Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
File:                     vtJXlaaCsRmplIBal2V4U9dUoFw.mft (raw, json)
Hash identifier:          dg9lZcWXepCiYy2mgGS3u2JHg4HO9wvfWMXiJAzbJGQ=
Subject key identifier:   95:84:16:32:F7:2D:AA:B2:40:ED:6D:90:06:E8:EC:97:D3:0E:8C:DE
Authority key identifier: BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C
Certificate issuer:       /CN=bed25795a682b119a994805a97657853d754a05c
Certificate serial:       019A7225AB664F2E562D0463C92190736738
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
Manifest number:          0BAD
Signing time:             Tue 11 Nov 2025 09:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:02 +0000
Files and hashes:         1: vtJXlaaCsRmplIBal2V4U9dUoFw.crl (hash: ItHNMoOETZGD6rStl5LbVYDTgbEPyVtwetEON8bg/Yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:ab:66:4f:2e:56:2d:04:63:c9:21:90:73:67:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bed25795a682b119a994805a97657853d754a05c
        Validity
            Not Before: Nov 11 09:01:02 2025 GMT
            Not After : Nov 12 09:01:02 2025 GMT
        Subject: CN=95841632f72daab240ed6d9006e8ec97d30e8cde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:79:7e:98:95:06:c3:32:b5:72:52:d8:a5:25:
                    98:a3:39:4b:c8:f3:c0:ef:81:b0:47:24:b0:df:12:
                    cc:79:95:98:cb:5e:5b:a8:df:50:65:18:66:12:ab:
                    51:69:92:9c:15:4f:75:f3:b4:a0:be:0c:0e:fd:b4:
                    01:d4:78:14:f9:a0:0c:fd:49:d6:46:e5:5e:f0:dc:
                    5a:b5:9e:e4:bb:38:ba:57:23:c5:59:e9:93:25:06:
                    69:0c:fd:a1:ab:1c:5f:03:1d:9e:56:18:aa:da:a7:
                    b2:78:7d:57:61:5a:fa:a5:81:a5:17:fa:8d:63:78:
                    1d:01:3f:b4:a8:9e:17:15:6f:82:2d:3c:bf:9a:6c:
                    62:6a:19:14:a6:43:f7:bd:74:d0:8c:52:67:72:8b:
                    72:f9:8b:fb:32:e0:2e:46:3e:db:f7:3a:b8:ad:97:
                    62:3c:fe:31:2f:d1:68:52:5c:8c:5f:2e:91:ba:7c:
                    ee:e7:4e:48:44:28:8b:34:58:62:3f:6b:1a:45:7d:
                    b6:c1:67:f0:83:e4:f4:0f:3a:aa:34:fd:97:55:cf:
                    3d:8a:b6:92:9e:0c:d3:6f:12:d9:d5:fd:87:7e:66:
                    ad:48:ba:23:ef:c2:65:aa:86:04:66:bb:52:ca:7c:
                    f3:17:e3:d7:b6:98:3e:6f:e5:c5:b0:68:57:d8:a3:
                    ec:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:84:16:32:F7:2D:AA:B2:40:ED:6D:90:06:E8:EC:97:D3:0E:8C:DE
            X509v3 Authority Key Identifier:
                keyid:BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:76:4d:f5:82:55:56:e1:71:df:08:ed:9b:fc:3e:31:de:5b:
         73:ee:e8:e3:39:db:b2:82:a3:5d:fc:70:e2:ab:aa:b1:75:26:
         8a:0b:8a:9f:43:b8:45:96:dd:5e:0a:9d:de:14:df:00:3b:16:
         ce:a0:43:0a:b4:ff:c8:a7:c9:45:3c:fd:3b:de:84:f0:b8:e8:
         42:73:c9:1e:0b:4b:a3:bc:cf:1e:74:dd:7f:c0:d8:f2:cf:8c:
         8c:ba:c3:09:60:cc:35:2c:f8:8d:f9:1d:90:a1:b2:94:1f:bc:
         5a:11:1e:ba:30:ec:dd:80:92:d4:cc:ea:f9:35:a1:9c:ca:62:
         4c:6a:ff:8b:5c:1a:59:d9:1c:b8:87:0e:88:93:a6:d9:df:5c:
         d9:88:68:84:1c:34:a9:37:aa:b0:dc:93:9a:10:bb:5c:f5:5c:
         71:2f:d2:e5:e4:fd:82:e6:b3:33:23:23:ee:c8:c9:dd:84:3b:
         56:0c:b9:85:95:96:97:b7:05:dd:08:bf:d2:56:11:f0:da:f6:
         83:bd:7e:5b:9f:70:cd:c1:7d:f1:11:1e:3a:b4:ac:94:c9:01:
         c6:c9:2c:f3:00:60:61:de:1c:13:87:7f:3f:a9:64:26:40:82:
         ef:82:53:c1:9e:d2:a0:ad:c9:d0:47:7f:72:cd:29:c6:4d:02:
         9d:4f:a5:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJatmTy5WLQRjySGQc2c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZDI1Nzk1YTY4MmIxMTlhOTk0ODA1YTk3NjU3ODUzZDc1
NGEwNWMwHhcNMjUxMTExMDkwMTAyWhcNMjUxMTEyMDkwMTAyWjAzMTEwLwYDVQQD
Eyg5NTg0MTYzMmY3MmRhYWIyNDBlZDZkOTAwNmU4ZWM5N2QzMGU4Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHl+mJUGwzK1clLYpSWYozlLyPPA
74GwRySw3xLMeZWYy15bqN9QZRhmEqtRaZKcFU9187SgvgwO/bQB1HgU+aAM/UnW
RuVe8NxatZ7kuzi6VyPFWemTJQZpDP2hqxxfAx2eVhiq2qeyeH1XYVr6pYGlF/qN
Y3gdAT+0qJ4XFW+CLTy/mmxiahkUpkP3vXTQjFJncoty+Yv7MuAuRj7b9zq4rZdi
PP4xL9FoUlyMXy6Runzu505IRCiLNFhiP2saRX22wWfwg+T0DzqqNP2XVc89iraS
ngzTbxLZ1f2HfmatSLoj78JlqoYEZrtSynzzF+PXtpg+b+XFsGhX2KPstQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWEFjL3LaqyQO1tkAbo7JfTDozeMB8GA1UdIwQY
MBaAFL7SV5WmgrEZqZSAWpdleFPXVKBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQt
MTFkMGYyMGU4Y2IwLzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQtMTFkMGYyMGU4Y2Iw
LzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXZN9YJV
VuFx3wjtm/w+Md5bc+7o4znbsoKjXfxw4quqsXUmiguKn0O4RZbdXgqd3hTfADsW
zqBDCrT/yKfJRTz9O96E8LjoQnPJHgtLo7zPHnTdf8DY8s+MjLrDCWDMNSz4jfkd
kKGylB+8WhEeujDs3YCS1Mzq+TWhnMpiTGr/i1waWdkcuIcOiJOm2d9c2YhohBw0
qTeqsNyTmhC7XPVccS/S5eT9guazMyMj7sjJ3YQ7Vgy5hZWWl7cF3Qi/0lYR8Nr2
g71+W59wzcF98REeOrSslMkBxsks8wBgYd4cE4d/P6lkJkCC74JTwZ7SoK3J0Ed/
cs0pxk0CnU+l4Q==
-----END CERTIFICATE-----