Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          uBCOypatcpwhZ9z6eMdWbBXy3uh9TnM1Q7mHbwYY0rc=
Subject key identifier:   47:DA:E8:74:A1:C2:BC:4A:9D:36:30:EE:D9:BE:A4:D3:E1:C9:A6:95
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       0197700806083F33E34194F8B9290E19DE9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          151E
Signing time:             Sat 14 Jun 2025 20:01:03 +0000
Manifest this update:     Sat 14 Jun 2025 20:01:03 +0000
Manifest next update:     Sun 15 Jun 2025 20:01:03 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: p9wOFjUsiYuYNPcpJTYxYuuCI0yte3HPVgphwmsCf28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:08:06:08:3f:33:e3:41:94:f8:b9:29:0e:19:de:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Jun 14 20:01:03 2025 GMT
            Not After : Jun 15 20:01:03 2025 GMT
        Subject: CN=47dae874a1c2bc4a9d3630eed9bea4d3e1c9a695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:35:5e:ad:ce:63:82:58:ba:45:3f:ac:79:73:
                    c4:6e:f6:2d:59:ea:32:3a:9c:4f:97:27:fb:95:c2:
                    74:fd:29:a1:69:99:88:5f:95:de:1d:08:5e:a9:13:
                    35:3d:7f:ff:73:c7:dc:5b:bd:39:ee:f5:45:1d:85:
                    9b:96:6f:ad:83:9f:ba:d6:c1:26:b0:fa:ed:e0:f3:
                    aa:bb:e2:b8:11:7d:70:74:56:11:aa:7b:3b:70:49:
                    85:3f:f0:81:34:c1:0e:21:20:c6:14:2c:9b:39:c8:
                    a6:02:b3:74:4e:cf:23:69:86:5d:21:56:d0:4c:19:
                    e7:e5:3a:d8:90:4c:28:0a:aa:2e:32:10:7b:b2:9f:
                    a3:ce:85:8e:c7:27:db:be:c1:13:06:2a:24:85:30:
                    8d:21:ae:88:f1:39:06:07:ad:c2:71:98:ef:8b:f0:
                    79:16:b7:52:28:d2:11:c7:1f:37:b4:92:94:f9:a4:
                    aa:1a:10:cb:5b:11:7b:79:7a:22:d3:0a:6b:40:3e:
                    60:60:e1:1c:c4:83:41:04:42:8a:76:48:95:0e:e8:
                    91:f7:00:5d:b9:77:a9:89:e5:9e:c0:63:ca:d4:22:
                    31:19:62:b1:83:22:23:13:fa:7d:2d:4b:f0:4a:a7:
                    2f:69:1e:f6:6e:79:3c:04:68:5e:0c:4a:44:d5:65:
                    c6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:DA:E8:74:A1:C2:BC:4A:9D:36:30:EE:D9:BE:A4:D3:E1:C9:A6:95
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:22:66:04:70:9f:08:fe:be:e1:ca:be:39:ce:4e:c2:48:1b:
         65:30:8e:e5:53:a7:44:38:80:e1:3f:3e:ec:c1:66:fa:2f:9c:
         7d:a7:d6:1a:8e:a1:5c:5f:a4:83:24:08:d5:53:7c:9a:12:1f:
         21:24:bd:36:21:7f:a0:28:38:b4:11:32:80:c1:a1:72:7e:bf:
         a9:f9:9d:db:74:78:54:b5:4f:7d:d5:ab:66:eb:3e:e2:e7:77:
         19:5f:23:b0:95:09:07:fb:4e:4d:c1:04:27:9a:37:23:7b:9b:
         91:36:2f:3c:13:b4:d7:38:cc:f8:bd:e6:f2:d0:08:2b:e1:20:
         2d:25:86:ff:fc:62:33:eb:17:0d:7b:a3:a6:d3:63:37:e7:2b:
         11:f5:07:c3:f9:a5:cc:a1:c2:ff:74:ea:ba:17:0e:cc:59:90:
         fe:73:17:7e:3e:b3:5b:0d:9e:d9:d9:9b:45:d9:e1:6e:78:75:
         ac:bd:8c:64:95:6e:04:e2:1e:4a:f9:cc:92:a9:26:07:c0:24:
         12:65:59:d1:66:12:4a:62:a8:6f:68:75:8c:92:69:c7:28:57:
         b2:19:82:f4:3b:79:e5:38:6d:1e:e3:ad:23:bc:bd:d5:e4:49:
         b4:e2:3f:0d:4c:da:7b:29:94:fd:d0:24:49:fc:6a:cc:cc:5b:
         8f:32:25:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwCAYIPzPjQZT4uSkOGd6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUwNjE0MjAwMTAzWhcNMjUwNjE1MjAwMTAzWjAzMTEwLwYDVQQD
Eyg0N2RhZTg3NGExYzJiYzRhOWQzNjMwZWVkOWJlYTRkM2UxYzlhNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjVerc5jgli6RT+seXPEbvYtWeoy
OpxPlyf7lcJ0/SmhaZmIX5XeHQheqRM1PX//c8fcW7057vVFHYWblm+tg5+61sEm
sPrt4POqu+K4EX1wdFYRqns7cEmFP/CBNMEOISDGFCybOcimArN0Ts8jaYZdIVbQ
TBnn5TrYkEwoCqouMhB7sp+jzoWOxyfbvsETBiokhTCNIa6I8TkGB63CcZjvi/B5
FrdSKNIRxx83tJKU+aSqGhDLWxF7eXoi0wprQD5gYOEcxINBBEKKdkiVDuiR9wBd
uXepieWewGPK1CIxGWKxgyIjE/p9LUvwSqcvaR72bnk8BGheDEpE1WXGCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfa6HShwrxKnTYw7tm+pNPhyaaVMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSJmBHCf
CP6+4cq+Oc5OwkgbZTCO5VOnRDiA4T8+7MFm+i+cfafWGo6hXF+kgyQI1VN8mhIf
ISS9NiF/oCg4tBEygMGhcn6/qfmd23R4VLVPfdWrZus+4ud3GV8jsJUJB/tOTcEE
J5o3I3ubkTYvPBO01zjM+L3m8tAIK+EgLSWG//xiM+sXDXujptNjN+crEfUHw/ml
zKHC/3TquhcOzFmQ/nMXfj6zWw2e2dmbRdnhbnh1rL2MZJVuBOIeSvnMkqkmB8Ak
EmVZ0WYSSmKob2h1jJJpxyhXshmC9Dt55ThtHuOtI7y91eRJtOI/DUzaeymU/dAk
SfxqzMxbjzIlTA==
-----END CERTIFICATE-----