Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          nRRFoQWHU47ik3AYywDdTC/x5iVZAmmgrFAg+CDkA7E=
Subject key identifier:   19:71:78:7C:35:8F:94:6C:C4:6C:87:C9:F4:61:7A:B7:F9:31:57:8D
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019922FA338E66F5ECA64C7C9B3CA58C231F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          09FC
Signing time:             Sun 07 Sep 2025 07:00:46 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:46 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:46 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: a8z21j/J+7Dja5c14O/2C9h1UOB3V8IUeNrHia9TV3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:33:8e:66:f5:ec:a6:4c:7c:9b:3c:a5:8c:23:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Sep  7 07:00:46 2025 GMT
            Not After : Sep  8 07:00:46 2025 GMT
        Subject: CN=1971787c358f946cc46c87c9f4617ab7f931578d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:a5:af:6d:16:0b:74:b9:92:0a:4c:86:d2:6a:
                    97:bf:bf:5f:64:46:ba:28:9e:75:1d:e7:5f:a4:01:
                    1b:51:c3:c6:b4:d1:50:d3:d5:52:a2:47:8b:d2:1d:
                    c2:a6:18:be:5b:16:dd:60:6e:90:14:10:7a:ef:28:
                    d8:d4:cf:28:a2:0b:23:51:36:38:85:3e:63:20:4b:
                    f2:98:8a:dc:93:6e:e3:9b:9b:aa:79:91:f7:ed:c0:
                    29:68:12:91:8c:0a:5f:61:0b:c8:0e:60:28:22:82:
                    35:0b:51:b2:d3:ea:29:10:ab:4a:92:47:2d:61:8b:
                    5c:6e:b4:9d:74:6a:1d:20:1e:2d:33:ef:a6:51:4f:
                    b6:c8:2c:1f:8d:6f:3b:e2:90:65:5d:bf:80:90:da:
                    70:b8:48:04:64:82:37:df:b0:ae:86:06:c3:be:b3:
                    4c:ee:c6:7c:c5:10:a5:a0:8d:b6:69:f6:f3:72:ed:
                    40:24:9c:1d:21:5b:88:e6:d1:27:18:d8:da:b6:83:
                    e5:60:66:fd:a5:e8:74:c2:ee:87:66:d0:43:d1:c9:
                    24:69:10:36:d1:ac:fe:cb:6f:56:d9:13:47:5b:d2:
                    a5:22:87:b1:91:e2:04:3c:a2:f8:b4:2f:e0:de:81:
                    b2:1b:6b:92:58:8b:a5:c4:bd:59:26:ef:5c:a5:c2:
                    4f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:71:78:7C:35:8F:94:6C:C4:6C:87:C9:F4:61:7A:B7:F9:31:57:8D
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:0c:2f:fe:02:9f:76:92:59:ff:c5:1c:b0:1e:62:bd:54:56:
         5a:63:88:2c:4e:c7:c2:3d:ac:db:6f:e0:3e:62:64:96:26:3d:
         90:b9:94:86:fa:d0:1c:e4:f2:16:fa:8c:a4:3c:20:54:1f:69:
         2b:f5:7f:02:1c:3c:dc:3b:c1:25:ff:47:e5:7d:5f:d6:14:49:
         e8:05:a6:d1:14:14:75:f3:41:ce:b7:ee:de:38:c7:43:d9:83:
         cf:c6:83:ec:4a:fb:2f:76:3c:16:fd:61:2f:eb:27:5c:7c:d0:
         30:fb:89:2a:17:bd:ac:f6:84:92:31:ef:d1:a1:34:48:3d:01:
         3c:60:bf:a2:5e:41:c7:f4:61:06:15:1a:04:11:57:b2:5e:ab:
         3c:15:6f:7a:96:3e:a6:9e:fc:2e:aa:db:62:e2:a9:a4:32:06:
         6b:57:10:13:6a:88:6f:b9:ea:cd:94:bc:ef:76:fc:b3:5c:95:
         75:96:1f:73:3c:b6:aa:46:59:c9:ca:5e:13:49:c1:2e:44:44:
         5b:c5:ed:d8:c8:da:74:18:f2:57:55:8f:4a:2a:1e:fa:ef:8c:
         2e:7f:54:45:44:03:13:4b:69:f2:63:ff:22:11:5e:98:16:d1:
         53:cc:da:cc:65:9f:3a:4a:04:60:b9:e0:72:63:fc:73:0b:ef:
         bb:27:7f:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+jOOZvXspkx8mzyljCMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwOTA3MDcwMDQ2WhcNMjUwOTA4MDcwMDQ2WjAzMTEwLwYDVQQD
EygxOTcxNzg3YzM1OGY5NDZjYzQ2Yzg3YzlmNDYxN2FiN2Y5MzE1NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KWvbRYLdLmSCkyG0mqXv79fZEa6
KJ51HedfpAEbUcPGtNFQ09VSokeL0h3Cphi+WxbdYG6QFBB67yjY1M8oogsjUTY4
hT5jIEvymIrck27jm5uqeZH37cApaBKRjApfYQvIDmAoIoI1C1Gy0+opEKtKkkct
YYtcbrSddGodIB4tM++mUU+2yCwfjW874pBlXb+AkNpwuEgEZII337CuhgbDvrNM
7sZ8xRCloI22afbzcu1AJJwdIVuI5tEnGNjatoPlYGb9peh0wu6HZtBD0ckkaRA2
0az+y29W2RNHW9KlIoexkeIEPKL4tC/g3oGyG2uSWIulxL1ZJu9cpcJPawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlxeHw1j5RsxGyHyfRherf5MVeNMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAwv/gKf
dpJZ/8UcsB5ivVRWWmOILE7Hwj2s22/gPmJkliY9kLmUhvrQHOTyFvqMpDwgVB9p
K/V/Ahw83DvBJf9H5X1f1hRJ6AWm0RQUdfNBzrfu3jjHQ9mDz8aD7Er7L3Y8Fv1h
L+snXHzQMPuJKhe9rPaEkjHv0aE0SD0BPGC/ol5Bx/RhBhUaBBFXsl6rPBVvepY+
pp78LqrbYuKppDIGa1cQE2qIb7nqzZS873b8s1yVdZYfczy2qkZZycpeE0nBLkRE
W8Xt2MjadBjyV1WPSioe+u+MLn9URUQDE0tp8mP/IhFemBbRU8zazGWfOkoEYLng
cmP8cwvvuyd/qA==
-----END CERTIFICATE-----