Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          Kj/HlAliE/oDDUT4AAynpFG6796Eef6eiAVE+n7Zioc=
Subject key identifier:   1F:FC:99:5E:E4:79:0C:02:C0:25:E7:4E:F3:3B:FD:DE:F5:B2:B4:B2
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       019A7293ACCDCDC26FA6EFD3C8CDCD596DD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 11:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:11 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: y/6mUssZHdxBnm/+9f73MZO8kc6h7fYQwBiaBE7re0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:ac:cd:cd:c2:6f:a6:ef:d3:c8:cd:cd:59:6d:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Nov 11 11:01:11 2025 GMT
            Not After : Nov 12 11:01:11 2025 GMT
        Subject: CN=1ffc995ee4790c02c025e74ef33bfddef5b2b4b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:99:4f:a0:67:14:1a:6d:bf:f6:cd:38:7e:39:
                    9b:af:ef:f7:8b:39:f2:62:e4:76:68:73:03:b5:68:
                    b7:aa:d1:98:c8:b4:78:a0:6c:80:09:4a:1d:06:70:
                    78:14:85:9c:5a:ad:d8:39:52:d2:62:ad:05:d4:74:
                    37:5b:30:0e:ca:57:82:6b:41:00:4e:a5:66:39:64:
                    be:b0:ec:d0:05:02:c4:49:b3:67:11:6c:02:9d:aa:
                    b2:f6:e5:93:8f:7f:fd:19:03:2a:cc:e7:32:0f:43:
                    22:24:9c:22:96:70:5c:15:5f:4e:f7:36:3c:fe:49:
                    1f:88:53:f6:7e:09:0f:9e:44:23:2a:85:6f:8c:0e:
                    81:df:aa:42:09:90:14:a5:89:8c:fe:0f:26:b6:ca:
                    71:ef:2b:7c:22:44:3a:3f:59:04:0f:c2:2b:10:4c:
                    d7:86:99:45:4e:1e:03:b8:dc:1d:17:50:a8:59:40:
                    ee:a8:0e:9c:17:e8:45:cb:84:ea:bf:7f:55:a8:d0:
                    96:8d:c4:8b:8c:cf:1e:02:c5:04:74:f3:6a:10:73:
                    ef:9c:46:18:dc:0a:3e:b5:3a:b1:df:90:7f:05:56:
                    65:d3:e1:ba:3d:18:c6:ac:3f:d4:16:bd:35:99:6f:
                    4b:ef:bc:9d:9c:82:fc:98:51:9e:73:37:34:5a:35:
                    bf:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:FC:99:5E:E4:79:0C:02:C0:25:E7:4E:F3:3B:FD:DE:F5:B2:B4:B2
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:95:70:80:ae:16:72:7e:d3:50:52:67:38:fb:56:e2:e1:09:
         e7:2a:10:8f:c9:3e:fa:13:b6:5e:d1:1c:91:46:77:a5:f0:e8:
         1c:bd:12:c6:cf:38:ca:ad:34:42:19:d8:d0:41:bb:87:1b:2c:
         96:73:8c:af:7d:91:bb:85:4d:d7:e6:a2:59:50:d2:57:eb:46:
         16:8f:46:78:bc:a2:1a:d4:3c:54:4b:42:7f:89:ff:ee:0b:60:
         7a:a9:de:4c:95:98:e5:cf:af:19:f4:c2:96:ea:63:14:6c:ac:
         d8:bc:41:e5:bf:71:65:cc:7b:9d:11:9c:54:86:4f:11:66:aa:
         ee:dd:19:5b:0a:d0:81:81:8f:d1:c6:17:36:c2:f3:da:d4:04:
         34:23:30:0f:d2:b1:23:3a:ee:f3:e2:48:14:c8:05:48:79:37:
         55:19:5c:4e:5d:f8:e2:d2:83:2c:af:ad:02:0d:16:60:aa:e4:
         c3:ea:d2:4e:a0:70:0a:d2:2b:10:2c:d1:b3:10:77:78:f9:8c:
         ce:ee:47:d3:a9:3c:56:7f:ba:9c:e7:c9:17:7b:f4:c1:d1:8e:
         0a:4c:ad:95:51:10:2c:09:86:60:f3:c6:14:53:fd:dd:89:d5:
         8f:23:46:8f:9d:90:29:3f:c9:b0:a8:ae:91:2c:7a:51:ca:8b:
         5c:72:a5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6zNzcJvpu/TyM3NWW3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUxMTExMTEwMTExWhcNMjUxMTEyMTEwMTExWjAzMTEwLwYDVQQD
EygxZmZjOTk1ZWU0NzkwYzAyYzAyNWU3NGVmMzNiZmRkZWY1YjJiNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5lPoGcUGm2/9s04fjmbr+/3izny
YuR2aHMDtWi3qtGYyLR4oGyACUodBnB4FIWcWq3YOVLSYq0F1HQ3WzAOyleCa0EA
TqVmOWS+sOzQBQLESbNnEWwCnaqy9uWTj3/9GQMqzOcyD0MiJJwilnBcFV9O9zY8
/kkfiFP2fgkPnkQjKoVvjA6B36pCCZAUpYmM/g8mtspx7yt8IkQ6P1kED8IrEEzX
hplFTh4DuNwdF1CoWUDuqA6cF+hFy4Tqv39VqNCWjcSLjM8eAsUEdPNqEHPvnEYY
3Ao+tTqx35B/BVZl0+G6PRjGrD/UFr01mW9L77ydnIL8mFGeczc0WjW/KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/8mV7keQwCwCXnTvM7/d71srSyMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnJVwgK4W
cn7TUFJnOPtW4uEJ5yoQj8k++hO2XtEckUZ3pfDoHL0Sxs84yq00QhnY0EG7hxss
lnOMr32Ru4VN1+aiWVDSV+tGFo9GeLyiGtQ8VEtCf4n/7gtgeqneTJWY5c+vGfTC
lupjFGys2LxB5b9xZcx7nRGcVIZPEWaq7t0ZWwrQgYGP0cYXNsLz2tQENCMwD9Kx
Izru8+JIFMgFSHk3VRlcTl344tKDLK+tAg0WYKrkw+rSTqBwCtIrECzRsxB3ePmM
zu5H06k8Vn+6nOfJF3v0wdGOCkytlVEQLAmGYPPGFFP93YnVjyNGj52QKT/JsKiu
kSx6UcqLXHKlLw==
-----END CERTIFICATE-----