Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          71Dh1x+AIUSPgWlLY0WP3ATQn15oU28HJ/stARr9PqY=
Subject key identifier:   6C:86:DC:89:42:6A:15:0D:4D:35:3D:AB:BA:3F:F2:F2:91:F5:E4:F0
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       019A706E803CCB46A47ED97C7E780596C9C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0CE0
Signing time:             Tue 11 Nov 2025 01:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:21 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: IHUxQoIjLlj1R7B77Ijzfmp6jScS2EYEu+lpkUBlhVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:80:3c:cb:46:a4:7e:d9:7c:7e:78:05:96:c9:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Nov 11 01:01:21 2025 GMT
            Not After : Nov 12 01:01:21 2025 GMT
        Subject: CN=6c86dc89426a150d4d353dabba3ff2f291f5e4f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:58:31:7e:f1:18:6c:34:48:f7:3c:1a:30:9c:
                    e7:90:ad:bf:a2:4f:8a:0e:08:56:38:e5:7e:4a:ab:
                    6f:8b:90:27:47:0c:3e:7a:db:36:6a:a8:7b:22:04:
                    70:62:7d:a7:64:67:20:ef:e6:be:5a:f9:d4:a6:b0:
                    2f:c2:33:36:ca:5d:d8:31:23:9c:07:42:b7:34:f2:
                    3a:bd:36:d0:d5:67:b8:ff:f2:bd:1e:81:c0:d5:36:
                    36:38:13:2f:43:17:0a:95:d1:53:9f:57:db:94:11:
                    79:84:ce:93:f4:2d:20:3a:69:a9:1c:05:8b:11:37:
                    8a:1d:ea:8b:3d:a7:33:86:33:48:15:1c:6f:9e:6e:
                    df:a8:cb:32:76:b5:16:69:56:2f:05:5a:6e:64:93:
                    ec:25:2b:2d:c7:a0:24:66:e7:14:1f:ea:13:40:fb:
                    f2:4c:67:ac:ac:07:5d:8b:80:12:cf:98:5f:ea:a5:
                    b7:ff:5b:b2:02:0d:ec:f7:8c:40:46:44:6f:d0:9d:
                    2d:0f:56:2f:06:2d:1f:e9:1e:6c:bf:91:38:4e:c7:
                    91:41:11:86:15:0e:1c:2b:f2:ef:4a:7a:09:3b:47:
                    06:02:58:23:fa:1d:46:8a:89:3b:2a:35:30:cc:0e:
                    5c:f3:26:17:42:94:cb:46:87:f6:5f:fc:57:09:5d:
                    85:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:86:DC:89:42:6A:15:0D:4D:35:3D:AB:BA:3F:F2:F2:91:F5:E4:F0
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:a1:36:d9:9e:64:67:eb:bb:e5:be:e2:72:52:4d:bc:34:2e:
         38:2b:c0:67:38:28:d4:6c:34:89:2f:cf:dd:e6:4b:b7:38:96:
         ab:a9:0d:72:b3:e4:88:0c:be:92:f3:11:e9:6e:a1:1a:ac:f0:
         65:11:8b:49:a4:03:65:a5:d2:c8:f6:da:de:89:18:89:4a:65:
         7a:36:1c:ab:39:5e:5b:4b:be:96:b9:17:85:be:4c:4f:ce:81:
         78:10:3f:db:c5:d4:98:54:5c:ef:ce:44:c8:e1:b8:32:f9:4e:
         3d:fc:c3:a3:fc:c7:e6:a0:c8:47:68:60:08:00:8c:c5:77:47:
         0d:4c:a3:7f:26:cd:84:41:08:53:52:67:21:52:43:1b:62:a0:
         e2:c1:b0:8e:4d:70:aa:f4:a6:3b:a7:78:80:3f:4a:b6:e5:4b:
         17:c9:5f:11:26:79:21:1a:3f:53:70:02:06:5b:e7:42:d2:48:
         04:c9:d7:50:0c:cd:bc:f1:c9:eb:fb:21:65:f7:1a:fd:f7:73:
         96:5e:5c:1e:e1:6d:e8:a8:a8:99:32:b2:8b:d7:f0:01:1d:d3:
         c6:fd:06:55:a4:71:9e:82:91:c3:b3:b7:43:05:99:81:b5:26:
         93:70:3f:ce:fd:12:c5:bd:97:22:bd:5d:99:fd:e9:3b:ad:a7:
         92:fb:8d:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwboA8y0akftl8fngFlsnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjUxMTExMDEwMTIxWhcNMjUxMTEyMDEwMTIxWjAzMTEwLwYDVQQD
Eyg2Yzg2ZGM4OTQyNmExNTBkNGQzNTNkYWJiYTNmZjJmMjkxZjVlNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlgxfvEYbDRI9zwaMJznkK2/ok+K
DghWOOV+Sqtvi5AnRww+ets2aqh7IgRwYn2nZGcg7+a+WvnUprAvwjM2yl3YMSOc
B0K3NPI6vTbQ1We4//K9HoHA1TY2OBMvQxcKldFTn1fblBF5hM6T9C0gOmmpHAWL
ETeKHeqLPaczhjNIFRxvnm7fqMsydrUWaVYvBVpuZJPsJSstx6AkZucUH+oTQPvy
TGesrAddi4ASz5hf6qW3/1uyAg3s94xARkRv0J0tD1YvBi0f6R5sv5E4TseRQRGG
FQ4cK/LvSnoJO0cGAlgj+h1Giok7KjUwzA5c8yYXQpTLRof2X/xXCV2F7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyG3IlCahUNTTU9q7o/8vKR9eTwMB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqE22Z5k
Z+u75b7iclJNvDQuOCvAZzgo1Gw0iS/P3eZLtziWq6kNcrPkiAy+kvMR6W6hGqzw
ZRGLSaQDZaXSyPba3okYiUplejYcqzleW0u+lrkXhb5MT86BeBA/28XUmFRc785E
yOG4MvlOPfzDo/zH5qDIR2hgCACMxXdHDUyjfybNhEEIU1JnIVJDG2Kg4sGwjk1w
qvSmO6d4gD9KtuVLF8lfESZ5IRo/U3ACBlvnQtJIBMnXUAzNvPHJ6/shZfca/fdz
ll5cHuFt6KiomTKyi9fwAR3Txv0GVaRxnoKRw7O3QwWZgbUmk3A/zv0Sxb2XIr1d
mf3pO62nkvuN5g==
-----END CERTIFICATE-----