2a:2c:c4:85:86:46:c3:88:9c:
         d9:2f:c4:aa:16:8a:84:6e:a0:bc:61:34:98:d4:cc:6e:72:62:
         ad:a4:c2:58:3b:68:cd:45:44:78:8d:65:d9:f6:f2:ca:94:a2:
         4e:28:2b:3c:0d:3a:e3:9a:37:78:e0:8b:32:ca:a5:81:7a:a6:
         37:73:db:3c:89:36:f9:87:c9:33:9d:ee:13:27:ea:b3:fc:ee:
         c7:52:55:c2:18:ce:c9:fc:1f:f3:8d:98:de:ad:1b:06:1b:ee:
         91:4e:c4:d8:78:f3:d8:21:e6:41:ae:52:44:f8:89:40:2d:f2:
         00:93:05:c0:49:09:f5:ad:c3:f9:a3:53:1c:77:19:38:13:93:
         75:7b:ac:d3:fd:cb:07:d5:17:b9:94:f5:7a:6e:d7:1a:09:73:
         25:b7:a4:44:cf:53:b4:22:b5:5a:14:f4:96:dd:65:dc:9b:46:
         89:b6:5c:b8:a5:a5:8f:fa:4f:df:91:2d:32:7e:20:a9:93:26:
         2f:5f:db:94:47:12:bc:04:f1:15:67:01:68:6e:9f:45:a4:c4:
         80:74:70:64:e7:74:bb:1e:6b:66:13:a7:9e:ca:33:f2:6a:f8:
         8f:ad:3b:dc:26:35:bf:87:c4:36:2e:55:2c:5e:3a:8a:8c:cd:
         15:25:16:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmYK54Q2xKMKMgA5EWij3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZDI1Nzk1YTY4MmIxMTlhOTk0ODA1YTk3NjU3ODUzZDc1
NGEwNWMwHhcNMjUwNjE0MTgwMDIwWhcNMjUwNjE1MTgwMDIwWjAzMTEwLwYDVQQD
EyhlZGQwMDUzNTNkNWIwNGZjOGEzY2NmMWQ0MDAyOWQ3MmYwZWU4NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFiVHZEstImthsGQLpJsY3ZkFjhx
4IW4Sh63B8z4ZFFz1OgnHHbfnNtU8yLu5bh50eNure2dE6rlV23xMCwr299+tDvD
L/RPtZ7zfDy/ypW/QuAFMbAcsNp697/2E/ccSRu0jZCVHF5nUAqVlrIC6Lc+n9hL
HSmN9SAKMge5/4nJOWZ7RDkP+CQ06y31WLmYUDDqft94UTQEezDKbuOIdQcyLRu2
Av7n9HwMky/PwZO5Kv29vj4Tr9hTRezd75/rf+rAqc1Dw97ZvKM+ERZeJFjP2Fex
9zkbpz40IdP+3slCGgAKI42CZHkF6Vz2QyJg45ZPFqVTY9/0WeVfepcdAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3QBTU9WwT8ijzPHUACnXLw7oTKMB8GA1UdIwQY
MBaAFL7SV5WmgrEZqZSAWpdleFPXVKBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQt
MTFkMGYyMGU4Y2IwLzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQtMTFkMGYyMGU4Y2Iw
LzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArCh1t899
yZscKizEhYZGw4ic2S/EqhaKhG6gvGE0mNTMbnJiraTCWDtozUVEeI1l2fbyypSi
TigrPA0645o3eOCLMsqlgXqmN3PbPIk2+YfJM53uEyfqs/zux1JVwhjOyfwf842Y
3q0bBhvukU7E2Hjz2CHmQa5SRPiJQC3yAJMFwEkJ9a3D+aNTHHcZOBOTdXus0/3L
B9UXuZT1em7XGglzJbekRM9TtCK1WhT0lt1l3JtGibZcuKWlj/pP35EtMn4gqZMm
L1/blEcSvATxFWcBaG6fRaTEgHRwZOd0ux5rZhOnnsoz8mr4j6073CY1v4fENi5V
LF46iozNFSUWVQ==
-----END CERTIFICATE-----