Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
File:                     vgMXYC-wyqOlEAaL2YnUba44TdI.mft (raw, json)
Hash identifier:          OoDJlwNKOXAM7U30UzCxOUfjO0D2f08d8NHjWIX7/iw=
Subject key identifier:   9C:B0:10:6A:40:35:B5:B4:F5:EC:BD:E5:B1:DB:28:28:41:88:11:07
Authority key identifier: BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2
Certificate issuer:       /CN=be0317602fb0caa3a510068bd989d46dae384dd2
Certificate serial:       01975046756B502D095265EC5E901DDBB1B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
Manifest number:          01F2
Signing time:             Sun 08 Jun 2025 16:01:24 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:24 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:24 +0000
Files and hashes:         1: vgMXYC-wyqOlEAaL2YnUba44TdI.crl (hash: 46+w7ZsMJW1tEV830WjLgt46ESkeH5cmDtH2Wo81AsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:75:6b:50:2d:09:52:65:ec:5e:90:1d:db:b1:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be0317602fb0caa3a510068bd989d46dae384dd2
        Validity
            Not Before: Jun  8 16:01:24 2025 GMT
            Not After : Jun  9 16:01:24 2025 GMT
        Subject: CN=9cb0106a4035b5b4f5ecbde5b1db282841881107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4d:0a:53:86:64:fb:8d:c2:cd:21:56:ca:cb:
                    fa:c4:9d:3b:5e:e5:06:6e:44:1c:e6:a2:7f:5c:1a:
                    54:03:c9:75:af:2b:fd:83:85:c9:1f:f7:0e:69:18:
                    d2:fd:83:e4:da:94:1d:7f:db:e2:b0:e0:7b:14:78:
                    d3:dc:31:2e:e7:03:06:aa:5e:20:c5:cb:41:a2:b7:
                    f1:e4:34:05:49:a7:fb:14:05:96:6d:75:cc:1d:d0:
                    53:c4:17:c6:20:1a:fe:37:e9:ed:9c:01:b2:ce:5c:
                    3a:75:71:96:c3:f8:d3:55:57:39:43:25:ef:92:1c:
                    5c:df:1f:f5:7a:37:b1:93:13:54:7d:c5:97:c7:28:
                    95:09:7e:4b:b5:2d:5a:63:58:85:01:52:12:2f:d9:
                    5e:5b:43:da:6d:9f:ef:ec:68:b8:eb:97:2a:a0:af:
                    48:38:0a:d0:ec:64:48:1f:dc:96:c7:44:71:43:26:
                    3c:97:f3:7d:d4:92:f9:db:e0:4e:36:a1:b4:77:e5:
                    6e:bf:cc:e9:1f:00:89:b7:05:48:2c:6b:89:80:d1:
                    39:fc:8a:1b:58:04:da:de:b6:f0:2f:f9:e1:95:a7:
                    b3:00:9d:55:92:d8:6a:3c:df:c1:b5:a6:1e:55:e9:
                    11:5f:82:39:28:cc:81:b0:60:29:6e:be:7a:ea:5f:
                    20:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B0:10:6A:40:35:B5:B4:F5:EC:BD:E5:B1:DB:28:28:41:88:11:07
            X509v3 Authority Key Identifier:
                keyid:BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:ad:d5:b1:dc:2f:ac:a2:36:fd:09:1f:ba:61:cc:ab:fa:82:
         66:2e:d6:ff:07:41:3f:f9:72:0d:b8:5b:87:d5:a7:b9:39:22:
         95:0a:31:c5:f0:4c:94:47:e1:07:0e:3e:78:0f:60:dc:d5:d8:
         f6:29:f5:81:d8:e6:b5:cc:b0:67:f2:29:70:67:b9:76:87:47:
         39:14:7a:e1:b6:eb:cd:d5:f5:32:86:eb:4f:bb:cf:88:18:7d:
         92:7a:63:3c:b5:8c:f7:63:a9:a5:4a:ce:6b:14:ea:7a:f5:d9:
         02:04:67:6e:70:b1:f3:e1:dc:9a:18:a7:77:45:44:dc:0a:51:
         1f:39:04:0f:76:c1:85:74:50:c2:04:4e:d9:47:9d:47:76:bd:
         48:cd:10:06:84:f6:4c:c5:29:7f:0a:2b:f3:94:5a:9f:42:5f:
         65:81:ae:57:71:65:de:8f:2c:5c:fe:15:48:bb:62:14:80:4d:
         f7:d5:02:a7:8f:d6:a1:4c:bc:98:81:85:5b:b5:ef:77:19:d9:
         98:77:3d:da:05:8d:34:3a:e6:ca:03:b5:39:93:f5:70:60:08:
         24:82:18:67:6b:c2:ac:1a:2f:4c:67:6c:9c:2f:f8:87:72:a0:
         62:da:4f:69:d7:8d:d7:b4:5d:47:e7:40:b5:61:d5:58:ed:73:
         ee:42:a3:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRnVrUC0JUmXsXpAd27GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMDMxNzYwMmZiMGNhYTNhNTEwMDY4YmQ5ODlkNDZkYWUz
ODRkZDIwHhcNMjUwNjA4MTYwMTI0WhcNMjUwNjA5MTYwMTI0WjAzMTEwLwYDVQQD
Eyg5Y2IwMTA2YTQwMzViNWI0ZjVlY2JkZTViMWRiMjgyODQxODgxMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk0KU4Zk+43CzSFWysv6xJ07XuUG
bkQc5qJ/XBpUA8l1ryv9g4XJH/cOaRjS/YPk2pQdf9visOB7FHjT3DEu5wMGql4g
xctBorfx5DQFSaf7FAWWbXXMHdBTxBfGIBr+N+ntnAGyzlw6dXGWw/jTVVc5QyXv
khxc3x/1ejexkxNUfcWXxyiVCX5LtS1aY1iFAVISL9leW0PabZ/v7Gi465cqoK9I
OArQ7GRIH9yWx0RxQyY8l/N91JL52+BONqG0d+Vuv8zpHwCJtwVILGuJgNE5/Iob
WATa3rbwL/nhlaezAJ1VkthqPN/BtaYeVekRX4I5KMyBsGApbr566l8gIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJywEGpANbW09ey95bHbKChBiBEHMB8GA1UdIwQY
MBaAFL4DF2AvsMqjpRAGi9mJ1G2uOE3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUt
MTRhYWVhMjA4ZjI1LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUtMTRhYWVhMjA4ZjI1
LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO63Vsdwv
rKI2/QkfumHMq/qCZi7W/wdBP/lyDbhbh9WnuTkilQoxxfBMlEfhBw4+eA9g3NXY
9in1gdjmtcywZ/IpcGe5dodHORR64bbrzdX1MobrT7vPiBh9knpjPLWM92OppUrO
axTqevXZAgRnbnCx8+Hcmhind0VE3ApRHzkED3bBhXRQwgRO2UedR3a9SM0QBoT2
TMUpfwor85Ran0JfZYGuV3Fl3o8sXP4VSLtiFIBN99UCp4/WoUy8mIGFW7XvdxnZ
mHc92gWNNDrmygO1OZP1cGAIJIIYZ2vCrBovTGdsnC/4h3KgYtpPadeN17RdR+dA
tWHVWO1z7kKjOA==
-----END CERTIFICATE-----