Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          xW/FlXbT8qEo1vt3occsbSo/iDxsWe7LNgGtAtCyec0=
Subject key identifier:   B8:97:6A:93:F0:58:84:1E:B9:B7:9D:31:E4:90:0E:91:45:62:D5:71
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       0196496A8914C4F2590ED8E8C5EA250B3A19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          13FD
Signing time:             Fri 18 Apr 2025 15:00:40 +0000
Manifest this update:     Fri 18 Apr 2025 15:00:40 +0000
Manifest next update:     Sat 19 Apr 2025 15:00:40 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: u1y9wGgVC9gidbjEh2075GM4taD0keAMWRZqp5qlXRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 14:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:6a:89:14:c4:f2:59:0e:d8:e8:c5:ea:25:0b:3a:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Apr 18 15:00:40 2025 GMT
            Not After : Apr 19 15:00:40 2025 GMT
        Subject: CN=b8976a93f058841eb9b79d31e4900e914562d571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:30:53:b7:58:11:88:df:1a:0f:10:cb:42:73:
                    a5:55:f4:64:ef:37:24:90:dd:63:be:19:30:08:e1:
                    38:d4:5f:1c:58:a6:aa:9e:6e:60:b9:61:17:db:a7:
                    5b:c7:43:b3:4b:71:22:55:f4:01:18:03:b9:7d:06:
                    b5:1e:3b:91:33:f4:2c:e1:1e:85:9a:ae:bd:1d:d1:
                    fe:f6:c2:9e:56:cd:0b:27:4c:18:cc:dc:40:41:56:
                    e0:6a:a3:40:f8:f0:7b:ec:1d:54:24:f9:07:67:26:
                    5c:01:31:01:36:61:04:8b:94:b0:05:3a:ca:40:e4:
                    74:c6:09:29:7a:1a:44:b8:72:3b:8a:00:1e:e2:a8:
                    ff:3b:4c:e5:5b:89:f7:ef:ed:f8:d8:9c:be:99:f4:
                    e3:c7:87:43:b8:ad:bc:9a:2a:5a:91:e9:09:2c:04:
                    cf:b1:df:66:6a:21:3c:5c:56:d4:03:b8:0e:ba:ed:
                    b6:45:65:f4:a2:9d:67:f2:24:4e:35:79:fd:f5:46:
                    d1:26:33:c1:aa:93:04:cf:81:82:f4:27:59:e1:30:
                    d1:ba:35:64:e2:55:a3:82:2e:17:5b:9a:c0:16:cc:
                    9f:8c:55:55:aa:16:e2:3b:15:8b:34:58:ab:b1:95:
                    20:e5:6c:68:f9:32:b7:5c:b1:71:ac:5d:e6:d7:61:
                    e6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:97:6A:93:F0:58:84:1E:B9:B7:9D:31:E4:90:0E:91:45:62:D5:71
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:3a:cd:06:55:c2:ac:15:19:9a:16:a5:21:e2:30:9b:2a:30:
         ee:32:95:3f:03:34:98:a6:57:5f:d4:b3:40:58:a8:f3:b4:cf:
         89:c0:fa:96:f2:c1:c9:82:93:ef:75:54:e3:07:d6:19:c3:60:
         11:d3:61:bb:68:d2:77:c1:be:fb:c4:42:e2:90:ad:25:96:df:
         95:40:5c:bb:42:35:9d:c8:8d:fb:7d:8e:65:e5:90:22:61:73:
         87:ae:1a:e8:a2:74:28:c3:e9:5d:82:37:42:52:43:0b:fe:ab:
         85:55:cd:a9:d2:db:ce:b2:12:00:f6:64:d9:b9:f0:dd:17:bb:
         89:57:0e:5e:6c:39:80:1c:d6:60:67:b1:a6:e7:b2:c0:5a:f4:
         d9:25:53:73:1b:77:41:6a:d0:6a:98:ac:ba:bb:f1:51:9c:28:
         f6:52:14:e2:11:71:41:f4:6f:6a:e5:78:85:e7:82:94:bf:d6:
         46:f9:d4:1c:78:3f:17:65:df:43:83:d2:66:f9:1f:2a:92:0e:
         00:64:0a:d3:ed:0e:31:2a:5a:c8:cb:b2:c2:c0:31:b3:17:7e:
         45:04:91:c7:ad:52:59:68:a9:4c:d2:41:3e:14:40:41:7d:71:
         a4:70:13:8b:81:05:13:14:cf:8b:76:41:77:79:70:e9:e7:5e:
         e2:c4:a1:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJaokUxPJZDtjoxeolCzoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNDE4MTUwMDQwWhcNMjUwNDE5MTUwMDQwWjAzMTEwLwYDVQQD
EyhiODk3NmE5M2YwNTg4NDFlYjliNzlkMzFlNDkwMGU5MTQ1NjJkNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjBTt1gRiN8aDxDLQnOlVfRk7zck
kN1jvhkwCOE41F8cWKaqnm5guWEX26dbx0OzS3EiVfQBGAO5fQa1HjuRM/Qs4R6F
mq69HdH+9sKeVs0LJ0wYzNxAQVbgaqNA+PB77B1UJPkHZyZcATEBNmEEi5SwBTrK
QOR0xgkpehpEuHI7igAe4qj/O0zlW4n37+342Jy+mfTjx4dDuK28mipakekJLATP
sd9maiE8XFbUA7gOuu22RWX0op1n8iRONXn99UbRJjPBqpMEz4GC9CdZ4TDRujVk
4lWjgi4XW5rAFsyfjFVVqhbiOxWLNFirsZUg5Wxo+TK3XLFxrF3m12HmVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiXapPwWIQeubedMeSQDpFFYtVxMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzrNBlXC
rBUZmhalIeIwmyow7jKVPwM0mKZXX9SzQFio87TPicD6lvLByYKT73VU4wfWGcNg
EdNhu2jSd8G++8RC4pCtJZbflUBcu0I1nciN+32OZeWQImFzh64a6KJ0KMPpXYI3
QlJDC/6rhVXNqdLbzrISAPZk2bnw3Re7iVcOXmw5gBzWYGexpueywFr02SVTcxt3
QWrQapisurvxUZwo9lIU4hFxQfRvauV4heeClL/WRvnUHHg/F2XfQ4PSZvkfKpIO
AGQK0+0OMSpayMuywsAxsxd+RQSRx61SWWipTNJBPhRAQX1xpHATi4EFExTPi3ZB
d3lw6ede4sShDQ==
-----END CERTIFICATE-----