Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          MxHhiLD8mlIMwpLQo+QWmjhB38Kc6lhi9HSerK83E8k=
Subject key identifier:   9D:63:25:D6:2A:77:03:43:36:67:CF:E3:E0:2B:01:B0:87:D2:79:05
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019923A0F3E0F14B60FF2D04BE2EDAA15CB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:02:54 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:54 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:54 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: PJEhB43VNdqst4G/Gbxd1cGhzLZ5zG6y0jCvH/cua1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:f3:e0:f1:4b:60:ff:2d:04:be:2e:da:a1:5c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Sep  7 10:02:54 2025 GMT
            Not After : Sep  8 10:02:54 2025 GMT
        Subject: CN=9d6325d62a7703433667cfe3e02b01b087d27905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:5c:66:30:6e:f1:43:54:dd:16:2d:0f:19:
                    1c:03:bb:32:c8:25:bc:64:19:e9:63:4a:72:c8:80:
                    2c:7d:5e:67:e8:68:a1:62:5a:96:5e:7a:46:d7:af:
                    ce:0b:94:e1:da:0b:d4:8d:76:c6:60:8f:b6:e1:f1:
                    f3:10:08:c0:5e:4c:40:f2:2d:68:7c:c0:3e:5f:70:
                    8a:43:5c:be:d3:c6:0b:40:52:cb:4b:46:04:ed:6c:
                    4b:0e:fc:c3:c5:37:1e:61:70:9d:da:27:ef:2f:a4:
                    37:de:a5:43:94:31:9e:15:64:28:75:40:eb:9b:2f:
                    fe:13:d2:c7:db:9a:95:8f:1a:a1:02:cd:4d:12:a0:
                    2a:f0:dc:a1:c9:11:cc:a5:c5:90:c9:2d:fc:14:1d:
                    f0:70:a8:17:4b:8a:44:23:df:f6:57:ef:6f:0e:d5:
                    c4:20:6b:c4:67:7e:17:60:12:b2:02:84:1f:d2:ec:
                    dc:4d:50:40:fc:47:5a:b0:c9:e6:98:51:54:2c:6d:
                    75:05:e8:fc:c9:64:d0:35:d2:ad:34:03:1d:43:fb:
                    2c:27:b3:d3:a8:5d:4c:23:b4:d8:3e:95:a3:05:eb:
                    42:37:46:d8:1d:b5:85:73:79:ec:81:66:92:fc:49:
                    b7:cf:6d:fa:da:d7:8b:b3:db:4f:a2:26:5e:32:0a:
                    48:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:63:25:D6:2A:77:03:43:36:67:CF:E3:E0:2B:01:B0:87:D2:79:05
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:e9:71:65:95:a6:8b:25:16:aa:5c:06:1f:14:d7:77:73:5b:
         89:2d:6d:cd:8a:6f:3b:33:16:68:47:81:f8:47:be:e1:65:f7:
         c5:ea:7c:a5:c8:69:fb:1b:67:b4:9a:fd:77:80:0d:83:49:e7:
         ab:84:92:d9:ef:e1:7a:f5:e6:4f:50:53:f2:d2:3e:1d:f7:a5:
         be:50:b3:8a:75:96:b7:62:6d:92:f2:d2:77:e6:57:eb:18:6e:
         8f:70:7b:1e:f7:42:e0:01:ed:d7:cf:62:87:a0:69:0f:0e:8f:
         5f:8f:96:72:ac:8a:86:1d:2a:e2:41:aa:b3:8f:e9:a4:33:79:
         e6:fd:ae:1f:5e:d9:87:11:68:14:e7:e1:32:64:8a:e6:84:d7:
         63:27:e1:60:de:bf:3c:28:3f:9d:40:bb:e0:ef:67:b1:75:60:
         29:d7:6a:fc:a9:7b:6d:21:a9:e3:8c:a5:ca:15:35:c0:34:e2:
         93:2f:80:2c:38:bf:6b:c7:d4:a4:57:83:65:fa:84:9d:29:9c:
         6a:83:d8:1e:e7:bf:25:77:8f:6c:1d:e6:3f:05:c2:bc:4d:67:
         a9:34:d3:1c:6e:c9:8d:05:9e:af:12:7a:41:29:94:5c:bb:8b:
         ff:d9:e8:c5:ef:73:a5:68:c1:c5:38:9a:e7:b1:ca:91:21:47:
         0f:9e:3c:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoPPg8Utg/y0Evi7aoVy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwOTA3MTAwMjU0WhcNMjUwOTA4MTAwMjU0WjAzMTEwLwYDVQQD
Eyg5ZDYzMjVkNjJhNzcwMzQzMzY2N2NmZTNlMDJiMDFiMDg3ZDI3OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0JcZjBu8UNU3RYtDxkcA7syyCW8
ZBnpY0pyyIAsfV5n6GihYlqWXnpG16/OC5Th2gvUjXbGYI+24fHzEAjAXkxA8i1o
fMA+X3CKQ1y+08YLQFLLS0YE7WxLDvzDxTceYXCd2ifvL6Q33qVDlDGeFWQodUDr
my/+E9LH25qVjxqhAs1NEqAq8NyhyRHMpcWQyS38FB3wcKgXS4pEI9/2V+9vDtXE
IGvEZ34XYBKyAoQf0uzcTVBA/EdasMnmmFFULG11Bej8yWTQNdKtNAMdQ/ssJ7PT
qF1MI7TYPpWjBetCN0bYHbWFc3nsgWaS/Em3z2362teLs9tPoiZeMgpIKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1jJdYqdwNDNmfP4+ArAbCH0nkFMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+lxZZWm
iyUWqlwGHxTXd3NbiS1tzYpvOzMWaEeB+Ee+4WX3xep8pchp+xtntJr9d4ANg0nn
q4SS2e/hevXmT1BT8tI+HfelvlCzinWWt2JtkvLSd+ZX6xhuj3B7HvdC4AHt189i
h6BpDw6PX4+WcqyKhh0q4kGqs4/ppDN55v2uH17ZhxFoFOfhMmSK5oTXYyfhYN6/
PCg/nUC74O9nsXVgKddq/Kl7bSGp44ylyhU1wDTiky+ALDi/a8fUpFeDZfqEnSmc
aoPYHue/JXePbB3mPwXCvE1nqTTTHG7JjQWerxJ6QSmUXLuL/9noxe9zpWjBxTia
57HKkSFHD5488Q==
-----END CERTIFICATE-----