Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          PPoRLGVhcEis3yO2iAwO1AyXO847q0nprOdYjsWFRT0=
Subject key identifier:   B8:8E:21:7D:68:A3:40:76:EC:B1:D6:2D:49:98:1D:11:42:A8:9F:BF
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       019A71B922E108A84790D49750C247A7C315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          1624
Signing time:             Tue 11 Nov 2025 07:02:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:29 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: J97FksCLsNV/m9NQ+HKbqKGm+2zk37QCDBXpQgVscOU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:22:e1:08:a8:47:90:d4:97:50:c2:47:a7:c3:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Nov 11 07:02:29 2025 GMT
            Not After : Nov 12 07:02:29 2025 GMT
        Subject: CN=b88e217d68a34076ecb1d62d49981d1142a89fbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b0:15:8f:e7:6e:1d:4f:49:84:62:ac:00:06:
                    f9:9b:d1:c8:c4:79:f8:e1:39:0d:aa:07:52:16:6c:
                    e2:7b:b6:26:13:c8:7b:e2:4d:f9:65:9c:91:8f:79:
                    73:ae:cb:4d:9d:ab:42:8f:f4:15:76:f0:ff:72:50:
                    68:74:a4:11:47:b6:64:06:31:f9:71:ce:d8:9a:b8:
                    25:74:3a:5b:b8:69:a4:30:62:99:05:0f:22:67:81:
                    d5:70:d7:5b:1f:20:64:13:da:83:9e:f7:73:0b:ee:
                    96:33:b7:95:ff:7a:53:ff:d8:8d:83:89:da:8e:6a:
                    87:1e:6b:c3:2c:33:4b:d7:19:ab:81:d5:dc:8e:65:
                    fc:72:22:3b:d3:f0:93:92:31:6c:ef:6b:48:d6:f3:
                    8c:09:c1:23:df:b9:90:cd:0d:2d:0d:3a:df:5d:86:
                    9c:d0:05:fb:b2:fa:2a:9c:26:c4:41:fc:b4:1d:69:
                    15:8e:f5:10:ac:a4:04:fc:d4:8c:f4:f6:8b:35:40:
                    21:00:01:f3:d4:28:f3:53:a7:ec:21:0e:8e:ef:f0:
                    96:eb:63:41:1a:16:93:be:62:7a:73:38:14:fb:6d:
                    d1:b8:67:93:71:0a:36:65:e2:ef:a6:1e:88:7c:dc:
                    27:61:12:45:d5:72:44:ee:9f:1e:43:c2:ae:74:30:
                    78:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:8E:21:7D:68:A3:40:76:EC:B1:D6:2D:49:98:1D:11:42:A8:9F:BF
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:72:b2:6a:37:a2:7f:91:8c:61:e9:ed:ee:b9:50:1a:7b:2e:
         f1:97:ba:7c:3e:9d:ea:98:7e:ce:a7:f2:24:b9:04:6e:13:19:
         f2:fb:70:1d:2f:08:43:93:18:8b:bd:41:71:f1:7c:37:08:7f:
         a8:d5:41:2e:a4:9e:3e:9e:c8:c4:db:96:f8:78:e5:ef:ab:01:
         88:0e:58:bd:ca:da:c1:19:ee:68:1c:6f:7d:97:f4:b2:b4:76:
         b1:14:7b:86:46:4d:e7:da:6f:12:be:56:3e:92:4e:39:1a:0e:
         44:be:51:7d:e2:af:a4:57:a0:53:e0:8d:ed:cb:68:74:27:53:
         6c:e7:42:6f:e8:e4:1a:08:60:d3:89:1a:7c:bb:2b:04:c8:a4:
         84:dd:23:e6:7b:26:71:73:de:85:05:0c:e3:c5:9e:0f:8d:0a:
         43:d6:c1:ae:9d:e7:40:3e:68:7f:85:bf:d8:22:0e:cb:f1:55:
         e7:74:4b:b2:6e:60:db:93:87:77:5e:9b:63:40:92:29:c6:57:
         c3:de:99:78:01:b2:d4:f5:3e:22:13:18:01:51:9c:f5:bd:5a:
         d8:ed:27:1e:29:32:47:7b:8a:99:8f:76:ac:24:24:d3:61:85:
         3d:97:b9:69:be:43:06:60:9d:e0:d9:24:04:09:9a:c6:5e:1d:
         91:02:d4:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSLhCKhHkNSXUMJHp8MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUxMTExMDcwMjI5WhcNMjUxMTEyMDcwMjI5WjAzMTEwLwYDVQQD
EyhiODhlMjE3ZDY4YTM0MDc2ZWNiMWQ2MmQ0OTk4MWQxMTQyYTg5ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLAVj+duHU9JhGKsAAb5m9HIxHn4
4TkNqgdSFmzie7YmE8h74k35ZZyRj3lzrstNnatCj/QVdvD/clBodKQRR7ZkBjH5
cc7YmrgldDpbuGmkMGKZBQ8iZ4HVcNdbHyBkE9qDnvdzC+6WM7eV/3pT/9iNg4na
jmqHHmvDLDNL1xmrgdXcjmX8ciI70/CTkjFs72tI1vOMCcEj37mQzQ0tDTrfXYac
0AX7svoqnCbEQfy0HWkVjvUQrKQE/NSM9PaLNUAhAAHz1CjzU6fsIQ6O7/CW62NB
GhaTvmJ6czgU+23RuGeTcQo2ZeLvph6IfNwnYRJF1XJE7p8eQ8KudDB4DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiOIX1oo0B27LHWLUmYHRFCqJ+/MB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIHKyajei
f5GMYent7rlQGnsu8Ze6fD6d6ph+zqfyJLkEbhMZ8vtwHS8IQ5MYi71BcfF8Nwh/
qNVBLqSePp7IxNuW+Hjl76sBiA5YvcrawRnuaBxvfZf0srR2sRR7hkZN59pvEr5W
PpJOORoORL5RfeKvpFegU+CN7ctodCdTbOdCb+jkGghg04kafLsrBMikhN0j5nsm
cXPehQUM48WeD40KQ9bBrp3nQD5of4W/2CIOy/FV53RLsm5g25OHd16bY0CSKcZX
w96ZeAGy1PU+IhMYAVGc9b1a2O0nHikyR3uKmY92rCQk02GFPZe5ab5DBmCd4Nkk
BAmaxl4dkQLUGA==
-----END CERTIFICATE-----