Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          09RdVpy4YbbNxhbmirXyScrg+XapON7f3Cd3XSMC0OA=
Subject key identifier:   2E:A0:41:6B:9A:82:54:D0:7B:A4:72:D5:71:A3:99:94:83:35:CE:CE
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       0197500EC30799320692FBBA502673C16D2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          1485
Signing time:             Sun 08 Jun 2025 15:00:34 +0000
Manifest this update:     Sun 08 Jun 2025 15:00:34 +0000
Manifest next update:     Mon 09 Jun 2025 15:00:34 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: CUZ+OAt7nkQr4iLwV5OJRL+AJS4IJbvJr0/2sRHirw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:0e:c3:07:99:32:06:92:fb:ba:50:26:73:c1:6d:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Jun  8 15:00:34 2025 GMT
            Not After : Jun  9 15:00:34 2025 GMT
        Subject: CN=2ea0416b9a8254d07ba472d571a399948335cece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0e:06:97:a0:2c:db:b0:d4:6e:bc:29:91:07:
                    73:68:48:e2:01:dd:b4:4c:6f:72:34:2b:29:eb:05:
                    28:9f:52:53:0f:b1:f9:3b:f0:ee:00:78:24:17:6f:
                    68:0e:0e:af:51:4d:6f:39:c5:20:50:5d:38:59:f2:
                    f6:ad:57:bf:bd:77:15:0d:81:be:e2:2c:e1:12:e1:
                    25:cc:23:d5:d6:e9:c4:a2:fb:d7:b7:63:27:1a:d9:
                    6a:42:75:07:e7:c8:51:9c:5b:fb:86:fd:45:89:13:
                    6b:91:66:ed:70:94:76:c4:0c:d2:95:e3:cc:fd:b6:
                    c5:70:58:97:da:c3:0d:48:12:41:cc:0d:67:b6:c6:
                    cf:7f:f5:99:8b:c5:18:14:77:33:c1:30:8a:d4:50:
                    d9:74:e1:da:84:2e:78:be:86:f9:5f:ae:39:11:91:
                    6b:ed:eb:92:62:38:63:3e:5f:92:e6:90:f3:ed:f8:
                    7d:4a:9e:19:25:93:ce:2a:37:e4:b2:ef:e5:58:7e:
                    59:97:48:d2:17:4d:5f:01:79:ac:13:05:92:c1:ba:
                    70:1b:fb:2b:6b:e4:1e:b8:52:ba:5d:9d:c1:b5:b5:
                    9a:67:cd:21:2b:88:cb:ec:18:81:f5:b7:be:aa:d4:
                    af:5b:04:46:f9:8c:fc:d2:70:60:62:05:90:17:ae:
                    27:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:A0:41:6B:9A:82:54:D0:7B:A4:72:D5:71:A3:99:94:83:35:CE:CE
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:92:f0:ec:f3:86:5f:2c:11:14:7e:12:f9:6c:a4:f2:a7:f2:
         7c:a3:1a:91:6a:7c:3b:e6:b8:ec:b4:56:6b:b5:3f:51:f3:f6:
         6b:bc:62:66:9b:c2:53:eb:f1:ff:e9:8c:b5:9f:c4:74:27:0a:
         d8:f0:0e:96:91:61:9e:9b:6b:ec:2b:45:34:d7:47:c7:73:1b:
         58:82:49:9e:f7:97:81:ff:6e:67:61:1c:b4:bb:4f:41:a3:42:
         df:fa:74:93:4b:c0:71:01:2c:6a:31:84:12:24:69:44:f6:f9:
         04:6d:a9:d0:a1:32:a3:f9:d7:e3:cc:c6:2c:44:4a:64:30:35:
         c7:7b:37:79:46:1e:d0:bb:2a:ec:b4:52:26:70:79:0f:c2:0a:
         e9:7d:fe:cf:8e:36:fd:91:85:6a:1e:52:a6:f7:db:7c:40:b2:
         8d:e0:5c:b0:b5:cf:9a:e9:22:8e:34:a9:b5:66:61:12:bf:0f:
         f9:f2:c6:e1:0a:59:df:f2:e3:24:52:b8:54:e2:3b:09:31:7f:
         7c:68:36:fb:7b:c6:12:f7:fc:ec:ba:23:21:a5:74:97:ff:5f:
         8d:62:3c:98:80:ce:38:99:08:66:9a:9e:00:22:58:2e:d3:ae:
         20:57:7f:7a:25:8c:0a:e4:f7:d1:88:51:a5:96:dc:3b:69:8e:
         8b:ae:d2:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQDsMHmTIGkvu6UCZzwW0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNjA4MTUwMDM0WhcNMjUwNjA5MTUwMDM0WjAzMTEwLwYDVQQD
EygyZWEwNDE2YjlhODI1NGQwN2JhNDcyZDU3MWEzOTk5NDgzMzVjZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ4Gl6As27DUbrwpkQdzaEjiAd20
TG9yNCsp6wUon1JTD7H5O/DuAHgkF29oDg6vUU1vOcUgUF04WfL2rVe/vXcVDYG+
4izhEuElzCPV1unEovvXt2MnGtlqQnUH58hRnFv7hv1FiRNrkWbtcJR2xAzSlePM
/bbFcFiX2sMNSBJBzA1ntsbPf/WZi8UYFHczwTCK1FDZdOHahC54vob5X645EZFr
7euSYjhjPl+S5pDz7fh9Sp4ZJZPOKjfksu/lWH5Zl0jSF01fAXmsEwWSwbpwG/sr
a+QeuFK6XZ3BtbWaZ80hK4jL7BiB9be+qtSvWwRG+Yz80nBgYgWQF64nLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6gQWuaglTQe6Ry1XGjmZSDNc7OMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZLw7POG
XywRFH4S+Wyk8qfyfKMakWp8O+a47LRWa7U/UfP2a7xiZpvCU+vx/+mMtZ/EdCcK
2PAOlpFhnptr7CtFNNdHx3MbWIJJnveXgf9uZ2EctLtPQaNC3/p0k0vAcQEsajGE
EiRpRPb5BG2p0KEyo/nX48zGLERKZDA1x3s3eUYe0Lsq7LRSJnB5D8IK6X3+z442
/ZGFah5SpvfbfECyjeBcsLXPmukijjSptWZhEr8P+fLG4QpZ3/LjJFK4VOI7CTF/
fGg2+3vGEvf87LojIaV0l/9fjWI8mIDOOJkIZpqeACJYLtOuIFd/eiWMCuT30YhR
pZbcO2mOi67SZQ==
-----END CERTIFICATE-----