Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
File:                     vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft (raw, json)
Hash identifier:          2lFH9cM+atMbFD4aPnlPAL/rKpRyBSF9Rvr5M0XLBQw=
Subject key identifier:   D0:DB:DC:11:99:EA:DE:FB:88:F8:E9:D5:00:63:5B:BA:A1:91:5A:35
Authority key identifier: BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8
Certificate issuer:       /CN=be1868205b3d137355aa71f2467295cd871952c8
Certificate serial:       01974F3360E0BBE7D2CBCBA7200EA639BF0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
Manifest number:          0B80
Signing time:             Sun 08 Jun 2025 11:00:56 +0000
Manifest this update:     Sun 08 Jun 2025 11:00:56 +0000
Manifest next update:     Mon 09 Jun 2025 11:00:56 +0000
Files and hashes:         1: vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl (hash: V8pYX4iNCeiY+pDDeUhDVY5iif09zaiph+kNoaL1cM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:33:60:e0:bb:e7:d2:cb:cb:a7:20:0e:a6:39:bf:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be1868205b3d137355aa71f2467295cd871952c8
        Validity
            Not Before: Jun  8 11:00:56 2025 GMT
            Not After : Jun  9 11:00:56 2025 GMT
        Subject: CN=d0dbdc1199eadefb88f8e9d500635bbaa1915a35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:73:19:7d:a2:d0:3b:7d:be:7a:95:54:59:6b:
                    0f:bc:be:bd:fb:2c:f5:7b:69:5a:b1:0a:da:7d:86:
                    8c:09:08:f8:08:8e:5c:04:ef:e4:ba:f6:32:ed:66:
                    b9:32:47:aa:c6:61:cb:e3:d4:02:2b:8b:0a:ac:ac:
                    0e:8d:29:e1:e3:28:2f:0f:9f:09:df:4e:8c:92:3d:
                    d1:65:a9:be:20:c1:8c:7d:c4:1d:14:57:4f:8e:e8:
                    d2:3a:3a:78:09:d0:0b:cb:9d:a7:ea:e3:14:21:bc:
                    9d:94:dc:b4:e3:f1:79:6e:37:e8:07:17:7b:4c:c2:
                    b1:88:a0:1b:79:c5:1e:70:33:d4:8c:4f:49:dd:54:
                    50:f1:f2:50:31:73:a4:85:14:b0:3c:29:06:d4:45:
                    51:af:9d:21:0b:23:e9:35:4f:99:3f:0b:62:90:bc:
                    03:16:b9:d7:1e:5d:18:e0:de:c7:b6:bd:77:8f:bf:
                    0e:88:fd:2f:9d:8a:26:d9:0e:99:f7:57:7f:bb:02:
                    29:ec:ec:46:2c:73:8f:7d:40:07:89:0b:4e:eb:89:
                    dd:99:1a:d0:c4:7f:3f:83:80:02:f4:74:4d:f0:93:
                    5e:e8:c6:74:dd:d9:99:3e:07:cf:53:fc:8e:3d:e9:
                    b5:6a:5e:9b:44:4c:cb:dc:19:a3:b6:cb:dd:d0:63:
                    ae:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:DB:DC:11:99:EA:DE:FB:88:F8:E9:D5:00:63:5B:BA:A1:91:5A:35
            X509v3 Authority Key Identifier:
                keyid:BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:4e:29:3f:48:dc:3e:2d:77:30:05:b3:c3:1a:be:12:76:2a:
         25:01:76:e8:c1:40:17:a1:a1:06:1e:37:5d:43:58:b4:38:24:
         11:07:02:70:50:84:71:8b:b3:02:bd:10:01:0e:9f:4c:3b:fc:
         a9:3c:51:e3:e2:ce:29:f2:41:dc:8e:57:06:ba:d8:90:71:06:
         9e:e2:ee:49:06:26:69:30:ca:6c:b7:09:2b:b6:2b:5d:fa:3f:
         59:5b:8b:a9:f8:36:0d:27:19:e4:fb:66:e4:91:09:39:3c:04:
         71:6e:fc:a2:5d:87:07:24:22:a4:72:50:8e:3c:c3:08:f6:b6:
         fa:73:0e:e1:a3:a0:9d:5e:af:16:32:43:82:44:48:88:a5:58:
         cd:e9:7f:d3:b6:8e:e7:9b:4a:31:60:08:83:ff:92:30:46:6b:
         84:0a:12:8c:9b:b8:fa:1c:27:7a:e8:e7:1b:0e:43:14:c1:a5:
         ca:74:00:e9:96:a6:6b:47:44:25:5d:2d:57:a7:6d:23:39:24:
         cd:84:05:49:f2:40:dd:b3:91:f7:74:24:b3:50:73:a2:ca:38:
         df:1c:db:e1:20:66:a0:2f:ed:39:e1:92:b9:66:62:a3:c2:2a:
         53:98:fe:b6:c2:4c:ad:4d:c0:30:9a:53:09:7f:25:4c:7a:79:
         35:32:40:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPM2Dgu+fSy8unIA6mOb8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMTg2ODIwNWIzZDEzNzM1NWFhNzFmMjQ2NzI5NWNkODcx
OTUyYzgwHhcNMjUwNjA4MTEwMDU2WhcNMjUwNjA5MTEwMDU2WjAzMTEwLwYDVQQD
EyhkMGRiZGMxMTk5ZWFkZWZiODhmOGU5ZDUwMDYzNWJiYWExOTE1YTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHMZfaLQO32+epVUWWsPvL69+yz1
e2lasQrafYaMCQj4CI5cBO/kuvYy7Wa5MkeqxmHL49QCK4sKrKwOjSnh4ygvD58J
306Mkj3RZam+IMGMfcQdFFdPjujSOjp4CdALy52n6uMUIbydlNy04/F5bjfoBxd7
TMKxiKAbecUecDPUjE9J3VRQ8fJQMXOkhRSwPCkG1EVRr50hCyPpNU+ZPwtikLwD
FrnXHl0Y4N7Htr13j78OiP0vnYom2Q6Z91d/uwIp7OxGLHOPfUAHiQtO64ndmRrQ
xH8/g4AC9HRN8JNe6MZ03dmZPgfPU/yOPem1al6bREzL3Bmjtsvd0GOuuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDb3BGZ6t77iPjp1QBjW7qhkVo1MB8GA1UdIwQY
MBaAFL4YaCBbPRNzVapx8kZylc2HGVLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWIt
NzU3Zjk5OTI3NTcxLzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWItNzU3Zjk5OTI3NTcx
LzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVE4pP0jc
Pi13MAWzwxq+EnYqJQF26MFAF6GhBh43XUNYtDgkEQcCcFCEcYuzAr0QAQ6fTDv8
qTxR4+LOKfJB3I5XBrrYkHEGnuLuSQYmaTDKbLcJK7YrXfo/WVuLqfg2DScZ5Ptm
5JEJOTwEcW78ol2HByQipHJQjjzDCPa2+nMO4aOgnV6vFjJDgkRIiKVYzel/07aO
55tKMWAIg/+SMEZrhAoSjJu4+hwneujnGw5DFMGlynQA6Zama0dEJV0tV6dtIzkk
zYQFSfJA3bOR93Qks1Bzoso43xzb4SBmoC/tOeGSuWZio8IqU5j+tsJMrU3AMJpT
CX8lTHp5NTJAcA==
-----END CERTIFICATE-----