Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft
File:                     VmczL0gJQe01gDssBLhPNyjTkpc.mft (raw, json)
Hash identifier:          PUTPuv+NI+X/4Y2txboYrFlg97k61mX0SqA7aX7FScY=
Subject key identifier:   C9:0B:8E:6E:BB:2D:DA:24:E8:8C:DA:D7:A0:78:7F:09:E7:BD:11:84
Authority key identifier: 56:67:33:2F:48:09:41:ED:35:80:3B:2C:04:B8:4F:37:28:D3:92:97
Certificate issuer:       /CN=5667332f480941ed35803b2c04b84f3728d39297
Certificate serial:       019A725CB751F9A7C1BA0C3EF193166C4847
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmczL0gJQe01gDssBLhPNyjTkpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft
Manifest number:          0110
Signing time:             Tue 11 Nov 2025 10:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:10 +0000
Files and hashes:         1: VmczL0gJQe01gDssBLhPNyjTkpc.crl (hash: 7ARXu0RDR5fKc6uK02tNPYpjuXhbLoInjXxl/Bq0MpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmczL0gJQe01gDssBLhPNyjTkpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:b7:51:f9:a7:c1:ba:0c:3e:f1:93:16:6c:48:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5667332f480941ed35803b2c04b84f3728d39297
        Validity
            Not Before: Nov 11 10:01:10 2025 GMT
            Not After : Nov 12 10:01:10 2025 GMT
        Subject: CN=c90b8e6ebb2dda24e88cdad7a0787f09e7bd1184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:15:bd:76:28:a7:f9:29:2a:7b:7b:2a:37:03:
                    3c:e9:d6:fe:46:ec:11:d6:57:c7:90:6d:ac:32:26:
                    1e:56:a8:58:af:3d:9c:8d:04:fd:93:49:d7:ec:16:
                    52:28:f3:c6:2a:30:1e:d5:64:bd:1d:10:d8:6a:3a:
                    64:e2:7b:35:00:4e:69:d3:12:1b:c2:f2:d5:94:b8:
                    39:71:2c:25:33:a4:d8:80:16:9c:ca:ad:c9:ec:74:
                    46:5e:96:52:19:f9:74:1f:53:de:19:ae:57:d5:48:
                    43:00:43:de:8c:73:4c:2d:30:b0:45:d1:40:aa:44:
                    28:fc:ca:ad:34:58:f6:f1:b5:af:aa:77:65:61:20:
                    2a:4d:19:be:0b:77:dd:aa:6a:72:34:2f:44:fa:59:
                    f7:fd:54:9a:e1:e3:73:0b:e9:0e:83:b3:cd:ba:2d:
                    d6:3a:73:8d:82:82:61:6c:1c:e3:ba:7f:7e:15:7b:
                    90:59:38:55:88:fb:d7:59:27:08:1d:78:10:ea:15:
                    98:49:70:c1:98:d3:f2:01:5f:54:6d:2b:44:97:af:
                    75:4e:18:aa:3b:46:70:b1:b3:83:7e:60:29:46:ac:
                    30:7d:ad:47:0b:34:f5:fe:32:58:33:3b:b3:d9:fb:
                    3d:13:9d:0a:1d:e2:6e:39:fa:83:22:cd:97:4e:0e:
                    4c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:0B:8E:6E:BB:2D:DA:24:E8:8C:DA:D7:A0:78:7F:09:E7:BD:11:84
            X509v3 Authority Key Identifier:
                keyid:56:67:33:2F:48:09:41:ED:35:80:3B:2C:04:B8:4F:37:28:D3:92:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmczL0gJQe01gDssBLhPNyjTkpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2f90f1-e257-4e54-b25d-2594c2ff6cb7/1/VmczL0gJQe01gDssBLhPNyjTkpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c4:ff:05:72:80:4e:7a:b4:68:84:28:a6:0e:a0:e7:95:25:
         c7:a1:63:79:1a:a7:eb:b2:cf:87:1d:c8:1c:3c:f7:5c:bf:1e:
         0f:c4:b2:64:45:e6:5e:d7:20:aa:41:38:12:42:2f:37:ef:07:
         f3:06:8e:d6:55:22:4a:76:3b:81:f5:99:78:09:bb:eb:65:c1:
         78:da:a9:c1:17:74:17:e6:d3:cf:08:71:4b:d2:61:90:b5:c4:
         79:88:9f:79:3d:44:0a:98:7d:a5:cd:ae:d3:95:fa:48:81:ef:
         0e:b4:04:04:39:52:ee:af:f2:f4:88:3d:75:76:65:d9:e7:80:
         80:ec:c4:a0:43:34:fb:14:27:5a:95:85:00:68:ef:86:45:81:
         01:e9:62:15:be:03:a5:1d:f6:d6:1a:a4:eb:db:97:a6:c5:6d:
         9d:1b:e8:02:cd:25:8a:88:89:24:96:7a:7f:f9:65:d2:b5:30:
         5e:bd:8f:6e:90:95:b9:06:05:94:b4:5e:5d:7c:d9:1f:44:6c:
         50:4b:0b:30:e4:15:51:cb:45:58:9d:44:8c:bc:6f:0c:42:f5:
         54:29:99:b4:2d:27:a0:88:d2:86:36:9b:28:1a:1d:38:f5:1c:
         21:c3:4e:f7:09:12:b0:c5:da:fd:87:e0:80:17:a2:09:ef:36:
         20:b2:d4:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLdR+afBugw+8ZMWbEhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjczMzJmNDgwOTQxZWQzNTgwM2IyYzA0Yjg0ZjM3Mjhk
MzkyOTcwHhcNMjUxMTExMTAwMTEwWhcNMjUxMTEyMTAwMTEwWjAzMTEwLwYDVQQD
EyhjOTBiOGU2ZWJiMmRkYTI0ZTg4Y2RhZDdhMDc4N2YwOWU3YmQxMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRW9diin+Skqe3sqNwM86db+RuwR
1lfHkG2sMiYeVqhYrz2cjQT9k0nX7BZSKPPGKjAe1WS9HRDYajpk4ns1AE5p0xIb
wvLVlLg5cSwlM6TYgBacyq3J7HRGXpZSGfl0H1PeGa5X1UhDAEPejHNMLTCwRdFA
qkQo/MqtNFj28bWvqndlYSAqTRm+C3fdqmpyNC9E+ln3/VSa4eNzC+kOg7PNui3W
OnONgoJhbBzjun9+FXuQWThViPvXWScIHXgQ6hWYSXDBmNPyAV9UbStEl691Thiq
O0ZwsbODfmApRqwwfa1HCzT1/jJYMzuz2fs9E50KHeJuOfqDIs2XTg5MEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkLjm67Ldok6Iza16B4fwnnvRGEMB8GA1UdIwQY
MBaAFFZnMy9ICUHtNYA7LAS4Tzco05KXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1jekwwZ0pRZTAxZ0Rzc0JMaFBOeWpUa3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yZjkwZjEtZTI1Ny00ZTU0LWIyNWQt
MjU5NGMyZmY2Y2I3LzEvVm1jekwwZ0pRZTAxZ0Rzc0JMaFBOeWpUa3BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yZjkwZjEtZTI1Ny00ZTU0LWIyNWQtMjU5NGMyZmY2Y2I3
LzEvVm1jekwwZ0pRZTAxZ0Rzc0JMaFBOeWpUa3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8T/BXKA
Tnq0aIQopg6g55Ulx6FjeRqn67LPhx3IHDz3XL8eD8SyZEXmXtcgqkE4EkIvN+8H
8waO1lUiSnY7gfWZeAm762XBeNqpwRd0F+bTzwhxS9JhkLXEeYifeT1ECph9pc2u
05X6SIHvDrQEBDlS7q/y9Ig9dXZl2eeAgOzEoEM0+xQnWpWFAGjvhkWBAeliFb4D
pR321hqk69uXpsVtnRvoAs0lioiJJJZ6f/ll0rUwXr2PbpCVuQYFlLReXXzZH0Rs
UEsLMOQVUctFWJ1EjLxvDEL1VCmZtC0noIjShjabKBodOPUcIcNO9wkSsMXa/Yfg
gBeiCe82ILLUrg==
-----END CERTIFICATE-----