Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
File:                     veWU40bxTQmDwaa_S7XHFP-bhEI.mft (raw, json)
Hash identifier:          C56joAMEDNDnX2JIq8Iijo2vq+kpLlv6hVxn5TxSvOA=
Subject key identifier:   2D:D4:E1:14:1C:68:42:C3:F8:50:DF:09:99:80:B2:37:3F:FB:14:16
Authority key identifier: BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42
Certificate issuer:       /CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
Certificate serial:       0197470BDFFA91D8CE2CB5944FE2B01E3A9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
Manifest number:          1578
Signing time:             Fri 06 Jun 2025 21:00:49 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:49 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:49 +0000
Files and hashes:         1: veWU40bxTQmDwaa_S7XHFP-bhEI.crl (hash: bHyJi9nfNzOjJmKfjhuujyUUkO1XXXdd2vKXRMBzy4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 21:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:df:fa:91:d8:ce:2c:b5:94:4f:e2:b0:1e:3a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
        Validity
            Not Before: Jun  6 21:00:49 2025 GMT
            Not After : Jun  7 21:00:49 2025 GMT
        Subject: CN=2dd4e1141c6842c3f850df099980b2373ffb1416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:1a:3c:18:d8:a4:28:f3:8d:e8:3b:67:e3:50:
                    94:71:d3:c9:98:5a:93:34:25:cb:41:9a:c6:0f:00:
                    cb:25:79:b8:7b:f7:a7:78:b1:bd:fe:11:ff:02:0d:
                    3f:f2:77:f5:6e:52:6a:05:a0:0f:b0:76:7b:bb:15:
                    8d:49:b3:89:fd:e5:7f:ec:b7:24:0d:5c:64:43:1e:
                    7e:bf:a9:e8:23:0c:e2:49:31:35:b7:88:9c:6b:37:
                    cb:0b:eb:9a:21:34:3c:9b:39:5c:d7:30:fb:4c:d1:
                    56:9a:a7:7c:7d:bf:44:a7:2a:e2:4c:01:9c:d8:f9:
                    24:6c:52:13:47:ba:b4:9f:50:0c:f0:28:92:1c:e1:
                    89:4d:3b:f5:63:73:4a:10:e3:bc:ff:5c:0b:f7:8b:
                    1a:e6:a2:c2:64:b4:5c:76:f7:3b:2c:1b:60:dd:51:
                    f1:9d:66:83:ec:05:85:a4:95:a1:3e:8c:ca:88:2f:
                    1f:37:53:29:64:3c:ae:70:5f:e3:0f:a8:5f:53:9c:
                    63:2f:24:33:d7:37:07:41:35:04:26:61:8c:e7:26:
                    a6:ad:ee:81:e2:81:79:a8:1d:a1:ad:2d:87:b2:96:
                    dd:fb:69:a3:d9:bd:54:06:0d:90:5c:34:7b:e2:e6:
                    f8:66:da:8f:dd:32:08:e7:9c:4e:e0:4b:67:74:58:
                    d2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D4:E1:14:1C:68:42:C3:F8:50:DF:09:99:80:B2:37:3F:FB:14:16
            X509v3 Authority Key Identifier:
                keyid:BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:2c:ba:fb:22:3d:49:d5:b2:33:ca:cf:d0:00:5a:7e:3f:47:
         01:a2:b5:a7:dd:6e:49:5c:f2:6e:dc:51:2c:8f:05:55:df:93:
         c1:cd:30:1c:ff:2e:5d:52:7f:71:85:d2:15:45:20:f3:8c:21:
         6e:cf:b1:32:7a:b4:69:2c:65:3c:2d:0d:82:6f:2a:6b:5d:f0:
         ca:71:85:a7:bc:6e:01:e2:33:00:df:1c:e1:20:be:e0:aa:e0:
         97:fe:90:71:24:05:cf:25:db:7f:ba:25:cb:48:88:b2:d3:f9:
         86:c6:1f:7d:4b:d5:8c:55:fa:e3:94:20:54:5b:30:65:d2:23:
         10:a6:37:ef:b5:80:32:33:1c:52:f7:b6:7d:e8:e3:bd:c8:bf:
         4b:75:47:3a:e5:02:6c:90:2d:57:97:f9:2c:eb:74:b2:6d:47:
         59:af:f9:ad:54:c1:49:03:ad:1e:f0:eb:f8:0b:f2:cd:fd:43:
         72:fd:a6:f5:25:e4:6f:36:41:27:c6:82:8c:d6:6c:dc:e5:b4:
         6c:2c:62:60:2e:ea:c4:6f:54:c3:f2:46:ab:13:94:5f:ac:f2:
         2d:77:47:78:24:ba:58:14:6f:ec:02:55:ef:12:20:1f:70:c7:
         01:b0:dc:d0:e5:51:86:36:db:b5:42:10:d2:34:4d:52:a4:75:
         36:5c:bf:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC9/6kdjOLLWUT+KwHjqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTU5NGUzNDZmMTRkMDk4M2MxYTZiZjRiYjVjNzE0ZmY5
Yjg0NDIwHhcNMjUwNjA2MjEwMDQ5WhcNMjUwNjA3MjEwMDQ5WjAzMTEwLwYDVQQD
EygyZGQ0ZTExNDFjNjg0MmMzZjg1MGRmMDk5OTgwYjIzNzNmZmIxNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwho8GNikKPON6Dtn41CUcdPJmFqT
NCXLQZrGDwDLJXm4e/eneLG9/hH/Ag0/8nf1blJqBaAPsHZ7uxWNSbOJ/eV/7Lck
DVxkQx5+v6noIwziSTE1t4icazfLC+uaITQ8mzlc1zD7TNFWmqd8fb9EpyriTAGc
2PkkbFITR7q0n1AM8CiSHOGJTTv1Y3NKEOO8/1wL94sa5qLCZLRcdvc7LBtg3VHx
nWaD7AWFpJWhPozKiC8fN1MpZDyucF/jD6hfU5xjLyQz1zcHQTUEJmGM5yamre6B
4oF5qB2hrS2Hspbd+2mj2b1UBg2QXDR74ub4ZtqP3TII55xO4EtndFjSewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3U4RQcaELD+FDfCZmAsjc/+xQWMB8GA1UdIwQY
MBaAFL3llONG8U0Jg8Gmv0u1xxT/m4RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUt
YzdhMzY2YjkxZjQzLzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUtYzdhMzY2YjkxZjQz
LzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAByy6+yI9
SdWyM8rP0ABafj9HAaK1p91uSVzybtxRLI8FVd+Twc0wHP8uXVJ/cYXSFUUg84wh
bs+xMnq0aSxlPC0Ngm8qa13wynGFp7xuAeIzAN8c4SC+4Krgl/6QcSQFzyXbf7ol
y0iIstP5hsYffUvVjFX645QgVFswZdIjEKY377WAMjMcUve2fejjvci/S3VHOuUC
bJAtV5f5LOt0sm1HWa/5rVTBSQOtHvDr+Avyzf1Dcv2m9SXkbzZBJ8aCjNZs3OW0
bCxiYC7qxG9Uw/JGqxOUX6zyLXdHeCS6WBRv7AJV7xIgH3DHAbDc0OVRhjbbtUIQ
0jRNUqR1Nly/Vg==
-----END CERTIFICATE-----