Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          FONYBCMsy2rdzK7muOF7eTdEAE56MM9uKOOJXyYKI6I=
Subject key identifier:   60:94:3F:A1:88:F8:83:6B:BE:F7:7C:5B:D6:B7:AE:2D:B2:32:E0:B7
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       01976C987F0696C90AFEC81C74FF59209D0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0919
Signing time:             Sat 14 Jun 2025 04:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:22 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: tmkGEj2UlLawuCQmDv/iIADK5w0UommrowXt3+FMmWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:7f:06:96:c9:0a:fe:c8:1c:74:ff:59:20:9d:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Jun 14 04:00:22 2025 GMT
            Not After : Jun 15 04:00:22 2025 GMT
        Subject: CN=60943fa188f8836bbef77c5bd6b7ae2db232e0b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:07:3a:08:bd:3f:13:13:e1:1b:c6:2e:56:6a:
                    a2:f1:18:55:76:23:6b:21:8c:24:13:9a:78:68:6f:
                    bc:1a:26:f1:dd:ff:2e:0a:f4:f7:15:b4:2d:66:89:
                    2d:d6:4d:8c:c5:a0:d9:b9:83:42:29:89:99:70:05:
                    ea:bb:8b:b2:43:ff:9c:51:07:f6:18:c8:c8:5a:bb:
                    11:1c:30:52:2a:57:8c:a4:a5:99:4c:9b:0b:a6:a9:
                    ae:08:59:7d:9f:71:24:27:ee:ae:57:65:37:39:ea:
                    a0:39:0e:84:ce:0e:82:cc:ae:93:04:4a:d8:c0:01:
                    9a:81:01:52:c8:c9:f3:39:6d:f4:7e:5f:be:14:7e:
                    81:c4:4d:4e:18:0f:d9:82:ee:d4:b9:78:c9:e7:a7:
                    d5:dc:d1:3f:b4:7c:17:2c:7a:cd:b5:4d:9b:6b:82:
                    ab:d7:c2:0a:43:a0:56:4e:ef:b3:01:7d:89:43:3f:
                    90:b0:bd:f2:1f:2a:9b:0b:ab:6a:ff:56:45:b0:e7:
                    8c:24:8f:2f:42:14:ab:bb:19:2e:f0:1d:00:59:d0:
                    aa:50:42:b1:79:ca:e6:9f:93:b5:c7:ff:27:2b:9e:
                    81:d6:e5:7c:3c:5b:40:08:37:97:81:e7:4c:2e:b7:
                    01:06:fc:d3:cf:50:6a:e6:7a:1a:87:31:ec:30:bb:
                    89:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:94:3F:A1:88:F8:83:6B:BE:F7:7C:5B:D6:B7:AE:2D:B2:32:E0:B7
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:18:8f:9c:d6:9c:45:7c:05:0c:e1:35:db:c9:af:07:3d:1c:
         c6:85:e5:d9:9b:9b:5d:59:27:ff:45:6e:69:f4:22:ab:75:17:
         1f:b2:91:ad:d2:54:c8:36:76:27:eb:1e:03:f6:61:e9:d9:31:
         72:b5:57:d9:94:3c:48:27:b8:21:47:ca:25:da:59:87:74:91:
         cf:15:c4:60:18:02:24:9f:73:59:c7:4a:70:8a:89:53:4e:c9:
         e6:69:8f:09:0c:74:49:fe:e7:43:ea:9b:6f:2c:ed:22:fa:3b:
         1e:26:11:3e:6f:a9:c5:a3:cf:cc:99:47:f5:dc:f5:ea:99:39:
         12:67:83:cb:75:b1:b9:b4:ff:e7:9a:ca:5a:26:0d:24:75:23:
         1d:70:ee:a2:d6:cb:8f:1a:06:48:23:09:03:ac:ef:66:78:9e:
         98:9a:ef:fe:19:06:a6:3c:ee:bf:83:18:7d:c5:92:a2:c6:8d:
         79:74:e5:fd:67:65:a3:c9:be:7a:c5:e4:a7:b9:14:22:0b:94:
         d6:ba:a5:07:bf:c4:9b:11:e0:0a:47:e6:42:85:0c:02:d3:c8:
         64:ef:00:b3:89:0a:59:d5:7b:f7:6d:30:d5:0c:30:18:3d:c3:
         e5:66:62:91:5d:fc:b5:3f:0d:91:64:cf:45:69:fe:01:8c:df:
         33:ef:37:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmH8GlskK/sgcdP9ZIJ0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwNjE0MDQwMDIyWhcNMjUwNjE1MDQwMDIyWjAzMTEwLwYDVQQD
Eyg2MDk0M2ZhMTg4Zjg4MzZiYmVmNzdjNWJkNmI3YWUyZGIyMzJlMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwc6CL0/ExPhG8YuVmqi8RhVdiNr
IYwkE5p4aG+8Gibx3f8uCvT3FbQtZokt1k2MxaDZuYNCKYmZcAXqu4uyQ/+cUQf2
GMjIWrsRHDBSKleMpKWZTJsLpqmuCFl9n3EkJ+6uV2U3OeqgOQ6Ezg6CzK6TBErY
wAGagQFSyMnzOW30fl++FH6BxE1OGA/Zgu7UuXjJ56fV3NE/tHwXLHrNtU2ba4Kr
18IKQ6BWTu+zAX2JQz+QsL3yHyqbC6tq/1ZFsOeMJI8vQhSruxku8B0AWdCqUEKx
ecrmn5O1x/8nK56B1uV8PFtACDeXgedMLrcBBvzTz1Bq5noahzHsMLuJGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCUP6GI+INrvvd8W9a3ri2yMuC3MB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgBiPnNac
RXwFDOE128mvBz0cxoXl2ZubXVkn/0VuafQiq3UXH7KRrdJUyDZ2J+seA/Zh6dkx
crVX2ZQ8SCe4IUfKJdpZh3SRzxXEYBgCJJ9zWcdKcIqJU07J5mmPCQx0Sf7nQ+qb
byztIvo7HiYRPm+pxaPPzJlH9dz16pk5EmeDy3WxubT/55rKWiYNJHUjHXDuotbL
jxoGSCMJA6zvZniemJrv/hkGpjzuv4MYfcWSosaNeXTl/Wdlo8m+esXkp7kUIguU
1rqlB7/EmxHgCkfmQoUMAtPIZO8As4kKWdV7920w1QwwGD3D5WZikV38tT8NkWTP
RWn+AYzfM+83pw==
-----END CERTIFICATE-----