Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          QyopaON2APtjzqlgiOQxU13VL8o53xE53vyJVzBaOaY=
Subject key identifier:   C3:6E:3F:FC:07:59:99:50:D8:58:29:0F:B0:D9:C8:29:42:47:3E:C8
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       01965DCCF4407FCA70E858928DCC59701317
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          1490
Signing time:             Tue 22 Apr 2025 14:00:34 +0000
Manifest this update:     Tue 22 Apr 2025 14:00:34 +0000
Manifest next update:     Wed 23 Apr 2025 14:00:34 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: OeIROd6w19K3ba1rQGUAjqIxsb6P7qxZQQQaUb+8jmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:cc:f4:40:7f:ca:70:e8:58:92:8d:cc:59:70:13:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Apr 22 14:00:34 2025 GMT
            Not After : Apr 23 14:00:34 2025 GMT
        Subject: CN=c36e3ffc07599950d858290fb0d9c82942473ec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:7e:59:f8:a5:05:4b:0e:09:4f:c3:34:43:ca:
                    8b:79:f8:4d:75:8a:a3:7d:47:cc:5d:ac:71:03:97:
                    60:09:08:0f:76:24:65:e6:96:b4:65:99:03:fb:cd:
                    71:b4:75:5e:70:73:85:47:7f:ff:94:8d:d6:94:26:
                    92:0a:d5:92:ff:d8:a9:e3:79:ec:82:59:85:b2:9b:
                    df:18:e8:be:1c:67:da:47:ad:4e:14:34:2b:82:55:
                    f5:26:71:6e:cf:e4:40:73:9d:e6:e8:bb:83:ca:5c:
                    ec:53:79:5b:cf:35:42:35:f8:de:ae:b0:db:9e:bf:
                    66:77:ac:73:22:e9:28:cd:98:e3:65:83:23:90:84:
                    20:cf:25:f5:8d:85:49:0c:8e:07:0f:d5:5d:57:9d:
                    33:ff:19:62:56:53:86:f1:ae:6a:11:9b:1d:0f:64:
                    4e:92:fc:8f:9c:4c:88:7c:6b:f9:d8:39:4b:81:12:
                    e8:54:b3:9a:97:cc:90:29:dc:67:9c:a9:1b:0d:7e:
                    c1:59:5b:76:af:7c:ea:63:b1:5a:13:e9:ef:fc:a6:
                    71:fb:68:6b:2b:d4:cb:39:18:c2:0d:e6:1e:15:73:
                    e8:ff:84:53:e8:c9:7a:77:c7:99:81:97:18:26:ba:
                    a9:b9:cc:71:d9:ff:40:c5:74:ec:69:22:dc:e8:b9:
                    25:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:6E:3F:FC:07:59:99:50:D8:58:29:0F:B0:D9:C8:29:42:47:3E:C8
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:96:54:f1:29:54:96:1d:41:6f:03:a0:47:24:d4:82:57:4f:
         62:fd:b1:d5:da:07:03:a1:14:03:1b:ad:bb:80:cd:8a:1c:e6:
         f4:c0:bf:a3:85:27:d4:a3:4c:26:e2:29:6f:00:1c:65:0d:f5:
         36:d9:8e:ff:71:89:8e:56:ce:b2:a2:43:31:e3:af:5f:29:aa:
         54:7f:bd:f6:64:98:2e:84:58:49:01:0a:91:cd:fb:f5:1f:b5:
         19:49:1a:d6:c7:9c:da:d8:dd:9c:cc:ae:00:c7:fc:1d:76:4d:
         3a:be:61:69:f1:3f:61:43:a2:8d:ad:19:e0:36:04:56:48:b8:
         6e:8a:16:57:cd:59:59:08:35:af:53:28:40:3b:29:f3:e4:6d:
         89:b9:01:9e:26:5a:62:03:e7:3b:38:06:2f:b4:f2:5f:b5:d1:
         45:e1:7a:49:e7:d7:1f:17:35:1f:40:b0:fe:b6:69:78:34:68:
         8c:b6:06:5c:92:5f:38:d3:21:9a:02:f4:bd:95:a8:0a:a2:df:
         5f:62:8b:f9:30:d0:8a:79:e8:15:9d:68:7e:26:3e:54:c1:9b:
         44:11:fc:a0:39:92:4c:ff:0b:2a:ad:9f:6b:5f:45:66:c4:48:
         de:df:24:8a:66:ab:8f:5d:e5:5d:d0:3d:85:9e:a6:e8:8e:34:
         54:c1:70:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdzPRAf8pw6FiSjcxZcBMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUwNDIyMTQwMDM0WhcNMjUwNDIzMTQwMDM0WjAzMTEwLwYDVQQD
EyhjMzZlM2ZmYzA3NTk5OTUwZDg1ODI5MGZiMGQ5YzgyOTQyNDczZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H5Z+KUFSw4JT8M0Q8qLefhNdYqj
fUfMXaxxA5dgCQgPdiRl5pa0ZZkD+81xtHVecHOFR3//lI3WlCaSCtWS/9ip43ns
glmFspvfGOi+HGfaR61OFDQrglX1JnFuz+RAc53m6LuDylzsU3lbzzVCNfjerrDb
nr9md6xzIukozZjjZYMjkIQgzyX1jYVJDI4HD9VdV50z/xliVlOG8a5qEZsdD2RO
kvyPnEyIfGv52DlLgRLoVLOal8yQKdxnnKkbDX7BWVt2r3zqY7FaE+nv/KZx+2hr
K9TLORjCDeYeFXPo/4RT6Ml6d8eZgZcYJrqpucxx2f9AxXTsaSLc6LkluQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNuP/wHWZlQ2FgpD7DZyClCRz7IMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoJZU8SlU
lh1BbwOgRyTUgldPYv2x1doHA6EUAxutu4DNihzm9MC/o4Un1KNMJuIpbwAcZQ31
NtmO/3GJjlbOsqJDMeOvXymqVH+99mSYLoRYSQEKkc379R+1GUka1sec2tjdnMyu
AMf8HXZNOr5hafE/YUOija0Z4DYEVki4booWV81ZWQg1r1MoQDsp8+RtibkBniZa
YgPnOzgGL7TyX7XRReF6SefXHxc1H0Cw/rZpeDRojLYGXJJfONMhmgL0vZWoCqLf
X2KL+TDQinnoFZ1ofiY+VMGbRBH8oDmSTP8LKq2fa19FZsRI3t8kimarj13lXdA9
hZ6m6I40VMFwpQ==
-----END CERTIFICATE-----