Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          hDx1JB+ZlBtYptOZ+JMjL7/+ZTGRMPMWRbo+tAy7B6g=
Subject key identifier:   52:4D:2D:5A:9E:EF:74:10:69:FC:5F:3E:9A:8E:C9:0A:17:53:3B:76
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       0197556C7C165FA8A30E13E978DA3DB781B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          090D
Signing time:             Mon 09 Jun 2025 16:01:02 +0000
Manifest this update:     Mon 09 Jun 2025 16:01:02 +0000
Manifest next update:     Tue 10 Jun 2025 16:01:02 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: 7qQAwYQbK/LaTePbpIeOAwC8AocF/0jcZbq+Xx1rSwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:6c:7c:16:5f:a8:a3:0e:13:e9:78:da:3d:b7:81:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Jun  9 16:01:02 2025 GMT
            Not After : Jun 10 16:01:02 2025 GMT
        Subject: CN=524d2d5a9eef741069fc5f3e9a8ec90a17533b76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1b:fc:dc:a6:b5:ad:29:9d:07:15:f3:34:ad:
                    0f:bb:be:b1:d2:bf:8b:b1:f1:2d:91:e7:c5:cd:b1:
                    9c:44:70:f5:74:4a:e9:28:c6:89:a7:bd:46:8f:29:
                    10:2e:7e:ae:d1:f2:01:cc:14:c6:82:9b:b3:aa:f2:
                    9d:bd:74:b8:02:54:92:3d:fa:30:da:6c:e4:ab:95:
                    16:cd:a0:25:73:c3:be:75:35:8d:2c:c9:d4:79:81:
                    72:08:dc:70:5f:1e:7f:c4:eb:20:be:6b:b7:9b:e7:
                    37:eb:55:33:65:62:44:71:d4:12:0d:c1:9e:24:23:
                    5e:b4:48:b6:b6:ea:62:9a:07:c3:fb:e8:87:0c:7b:
                    ee:e2:e8:cc:51:9e:49:84:70:eb:4e:d3:cf:d3:d3:
                    15:5a:7d:f0:1f:74:a6:9b:3c:5b:84:1d:2d:86:48:
                    c1:3b:32:c3:d6:48:fe:82:f6:27:e1:aa:08:50:90:
                    b9:34:9b:03:d5:d3:df:26:ef:d8:7d:dd:cf:53:f2:
                    c0:dd:4c:94:b4:c6:51:ae:61:a1:c5:8d:bc:03:1e:
                    d5:74:25:89:5e:75:1b:06:21:55:4e:96:4c:15:3a:
                    a2:43:2c:94:f7:97:18:25:3e:a3:cb:5d:1f:34:87:
                    b8:31:b2:3f:9f:fe:73:92:e3:cd:41:1f:d5:47:9e:
                    4d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:4D:2D:5A:9E:EF:74:10:69:FC:5F:3E:9A:8E:C9:0A:17:53:3B:76
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:56:39:47:8a:c5:a1:35:32:d9:cf:79:bc:23:80:13:64:37:
         36:06:fc:e4:95:9d:5b:03:4b:cc:71:2a:e1:12:83:1e:9c:22:
         38:36:e3:29:49:d5:24:93:a3:83:a6:27:fd:a2:16:d7:31:23:
         80:89:46:8d:6b:d9:c4:13:94:73:f9:18:27:a5:ca:3e:ca:82:
         52:ee:8a:a2:17:9c:b0:f9:ad:20:b7:0c:41:dc:08:4e:ff:ed:
         9f:a4:6f:5d:80:22:d3:33:f1:6b:e9:e8:7f:83:e6:f4:64:52:
         4f:4d:17:1f:57:8b:31:58:ac:b4:42:1d:57:8c:7d:6d:72:0d:
         2c:ec:c7:61:50:ca:a0:8b:16:6b:4e:ff:0f:02:fa:28:a9:8d:
         29:85:b7:f0:16:89:85:6d:ac:ce:a5:dd:57:01:dd:b0:79:b9:
         48:af:e9:12:96:03:8f:d3:42:44:ef:cc:78:fb:a4:d3:69:8a:
         ee:74:4c:eb:48:bc:9a:d2:98:50:ca:e4:a7:9b:25:07:ef:f3:
         b0:e7:f6:e5:bd:1b:18:18:65:32:40:ca:42:18:7d:2a:96:54:
         a3:0c:fb:65:e2:f3:c6:d4:1c:6e:d3:d3:a5:e8:bb:c5:54:df:
         6f:9a:97:4e:5c:5a:56:1f:d2:1d:41:d2:c4:13:80:a3:3f:bb:
         27:5b:d8:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVbHwWX6ijDhPpeNo9t4G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwNjA5MTYwMTAyWhcNMjUwNjEwMTYwMTAyWjAzMTEwLwYDVQQD
Eyg1MjRkMmQ1YTllZWY3NDEwNjlmYzVmM2U5YThlYzkwYTE3NTMzYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBv83Ka1rSmdBxXzNK0Pu76x0r+L
sfEtkefFzbGcRHD1dErpKMaJp71GjykQLn6u0fIBzBTGgpuzqvKdvXS4AlSSPfow
2mzkq5UWzaAlc8O+dTWNLMnUeYFyCNxwXx5/xOsgvmu3m+c361UzZWJEcdQSDcGe
JCNetEi2tupimgfD++iHDHvu4ujMUZ5JhHDrTtPP09MVWn3wH3SmmzxbhB0thkjB
OzLD1kj+gvYn4aoIUJC5NJsD1dPfJu/Yfd3PU/LA3UyUtMZRrmGhxY28Ax7VdCWJ
XnUbBiFVTpZMFTqiQyyU95cYJT6jy10fNIe4MbI/n/5zkuPNQR/VR55NkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJNLVqe73QQafxfPpqOyQoXUzt2MB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVY5R4rF
oTUy2c95vCOAE2Q3Ngb85JWdWwNLzHEq4RKDHpwiODbjKUnVJJOjg6Yn/aIW1zEj
gIlGjWvZxBOUc/kYJ6XKPsqCUu6KohecsPmtILcMQdwITv/tn6RvXYAi0zPxa+no
f4Pm9GRST00XH1eLMVistEIdV4x9bXINLOzHYVDKoIsWa07/DwL6KKmNKYW38BaJ
hW2szqXdVwHdsHm5SK/pEpYDj9NCRO/MePuk02mK7nRM60i8mtKYUMrkp5slB+/z
sOf25b0bGBhlMkDKQhh9KpZUowz7ZeLzxtQcbtPTpei7xVTfb5qXTlxaVh/SHUHS
xBOAoz+7J1vYXQ==
-----END CERTIFICATE-----