Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.mft
File:                     Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.mft (raw, json)
Hash identifier:          ltBlMiMaIMY0jiU6pJCCwj5dMdst8uYqx6AT02c8j6I=
Subject key identifier:   13:1D:44:37:71:DE:3C:62:A3:FF:54:0E:7A:31:91:E8:73:56:0D:BF
Authority key identifier: 55:C9:A1:83:EE:3F:C0:A3:57:6C:1F:0C:A3:CC:99:77:30:9E:45:83
Certificate issuer:       /CN=55c9a183ee3fc0a3576c1f0ca3cc9977309e4583
Certificate serial:       019653EE958027706287141E92F63DFB42DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.mft
Manifest number:          0866
Signing time:             Sun 20 Apr 2025 16:01:06 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:06 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:06 +0000
Files and hashes:         1: Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.crl (hash: CeFqwFDn100utd/Yrolkb1DXpfx8LS5syo00vnGzhYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:95:80:27:70:62:87:14:1e:92:f6:3d:fb:42:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55c9a183ee3fc0a3576c1f0ca3cc9977309e4583
        Validity
            Not Before: Apr 20 16:01:06 2025 GMT
            Not After : Apr 21 16:01:06 2025 GMT
        Subject: CN=131d443771de3c62a3ff540e7a3191e873560dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0b:17:09:0f:69:95:89:5d:27:ff:9b:e5:a6:
                    c5:89:69:b9:17:da:04:18:d0:83:de:4b:e6:d3:7c:
                    e9:cd:d9:1b:a2:6e:8c:26:88:f7:bf:2a:c3:71:8e:
                    f5:45:66:9b:fe:d3:53:53:a8:b0:3b:8c:9f:c0:ac:
                    0e:f7:54:8a:bd:ce:c7:df:b8:f7:85:13:14:bb:ee:
                    b5:3a:8c:b9:ef:cb:de:5a:c3:83:4d:ae:ce:03:b6:
                    b0:ed:3c:f7:8d:ff:1b:90:13:8c:cb:04:fc:22:61:
                    1c:b8:06:f3:89:47:64:30:27:d7:40:19:12:73:b6:
                    c9:48:6c:a3:0b:3d:0e:f0:5b:e6:bb:87:f8:4c:70:
                    1b:be:20:d3:0c:04:4d:a1:cc:8b:54:18:e7:fd:48:
                    ea:71:1d:16:bc:8c:c6:69:d3:b7:4e:76:76:11:15:
                    3b:a1:93:c1:b7:f2:35:46:78:fd:df:b8:5c:07:74:
                    25:cf:f8:3b:74:43:cd:ba:22:2b:30:30:63:89:1e:
                    2a:13:94:88:cf:de:ed:42:c7:04:ed:a5:1e:13:1e:
                    60:27:9a:c1:96:e2:69:f2:04:0c:52:f3:97:8f:38:
                    f4:98:e5:05:04:d1:56:63:54:ba:35:ef:ed:fe:ea:
                    54:a4:94:c2:7f:23:0d:69:09:a2:92:0c:89:3c:b1:
                    97:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1D:44:37:71:DE:3C:62:A3:FF:54:0E:7A:31:91:E8:73:56:0D:BF
            X509v3 Authority Key Identifier:
                keyid:55:C9:A1:83:EE:3F:C0:A3:57:6C:1F:0C:A3:CC:99:77:30:9E:45:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/68c06a-693c-4938-8767-d2687d4c9efa/1/Vcmhg-4_wKNXbB8Mo8yZdzCeRYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:76:f7:1e:0e:44:9c:e6:de:ae:03:45:85:14:88:98:11:a0:
         7b:43:2f:b2:a9:6f:53:a3:ad:fb:0e:99:5c:fa:c6:91:1c:1c:
         84:81:d0:b4:55:76:3c:8d:3a:18:5d:6d:f3:ea:5c:a2:af:54:
         35:e6:5d:69:f1:4a:ff:d4:46:14:cb:2c:14:86:73:e0:30:53:
         8f:62:a5:26:49:71:98:09:7d:5a:44:56:fa:f5:09:81:7a:11:
         5b:f3:a6:00:ad:9c:ea:33:35:89:9b:f8:2a:91:73:1a:bb:fe:
         e5:64:13:e5:29:cc:e4:af:5f:a4:ee:02:f5:b9:67:44:0e:b3:
         2e:e9:1b:55:63:2c:01:28:43:b5:bc:93:b1:be:9b:2a:23:7c:
         17:39:64:2e:90:9a:2a:ff:eb:30:da:e4:42:d8:77:20:63:01:
         50:6f:d1:9b:1a:95:31:b8:d3:21:d8:5a:ae:dd:36:2b:cd:0d:
         35:55:40:73:bc:88:fb:78:3c:72:52:8a:07:d7:f7:df:54:af:
         af:e9:2e:be:2e:59:b4:2b:9a:00:7d:23:cc:82:28:6b:43:d9:
         e6:75:46:69:a6:a5:9f:ba:c4:88:7b:f9:19:1b:92:93:28:b0:
         c0:4b:7a:cb:83:03:8b:bb:1e:52:e5:93:a0:17:92:f4:77:a3:
         10:bb:28:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7pWAJ3BihxQekvY9+0LcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YzlhMTgzZWUzZmMwYTM1NzZjMWYwY2EzY2M5OTc3MzA5
ZTQ1ODMwHhcNMjUwNDIwMTYwMTA2WhcNMjUwNDIxMTYwMTA2WjAzMTEwLwYDVQQD
EygxMzFkNDQzNzcxZGUzYzYyYTNmZjU0MGU3YTMxOTFlODczNTYwZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogsXCQ9plYldJ/+b5abFiWm5F9oE
GNCD3kvm03zpzdkbom6MJoj3vyrDcY71RWab/tNTU6iwO4yfwKwO91SKvc7H37j3
hRMUu+61Ooy578veWsODTa7OA7aw7Tz3jf8bkBOMywT8ImEcuAbziUdkMCfXQBkS
c7bJSGyjCz0O8Fvmu4f4THAbviDTDARNocyLVBjn/UjqcR0WvIzGadO3TnZ2ERU7
oZPBt/I1Rnj937hcB3Qlz/g7dEPNuiIrMDBjiR4qE5SIz97tQscE7aUeEx5gJ5rB
luJp8gQMUvOXjzj0mOUFBNFWY1S6Ne/t/upUpJTCfyMNaQmikgyJPLGXOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMdRDdx3jxio/9UDnoxkehzVg2/MB8GA1UdIwQY
MBaAFFXJoYPuP8CjV2wfDKPMmXcwnkWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmNtaGctNF93S05YYkI4TW84eVpkekNlUllNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82OGMwNmEtNjkzYy00OTM4LTg3Njct
ZDI2ODdkNGM5ZWZhLzEvVmNtaGctNF93S05YYkI4TW84eVpkekNlUllNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82OGMwNmEtNjkzYy00OTM4LTg3NjctZDI2ODdkNGM5ZWZh
LzEvVmNtaGctNF93S05YYkI4TW84eVpkekNlUllNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlHb3Hg5E
nObergNFhRSImBGge0MvsqlvU6Ot+w6ZXPrGkRwchIHQtFV2PI06GF1t8+pcoq9U
NeZdafFK/9RGFMssFIZz4DBTj2KlJklxmAl9WkRW+vUJgXoRW/OmAK2c6jM1iZv4
KpFzGrv+5WQT5SnM5K9fpO4C9blnRA6zLukbVWMsAShDtbyTsb6bKiN8FzlkLpCa
Kv/rMNrkQth3IGMBUG/RmxqVMbjTIdhart02K80NNVVAc7yI+3g8clKKB9f331Sv
r+kuvi5ZtCuaAH0jzIIoa0PZ5nVGaaaln7rEiHv5GRuSkyiwwEt6y4MDi7seUuWT
oBeS9HejELsohQ==
-----END CERTIFICATE-----