Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.mft
File:                     vit9mq7Mk5bKqKvf_a4MeCkdWk0.mft (raw, json)
Hash identifier:          ZVdI9o3jPiJiTHqvKuwt8b+21GjSRc0zkvC4oV1X0rA=
Subject key identifier:   85:AA:64:23:FF:23:0D:DD:39:F2:20:25:1D:F8:99:EC:8C:D9:94:91
Authority key identifier: BE:2B:7D:9A:AE:CC:93:96:CA:A8:AB:DF:FD:AE:0C:78:29:1D:5A:4D
Certificate issuer:       /CN=be2b7d9aaecc9396caa8abdffdae0c78291d5a4d
Certificate serial:       01984AAE9CB9FDB22B0A2D1A540C9A3A92EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vit9mq7Mk5bKqKvf_a4MeCkdWk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.mft
Manifest number:          8D
Signing time:             Sun 27 Jul 2025 07:00:13 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:13 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:13 +0000
Files and hashes:         1: vit9mq7Mk5bKqKvf_a4MeCkdWk0.crl (hash: SqyiYkbZ9DioMUfBFJQlK7FhymZSRCOM4BQSTQFEl2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vit9mq7Mk5bKqKvf_a4MeCkdWk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:9c:b9:fd:b2:2b:0a:2d:1a:54:0c:9a:3a:92:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be2b7d9aaecc9396caa8abdffdae0c78291d5a4d
        Validity
            Not Before: Jul 27 07:00:13 2025 GMT
            Not After : Jul 28 07:00:13 2025 GMT
        Subject: CN=85aa6423ff230ddd39f220251df899ec8cd99491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:1f:94:5a:e2:35:f7:95:44:28:39:4d:e5:be:
                    9f:73:35:7b:9e:a4:77:6c:d7:d8:02:09:34:4b:1b:
                    27:95:45:84:01:12:a7:43:d4:f2:59:89:c9:4c:a2:
                    7b:83:40:9d:7a:23:43:36:00:eb:fa:a2:43:81:35:
                    5d:b3:0d:2a:8d:a4:09:ef:00:5a:29:34:eb:e2:f9:
                    0a:ec:dd:f9:73:6c:ba:49:52:6c:f0:d5:85:cd:54:
                    2e:14:75:95:09:8e:2c:0a:d5:0a:e0:aa:ee:3f:3f:
                    82:1a:85:54:08:55:19:a7:a0:a2:c2:8a:4b:f1:03:
                    99:48:ba:a5:db:d6:84:af:8d:c9:97:5a:28:03:f7:
                    8d:1f:81:10:36:6c:cf:4c:71:8b:4e:2e:03:db:32:
                    2d:02:7b:08:95:d9:76:12:8a:19:58:a5:e4:03:e7:
                    c6:9a:97:46:26:15:f9:f2:0a:27:5b:84:0c:2e:08:
                    6a:57:65:6f:1a:7c:4b:ac:29:b6:e1:4c:4a:b5:c0:
                    eb:b8:39:f9:bf:24:3c:fb:d8:6b:22:5c:16:46:ca:
                    98:78:9a:36:13:2e:aa:5a:8d:9f:bb:0b:28:7e:ff:
                    a2:8e:4c:a3:18:05:dc:3a:cb:eb:bc:f1:f4:92:fb:
                    61:b1:e7:d3:57:67:72:3e:d8:26:9a:d0:aa:34:33:
                    40:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:AA:64:23:FF:23:0D:DD:39:F2:20:25:1D:F8:99:EC:8C:D9:94:91
            X509v3 Authority Key Identifier:
                keyid:BE:2B:7D:9A:AE:CC:93:96:CA:A8:AB:DF:FD:AE:0C:78:29:1D:5A:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vit9mq7Mk5bKqKvf_a4MeCkdWk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8278e-3bf8-4960-b4ad-68de6a0fea84/1/vit9mq7Mk5bKqKvf_a4MeCkdWk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:d3:ac:aa:bc:70:37:81:a6:10:b8:14:de:1e:71:ed:6c:e1:
         1c:13:fb:8f:9e:f2:96:7f:dd:71:98:76:a5:49:85:24:eb:4a:
         00:bc:79:58:ac:36:cf:36:29:cd:0e:8f:e8:e5:a7:08:17:0c:
         72:70:7d:1c:51:c6:69:ee:0c:8c:a0:15:cf:19:84:c5:86:1a:
         aa:04:12:bb:b2:4f:90:d0:d9:3f:86:d4:89:3e:25:d5:6e:8d:
         d0:2d:4b:7d:1c:90:d4:0c:ff:a7:2c:39:90:3e:e3:c8:73:62:
         f6:ed:09:fa:4a:69:42:71:d5:b3:da:88:21:59:2a:96:7c:bd:
         ba:28:a8:27:69:a6:7c:06:8a:3d:52:27:e7:0e:9c:43:a5:ee:
         84:4a:f9:f3:cc:76:0b:09:62:aa:b7:f3:be:81:31:f6:cd:29:
         d4:d1:77:50:e9:3e:12:67:b1:5b:a1:8a:92:5a:58:8c:5f:41:
         0e:bb:5d:6a:31:40:78:56:f6:e8:a0:17:1a:39:de:03:6e:bc:
         dd:47:33:ff:63:be:47:52:9e:0d:09:5c:01:9b:86:d3:a8:2b:
         e0:59:c3:cb:f4:63:88:f2:5d:3c:d7:03:de:8f:f4:83:96:c6:
         b3:35:34:af:6f:f7:67:5d:d1:9e:c6:0b:ac:7c:ae:be:a5:05:
         c0:3a:65:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKrpy5/bIrCi0aVAyaOpLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMmI3ZDlhYWVjYzkzOTZjYWE4YWJkZmZkYWUwYzc4Mjkx
ZDVhNGQwHhcNMjUwNzI3MDcwMDEzWhcNMjUwNzI4MDcwMDEzWjAzMTEwLwYDVQQD
Eyg4NWFhNjQyM2ZmMjMwZGRkMzlmMjIwMjUxZGY4OTllYzhjZDk5NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB+UWuI195VEKDlN5b6fczV7nqR3
bNfYAgk0SxsnlUWEARKnQ9TyWYnJTKJ7g0CdeiNDNgDr+qJDgTVdsw0qjaQJ7wBa
KTTr4vkK7N35c2y6SVJs8NWFzVQuFHWVCY4sCtUK4KruPz+CGoVUCFUZp6CiwopL
8QOZSLql29aEr43Jl1ooA/eNH4EQNmzPTHGLTi4D2zItAnsIldl2EooZWKXkA+fG
mpdGJhX58gonW4QMLghqV2VvGnxLrCm24UxKtcDruDn5vyQ8+9hrIlwWRsqYeJo2
Ey6qWo2fuwsofv+ijkyjGAXcOsvrvPH0kvthsefTV2dyPtgmmtCqNDNA9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWqZCP/Iw3dOfIgJR34meyM2ZSRMB8GA1UdIwQY
MBaAFL4rfZquzJOWyqir3/2uDHgpHVpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdml0OW1xN01rNWJLcUt2Zl9hNE1lQ2tkV2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mODI3OGUtM2JmOC00OTYwLWI0YWQt
NjhkZTZhMGZlYTg0LzEvdml0OW1xN01rNWJLcUt2Zl9hNE1lQ2tkV2swLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mODI3OGUtM2JmOC00OTYwLWI0YWQtNjhkZTZhMGZlYTg0
LzEvdml0OW1xN01rNWJLcUt2Zl9hNE1lQ2tkV2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB9Osqrxw
N4GmELgU3h5x7WzhHBP7j57yln/dcZh2pUmFJOtKALx5WKw2zzYpzQ6P6OWnCBcM
cnB9HFHGae4MjKAVzxmExYYaqgQSu7JPkNDZP4bUiT4l1W6N0C1LfRyQ1Az/pyw5
kD7jyHNi9u0J+kppQnHVs9qIIVkqlny9uiioJ2mmfAaKPVIn5w6cQ6XuhEr588x2
CwliqrfzvoEx9s0p1NF3UOk+EmexW6GKklpYjF9BDrtdajFAeFb26KAXGjneA268
3Ucz/2O+R1KeDQlcAZuG06gr4FnDy/RjiPJdPNcD3o/0g5bGszU0r2/3Z13RnsYL
rHyuvqUFwDplOQ==
-----END CERTIFICATE-----