Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          kflzffs9w5ocHak0gC8179xNHviaqa2HBwWCti8OLl8=
Subject key identifier:   1F:8C:D8:1C:88:4E:C7:FD:21:6C:67:28:C4:B0:75:39:2F:5C:9A:6C
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       01975949273C372D7DB3D8604024387C26ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          090F
Signing time:             Tue 10 Jun 2025 10:00:55 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:55 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:55 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: 0j0SbO8rveHIIkAJ0ZjBZHGHHuop7J6udUTy8fNRUcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:49:27:3c:37:2d:7d:b3:d8:60:40:24:38:7c:26:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Jun 10 10:00:55 2025 GMT
            Not After : Jun 11 10:00:55 2025 GMT
        Subject: CN=1f8cd81c884ec7fd216c6728c4b075392f5c9a6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8c:14:0a:59:9a:3a:d0:72:3f:6e:67:ad:d1:
                    88:ce:50:fd:87:ea:58:08:69:c1:fd:d1:98:62:bf:
                    5b:87:08:ef:50:49:34:b4:47:da:31:7a:b9:1b:1d:
                    0c:86:be:7b:2b:22:d2:50:88:75:d4:96:23:5c:87:
                    e0:b0:73:9c:b0:28:10:84:ea:bb:56:68:1d:69:bf:
                    d6:0c:c0:f7:d1:2f:32:9d:ad:ad:53:30:d7:2a:b5:
                    51:79:b1:ee:a8:61:fa:4b:31:ec:15:75:0c:89:17:
                    b4:2d:68:79:c3:fd:07:07:ff:fb:61:10:74:95:92:
                    f1:03:86:e2:cf:81:b6:4c:b5:b7:dc:0d:c9:79:d1:
                    16:1a:d4:37:44:68:a0:9e:2b:87:8a:f1:91:c1:8e:
                    a1:e5:f1:93:bb:89:75:c8:40:45:03:e4:ff:86:28:
                    20:e9:87:48:71:4b:89:97:d0:6d:b9:f0:5f:e9:fc:
                    e4:61:4b:46:be:cf:4c:fa:fe:02:94:25:48:3f:b8:
                    dd:d4:e5:cf:4e:9a:12:1f:90:af:38:5e:6b:ab:9d:
                    e4:ee:f6:c3:96:04:fe:78:ec:46:61:e2:4a:67:c6:
                    b6:f6:84:2d:90:7e:17:85:f0:91:7d:38:da:27:8f:
                    10:08:bf:d0:ce:01:84:34:7b:6a:78:62:8c:d2:92:
                    97:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:8C:D8:1C:88:4E:C7:FD:21:6C:67:28:C4:B0:75:39:2F:5C:9A:6C
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:72:2b:7e:c2:fb:a1:a4:82:f9:b9:7e:52:ba:b2:78:a6:a3:
         7d:7c:8f:48:3d:70:9e:35:b3:05:63:1c:e3:4c:64:67:f1:9a:
         87:de:f4:6e:37:04:19:de:bf:87:7e:72:85:74:fd:3b:48:89:
         dc:71:f6:89:f1:00:da:13:6f:bd:95:1a:bc:39:15:bf:03:3f:
         9d:43:a6:8e:72:b1:b5:c9:ed:61:af:21:59:c2:78:4d:45:96:
         61:42:83:3a:24:78:81:85:56:16:b7:63:a9:40:26:c4:9d:9e:
         d1:c4:18:f3:bf:15:ea:a2:87:b6:52:e9:8b:62:a7:75:00:8c:
         67:b0:d9:a5:bf:4c:16:95:a4:a1:b7:a6:a8:af:7f:49:d7:20:
         52:11:db:12:f5:87:25:1f:c8:dd:bb:15:e5:a7:44:20:a6:af:
         d0:56:29:15:ae:1e:59:0e:fb:a6:c3:1c:1b:b1:91:62:da:ec:
         aa:ce:96:23:bc:94:c7:b2:10:2d:e5:55:97:ce:c2:ff:47:e5:
         23:6c:a1:6d:72:40:ed:13:81:de:7d:db:4b:f2:2e:b5:f1:42:
         b4:1d:80:51:fe:23:6e:7f:ca:0a:70:bc:f1:02:cb:f5:cb:8b:
         55:c9:d5:44:1b:2f:cf:b6:1c:0c:76:69:ac:84:64:bc:99:fd:
         f3:51:07:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSSc8Ny19s9hgQCQ4fCbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwNjEwMTAwMDU1WhcNMjUwNjExMTAwMDU1WjAzMTEwLwYDVQQD
EygxZjhjZDgxYzg4NGVjN2ZkMjE2YzY3MjhjNGIwNzUzOTJmNWM5YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIwUClmaOtByP25nrdGIzlD9h+pY
CGnB/dGYYr9bhwjvUEk0tEfaMXq5Gx0Mhr57KyLSUIh11JYjXIfgsHOcsCgQhOq7
Vmgdab/WDMD30S8yna2tUzDXKrVRebHuqGH6SzHsFXUMiRe0LWh5w/0HB//7YRB0
lZLxA4biz4G2TLW33A3JedEWGtQ3RGigniuHivGRwY6h5fGTu4l1yEBFA+T/higg
6YdIcUuJl9BtufBf6fzkYUtGvs9M+v4ClCVIP7jd1OXPTpoSH5CvOF5rq53k7vbD
lgT+eOxGYeJKZ8a29oQtkH4XhfCRfTjaJ48QCL/QzgGENHtqeGKM0pKX6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+M2ByITsf9IWxnKMSwdTkvXJpsMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3IrfsL7
oaSC+bl+UrqyeKajfXyPSD1wnjWzBWMc40xkZ/Gah970bjcEGd6/h35yhXT9O0iJ
3HH2ifEA2hNvvZUavDkVvwM/nUOmjnKxtcntYa8hWcJ4TUWWYUKDOiR4gYVWFrdj
qUAmxJ2e0cQY878V6qKHtlLpi2KndQCMZ7DZpb9MFpWkobemqK9/SdcgUhHbEvWH
JR/I3bsV5adEIKav0FYpFa4eWQ77psMcG7GRYtrsqs6WI7yUx7IQLeVVl87C/0fl
I2yhbXJA7ROB3n3bS/IutfFCtB2AUf4jbn/KCnC88QLL9cuLVcnVRBsvz7YcDHZp
rIRkvJn981EHnw==
-----END CERTIFICATE-----