Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
File:                     vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft (raw, json)
Hash identifier:          YnFQd649RwJr3oUb9rhhYYdFsTYwWdtVvP7mDfx5T+U=
Subject key identifier:   FF:56:F3:26:8E:DC:D1:A3:70:02:FC:4F:60:A4:87:DA:46:CE:2A:02
Authority key identifier: BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD
Certificate issuer:       /CN=be5539afe925db80b415efb14c631b2d82c8cedd
Certificate serial:       01974931103010D9DCE37A140960BF1C0C87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
Manifest number:          0159
Signing time:             Sat 07 Jun 2025 07:00:41 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:41 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:41 +0000
Files and hashes:         1: vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl (hash: /lkYuvJvax+P+Q6EyR+TQmhxa+K6MrksQLyjP/9Ds9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:10:30:10:d9:dc:e3:7a:14:09:60:bf:1c:0c:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5539afe925db80b415efb14c631b2d82c8cedd
        Validity
            Not Before: Jun  7 07:00:41 2025 GMT
            Not After : Jun  8 07:00:41 2025 GMT
        Subject: CN=ff56f3268edcd1a37002fc4f60a487da46ce2a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3a:3f:d8:15:4f:c8:a1:5d:d4:ea:03:25:d4:
                    3b:66:75:06:28:5b:2b:26:30:2e:9f:16:64:34:76:
                    e0:6b:22:e0:d7:22:b4:f6:93:35:18:7f:62:50:77:
                    2c:4c:d0:a9:8f:fb:9e:b9:ac:88:fa:1e:e0:bd:b9:
                    c9:ef:f9:97:9d:72:3a:bf:32:7c:0f:54:e3:bf:cd:
                    93:86:73:81:36:4e:0b:b7:ee:31:9e:17:c5:2d:e1:
                    f6:d5:30:d1:8c:0f:f0:d3:d7:36:32:d7:a4:3e:0d:
                    ff:83:c7:86:4d:23:76:33:7f:ed:32:ba:b9:4e:c2:
                    1c:31:42:1e:4a:e6:d6:69:0f:fb:e6:b0:8f:21:26:
                    80:57:f7:ae:c5:b5:bc:cc:9a:b9:54:4c:2a:b3:d1:
                    94:cd:76:00:75:b2:49:49:39:2c:db:d6:51:a8:e8:
                    85:59:ea:7f:16:15:d4:3c:db:3c:ca:ce:e0:f0:64:
                    46:e5:37:e3:5a:fe:29:5c:9f:a2:29:b9:55:d3:b4:
                    50:ee:aa:3d:3b:35:88:83:20:2b:4b:ad:d7:f7:0d:
                    02:af:05:1e:ec:54:4d:0b:53:3a:80:41:1f:76:60:
                    e9:1f:56:c7:6c:06:37:57:29:f4:c4:36:70:ca:f4:
                    45:1f:21:dd:6d:c4:50:a0:3c:86:23:b0:4b:30:06:
                    a8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:56:F3:26:8E:DC:D1:A3:70:02:FC:4F:60:A4:87:DA:46:CE:2A:02
            X509v3 Authority Key Identifier:
                keyid:BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:f8:40:0e:b9:82:f5:84:7b:2c:5f:bb:09:95:5b:11:30:f2:
         ee:ff:dc:fc:c8:64:4b:a5:11:a2:07:72:93:cb:b7:18:2c:08:
         16:f8:f6:c8:40:97:84:2b:06:d1:ed:d3:96:ca:8d:ed:bf:e4:
         d0:6f:fb:f0:07:d1:ce:15:af:e7:78:ab:81:25:f3:e3:a6:39:
         ff:dd:e2:82:a7:7e:1d:10:da:ef:7c:e0:a0:cf:60:f3:75:15:
         a3:05:3c:29:20:14:a1:60:ad:ae:ad:78:14:80:80:de:2f:66:
         24:d3:e8:54:f3:9b:ec:24:22:70:b1:c5:40:d1:55:5e:5b:6d:
         f5:e6:5c:5a:98:27:06:3f:1d:db:b1:2b:0a:1b:1f:ed:ff:34:
         18:ff:58:66:4e:74:f4:8d:38:48:f1:29:82:ed:f8:64:b4:1a:
         94:29:d8:f0:79:b3:6c:cb:73:f2:1b:ce:85:c6:98:a7:d5:ce:
         46:c7:03:e9:44:b7:e9:0c:ad:83:63:b2:54:44:c6:b6:ab:a1:
         b1:dd:ed:9e:ad:88:ac:ed:41:61:5e:99:55:80:61:01:05:48:
         66:27:50:31:07:76:bc:d6:6b:71:7d:df:61:00:b3:dc:c5:59:
         2a:bc:29:32:91:cc:1d:3e:8b:96:8c:ed:7d:f1:90:f4:d0:2d:
         25:71:13:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMRAwENnc43oUCWC/HAyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUzOWFmZTkyNWRiODBiNDE1ZWZiMTRjNjMxYjJkODJj
OGNlZGQwHhcNMjUwNjA3MDcwMDQxWhcNMjUwNjA4MDcwMDQxWjAzMTEwLwYDVQQD
EyhmZjU2ZjMyNjhlZGNkMWEzNzAwMmZjNGY2MGE0ODdkYTQ2Y2UyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojo/2BVPyKFd1OoDJdQ7ZnUGKFsr
JjAunxZkNHbgayLg1yK09pM1GH9iUHcsTNCpj/ueuayI+h7gvbnJ7/mXnXI6vzJ8
D1Tjv82ThnOBNk4Lt+4xnhfFLeH21TDRjA/w09c2MtekPg3/g8eGTSN2M3/tMrq5
TsIcMUIeSubWaQ/75rCPISaAV/euxbW8zJq5VEwqs9GUzXYAdbJJSTks29ZRqOiF
Wep/FhXUPNs8ys7g8GRG5TfjWv4pXJ+iKblV07RQ7qo9OzWIgyArS63X9w0CrwUe
7FRNC1M6gEEfdmDpH1bHbAY3Vyn0xDZwyvRFHyHdbcRQoDyGI7BLMAaoUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9W8yaO3NGjcAL8T2Ckh9pGzioCMB8GA1UdIwQY
MBaAFL5VOa/pJduAtBXvsUxjGy2CyM7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUt
MjUwMGY0ZWZhYjY5LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUtMjUwMGY0ZWZhYjY5
LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivhADrmC
9YR7LF+7CZVbETDy7v/c/MhkS6URogdyk8u3GCwIFvj2yECXhCsG0e3TlsqN7b/k
0G/78AfRzhWv53irgSXz46Y5/93igqd+HRDa73zgoM9g83UVowU8KSAUoWCtrq14
FICA3i9mJNPoVPOb7CQicLHFQNFVXltt9eZcWpgnBj8d27ErChsf7f80GP9YZk50
9I04SPEpgu34ZLQalCnY8HmzbMtz8hvOhcaYp9XORscD6US36Qytg2OyVETGtquh
sd3tnq2IrO1BYV6ZVYBhAQVIZidQMQd2vNZrcX3fYQCz3MVZKrwpMpHMHT6Llozt
ffGQ9NAtJXETLg==
-----END CERTIFICATE-----