Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
File:                     vgMXYC-wyqOlEAaL2YnUba44TdI.mft (raw, json)
Hash identifier:          7NwrKuphsCMco5wxILlKPdiAJQEyzrGnROOXL0mXr0o=
Subject key identifier:   4D:06:82:43:EB:86:FF:B7:75:32:27:CB:10:5D:33:68:DA:15:6C:B4
Authority key identifier: BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2
Certificate issuer:       /CN=be0317602fb0caa3a510068bd989d46dae384dd2
Certificate serial:       0198CAC8EEC325724E29FD6763B654B14421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
Manifest number:          02B6
Signing time:             Thu 21 Aug 2025 04:00:22 +0000
Manifest this update:     Thu 21 Aug 2025 04:00:22 +0000
Manifest next update:     Fri 22 Aug 2025 04:00:22 +0000
Files and hashes:         1: vgMXYC-wyqOlEAaL2YnUba44TdI.crl (hash: 0UkCw8hcQVI1rMyygirt5aMiqn06mFpq9Lol5DTbudk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Aug 2025 04:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:ca:c8:ee:c3:25:72:4e:29:fd:67:63:b6:54:b1:44:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be0317602fb0caa3a510068bd989d46dae384dd2
        Validity
            Not Before: Aug 21 04:00:22 2025 GMT
            Not After : Aug 22 04:00:22 2025 GMT
        Subject: CN=4d068243eb86ffb7753227cb105d3368da156cb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d8:e2:a4:66:40:92:c7:fd:3d:52:f7:3b:30:
                    79:5b:78:24:1b:9f:9f:ef:8c:4f:fc:68:5c:11:71:
                    49:54:84:1d:91:eb:5d:2d:c1:76:4c:ca:4c:12:a8:
                    90:7c:de:7f:ee:a9:db:cc:fa:99:95:1e:f9:5b:ab:
                    9b:fb:1b:e5:4b:7d:bf:cb:66:3b:49:29:8d:ce:18:
                    33:bc:8b:bb:ba:f7:12:63:c1:55:07:d0:9d:61:94:
                    24:d7:a6:eb:e7:8d:1d:fe:4a:ab:b7:96:b1:80:7e:
                    ea:2f:a1:64:0e:9a:d3:04:ad:da:bd:d1:1f:9b:6f:
                    d1:67:79:99:e0:8a:ca:e9:00:ea:21:e5:41:18:79:
                    59:41:48:7d:56:5f:35:14:55:92:1b:a1:06:23:4b:
                    ec:8d:db:d3:b6:f9:2e:48:e5:d6:9c:82:46:5c:e0:
                    35:34:4b:a3:d4:1e:e8:03:7b:60:79:a3:ba:48:4d:
                    e9:a6:95:45:a1:1b:b8:e8:61:cd:72:60:6a:00:d2:
                    39:27:b8:9b:49:08:13:64:80:33:be:56:4e:0f:d8:
                    74:08:b9:1e:dd:cf:03:7e:7a:f9:3c:ef:06:ca:e8:
                    ca:54:de:4c:c3:2d:ee:cc:07:42:24:e7:0e:e3:59:
                    f4:1f:7b:8d:4d:0d:20:ec:0b:d8:71:24:a2:38:e1:
                    2e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:06:82:43:EB:86:FF:B7:75:32:27:CB:10:5D:33:68:DA:15:6C:B4
            X509v3 Authority Key Identifier:
                keyid:BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:fd:1c:ce:e9:e1:b4:80:5b:ae:65:d9:1a:14:14:81:c2:e2:
         92:85:0b:ca:06:71:ec:d5:c6:3e:f4:c4:56:00:e8:63:57:57:
         cc:62:b2:a6:26:3c:bb:63:5d:c9:b3:6a:61:42:d5:ae:ea:bd:
         c5:99:7b:0d:5e:ea:bc:4d:c8:fb:f2:1b:0c:94:ed:6c:b8:2a:
         6e:c2:53:9e:91:96:55:0e:fb:b2:66:64:e8:8e:11:39:b5:0e:
         be:ff:1c:cc:86:76:83:2c:de:4c:e2:88:7f:6a:1a:06:ce:67:
         95:0f:1e:db:cb:fd:ab:df:82:e8:aa:d9:31:c6:3b:81:14:c3:
         6b:00:6d:42:1a:e2:37:54:a1:b1:13:b7:db:1f:5c:6d:92:94:
         ad:bc:11:49:7c:f8:2f:81:5a:0a:14:e0:33:cd:e2:82:c3:a9:
         78:e6:2e:2a:3e:71:05:0f:65:b0:bc:ae:dd:53:bf:d8:09:5e:
         6d:05:2e:d0:91:33:e2:d6:38:63:27:9e:91:c4:05:92:f0:91:
         69:8c:36:21:69:93:96:a6:00:36:6f:b5:63:ee:f7:2a:7f:be:
         28:0d:1a:ff:bf:9c:a0:67:bf:96:ad:98:df:c7:de:d4:1f:9a:
         b3:56:30:ec:bb:cd:c3:9b:88:02:2e:db:54:27:7d:c8:76:16:
         2a:98:d0:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjKyO7DJXJOKf1nY7ZUsUQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMDMxNzYwMmZiMGNhYTNhNTEwMDY4YmQ5ODlkNDZkYWUz
ODRkZDIwHhcNMjUwODIxMDQwMDIyWhcNMjUwODIyMDQwMDIyWjAzMTEwLwYDVQQD
Eyg0ZDA2ODI0M2ViODZmZmI3NzUzMjI3Y2IxMDVkMzM2OGRhMTU2Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNjipGZAksf9PVL3OzB5W3gkG5+f
74xP/GhcEXFJVIQdketdLcF2TMpMEqiQfN5/7qnbzPqZlR75W6ub+xvlS32/y2Y7
SSmNzhgzvIu7uvcSY8FVB9CdYZQk16br540d/kqrt5axgH7qL6FkDprTBK3avdEf
m2/RZ3mZ4IrK6QDqIeVBGHlZQUh9Vl81FFWSG6EGI0vsjdvTtvkuSOXWnIJGXOA1
NEuj1B7oA3tgeaO6SE3pppVFoRu46GHNcmBqANI5J7ibSQgTZIAzvlZOD9h0CLke
3c8Dfnr5PO8GyujKVN5Mwy3uzAdCJOcO41n0H3uNTQ0g7AvYcSSiOOEuAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0GgkPrhv+3dTInyxBdM2jaFWy0MB8GA1UdIwQY
MBaAFL4DF2AvsMqjpRAGi9mJ1G2uOE3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUt
MTRhYWVhMjA4ZjI1LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUtMTRhYWVhMjA4ZjI1
LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALv0czunh
tIBbrmXZGhQUgcLikoULygZx7NXGPvTEVgDoY1dXzGKypiY8u2NdybNqYULVruq9
xZl7DV7qvE3I+/IbDJTtbLgqbsJTnpGWVQ77smZk6I4RObUOvv8czIZ2gyzeTOKI
f2oaBs5nlQ8e28v9q9+C6KrZMcY7gRTDawBtQhriN1ShsRO32x9cbZKUrbwRSXz4
L4FaChTgM83igsOpeOYuKj5xBQ9lsLyu3VO/2AlebQUu0JEz4tY4YyeekcQFkvCR
aYw2IWmTlqYANm+1Y+73Kn++KA0a/7+coGe/lq2Y38fe1B+as1Yw7LvNw5uIAi7b
VCd9yHYWKpjQ9A==
-----END CERTIFICATE-----