Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
File:                     VRDNubrguTLHmin42XktMJ9617c.mft (raw, json)
Hash identifier:          jXJpiqO/Ii1XNVJCJaAdhCDtwtEBd8XI/RbFtTUGhno=
Subject key identifier:   F8:78:06:45:5A:83:68:73:C9:34:C0:B4:D5:87:86:13:9F:1D:2B:92
Authority key identifier: 55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7
Certificate issuer:       /CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
Certificate serial:       019A71EEAFB2DD5488B70FC00892B16B5B85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
Manifest number:          03C5
Signing time:             Tue 11 Nov 2025 08:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:59 +0000
Files and hashes:         1: VRDNubrguTLHmin42XktMJ9617c.crl (hash: Mpn96XR0cAylv6RQQ24Uclv+lECkfz3FCa9G3R9xtIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:af:b2:dd:54:88:b7:0f:c0:08:92:b1:6b:5b:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
        Validity
            Not Before: Nov 11 08:00:59 2025 GMT
            Not After : Nov 12 08:00:59 2025 GMT
        Subject: CN=f87806455a836873c934c0b4d58786139f1d2b92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9f:95:34:9e:91:74:ea:a8:26:98:ff:57:29:
                    a3:b6:ec:e4:87:8b:09:60:ec:64:05:48:6b:99:e8:
                    1a:8f:ad:5f:1c:bb:ed:fc:a4:c9:63:58:94:d7:67:
                    be:64:2d:1e:c9:61:fe:81:23:cb:bd:fe:42:7f:2a:
                    29:8f:38:29:23:10:8c:67:f7:f4:c4:c3:10:d2:b5:
                    7e:1d:c2:cc:c7:08:06:c0:6d:61:d2:3e:c5:27:9b:
                    14:34:d9:5d:eb:f9:ea:60:2d:73:c0:65:a8:a7:31:
                    ee:d9:b8:96:1f:fb:cd:aa:30:a0:c2:96:c6:61:39:
                    33:82:e2:ae:09:14:d4:50:e8:66:b6:41:31:e7:d8:
                    df:29:e4:f9:43:ff:d7:fc:6f:5c:c3:90:f7:1c:ed:
                    4a:2f:45:22:6a:43:62:4d:8e:df:26:de:31:a5:9f:
                    0a:2f:33:30:d4:70:da:b3:d4:5a:92:7f:31:87:4a:
                    49:f6:3a:c1:69:8c:f5:2d:8d:d7:ab:51:5e:dd:39:
                    a1:16:71:63:8c:de:eb:86:b1:51:a7:7c:25:98:f3:
                    36:b6:8c:2b:3a:74:94:8f:f6:d9:14:89:05:e3:fc:
                    7a:df:8b:c3:17:67:eb:a7:da:a1:d5:00:f1:12:85:
                    d9:f3:25:22:89:68:ec:9e:52:fe:0d:12:70:c2:d8:
                    e3:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:78:06:45:5A:83:68:73:C9:34:C0:B4:D5:87:86:13:9F:1D:2B:92
            X509v3 Authority Key Identifier:
                keyid:55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:3b:f6:5d:48:dc:13:e4:97:d0:95:74:e8:5c:d4:29:ff:c3:
         39:4b:c7:04:c4:2d:93:65:e9:2d:33:86:4a:07:93:5d:47:ff:
         07:29:71:7f:02:04:6b:9f:fa:5f:e0:37:07:f6:41:ec:4a:0f:
         da:1f:47:c6:e7:80:71:73:e0:4c:6f:a9:a9:c0:9f:a8:a6:ee:
         d2:e0:ae:f0:36:04:52:8f:94:c2:63:fb:f9:c6:f1:12:7c:05:
         23:ee:11:0d:aa:aa:95:d4:a3:6a:f6:11:ce:3d:62:5f:0e:f5:
         78:cf:84:d8:b2:7d:a6:05:c5:f1:ad:ed:d8:55:1f:74:ca:dc:
         76:00:58:b9:3e:9b:18:1c:13:90:e8:60:02:b1:08:5a:35:05:
         7b:8d:d3:3e:18:30:54:88:90:76:9e:83:52:45:44:5a:a3:54:
         49:e2:c5:c3:0d:44:de:02:c0:13:9f:64:16:fd:c8:21:35:93:
         35:62:25:13:43:bf:d2:e1:e7:29:1c:64:bd:e5:1b:dc:42:86:
         05:10:96:15:d8:d1:a5:a6:4c:d1:58:db:35:95:d7:7b:3b:da:
         35:b3:4c:7c:29:1e:64:78:c7:a3:77:e2:34:05:80:2e:e0:c2:
         3a:f3:6b:5c:37:ac:d3:62:5c:b0:90:11:e9:a7:89:ae:b1:e1:
         41:72:26:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q+y3VSItw/ACJKxa1uFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MTBjZGI5YmFlMGI5MzJjNzlhMjlmOGQ5NzkyZDMwOWY3
YWQ3YjcwHhcNMjUxMTExMDgwMDU5WhcNMjUxMTEyMDgwMDU5WjAzMTEwLwYDVQQD
EyhmODc4MDY0NTVhODM2ODczYzkzNGMwYjRkNTg3ODYxMzlmMWQyYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp+VNJ6RdOqoJpj/Vymjtuzkh4sJ
YOxkBUhrmegaj61fHLvt/KTJY1iU12e+ZC0eyWH+gSPLvf5CfyopjzgpIxCMZ/f0
xMMQ0rV+HcLMxwgGwG1h0j7FJ5sUNNld6/nqYC1zwGWopzHu2biWH/vNqjCgwpbG
YTkzguKuCRTUUOhmtkEx59jfKeT5Q//X/G9cw5D3HO1KL0UiakNiTY7fJt4xpZ8K
LzMw1HDas9Rakn8xh0pJ9jrBaYz1LY3Xq1Fe3TmhFnFjjN7rhrFRp3wlmPM2towr
OnSUj/bZFIkF4/x634vDF2frp9qh1QDxEoXZ8yUiiWjsnlL+DRJwwtjjZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPh4BkVag2hzyTTAtNWHhhOfHSuSMB8GA1UdIwQY
MBaAFFUQzbm64Lkyx5op+Nl5LTCfete3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQt
ZGY1OTAyMDEzY2RmLzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQtZGY1OTAyMDEzY2Rm
LzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDv2XUjc
E+SX0JV06FzUKf/DOUvHBMQtk2XpLTOGSgeTXUf/BylxfwIEa5/6X+A3B/ZB7EoP
2h9HxueAcXPgTG+pqcCfqKbu0uCu8DYEUo+UwmP7+cbxEnwFI+4RDaqqldSjavYR
zj1iXw71eM+E2LJ9pgXF8a3t2FUfdMrcdgBYuT6bGBwTkOhgArEIWjUFe43TPhgw
VIiQdp6DUkVEWqNUSeLFww1E3gLAE59kFv3IITWTNWIlE0O/0uHnKRxkveUb3EKG
BRCWFdjRpaZM0VjbNZXXezvaNbNMfCkeZHjHo3fiNAWALuDCOvNrXDes02JcsJAR
6aeJrrHhQXImqw==
-----END CERTIFICATE-----