Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          OtiPQSATRLA6m1+Sng0wvX3RUgP8rCb/ehmytmrhFwE=
Subject key identifier:   61:0D:B6:5B:B2:35:8E:33:BA:66:E1:69:2E:B4:B6:2F:BC:45:37:E6
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       0199239F9B39163BED05D0B22A44ED233848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0CCA
Signing time:             Sun 07 Sep 2025 10:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:26 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: GnDeXR30y02sN5Jh/PPYzTRrHKgOdwjnX8Dg/CK7kX0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:9b:39:16:3b:ed:05:d0:b2:2a:44:ed:23:38:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Sep  7 10:01:26 2025 GMT
            Not After : Sep  8 10:01:26 2025 GMT
        Subject: CN=610db65bb2358e33ba66e1692eb4b62fbc4537e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4c:52:ed:b4:f6:da:b7:90:8b:34:67:ff:ec:
                    de:53:e4:17:95:82:cd:b5:d5:b5:78:bc:e2:51:9e:
                    3e:75:4b:d5:83:a3:69:40:43:f9:c9:cc:fd:1d:6e:
                    3a:17:d0:60:0a:cd:7c:c1:24:c5:a7:e4:02:ee:ea:
                    0b:ab:26:f4:78:61:15:f4:77:7e:95:38:ff:a6:54:
                    57:d7:65:27:64:6a:5a:d5:29:a5:7c:bf:91:28:01:
                    27:75:d8:7d:a9:f8:04:21:73:02:81:26:9b:48:96:
                    1c:1d:a5:74:6c:41:97:39:8f:81:78:db:44:69:b1:
                    62:f5:86:55:cf:50:03:5b:44:f7:33:4a:87:fa:43:
                    9e:4d:a4:96:cf:dd:7c:1e:16:ac:01:64:dd:99:db:
                    e2:73:a1:cb:5e:50:e1:db:a5:fd:1c:84:b3:e8:73:
                    b7:17:91:80:af:81:2c:d9:17:51:25:96:5f:3b:e3:
                    43:58:95:88:27:3d:74:fc:15:b8:ed:0c:d8:39:c8:
                    18:73:67:3a:82:58:1c:51:8e:50:5e:13:f4:04:2f:
                    d7:6e:d3:3e:10:2a:99:41:be:a4:14:51:a4:50:99:
                    82:1f:b5:48:6d:97:03:8e:8b:fb:cc:40:3b:a4:5f:
                    a0:35:65:33:b3:9e:88:e6:25:d9:0c:c7:fe:c2:e1:
                    10:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:0D:B6:5B:B2:35:8E:33:BA:66:E1:69:2E:B4:B6:2F:BC:45:37:E6
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:af:1f:11:a0:ee:df:cf:cd:56:fa:53:0a:97:72:18:76:2c:
         18:be:94:71:08:25:8b:81:38:f0:3e:54:29:de:b0:bd:2d:43:
         90:a1:c3:7d:f2:fa:bb:10:45:3c:8e:50:0f:0c:b1:2b:0f:15:
         58:45:f7:f9:76:d1:c0:d2:86:5e:b1:08:1a:3a:27:86:4b:92:
         47:ec:9b:d8:7c:e0:c9:e5:15:88:ad:51:75:6c:3e:c1:ee:f5:
         b5:a9:a1:c1:45:58:22:db:c9:3c:a3:19:bd:46:2b:9a:a1:39:
         3f:03:a4:9d:42:b2:3d:75:30:3b:38:13:43:99:53:c0:29:8f:
         d9:be:0f:5b:36:32:c5:c3:f3:d3:bd:f2:10:8a:74:1e:eb:0e:
         b8:ec:24:e1:9d:8a:cd:dc:e4:54:9c:8a:9f:16:60:7d:c3:b4:
         0a:a0:ad:e7:3c:de:b0:09:22:b2:b7:da:2e:2c:44:04:11:fb:
         1e:c6:9b:1b:c9:fd:55:de:59:8c:78:a0:d9:cc:7c:fe:5c:a9:
         81:ce:69:51:82:06:c7:99:db:9b:cc:90:98:ae:08:7c:3e:ba:
         07:4d:d6:b9:4d:9f:6d:71:0d:60:67:40:1c:11:a5:9a:00:1d:
         98:fb:9d:b5:9a:86:bc:f7:24:d4:0f:92:fa:34:fd:53:84:60:
         fe:e1:89:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn5s5FjvtBdCyKkTtIzhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUwOTA3MTAwMTI2WhcNMjUwOTA4MTAwMTI2WjAzMTEwLwYDVQQD
Eyg2MTBkYjY1YmIyMzU4ZTMzYmE2NmUxNjkyZWI0YjYyZmJjNDUzN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkxS7bT22reQizRn/+zeU+QXlYLN
tdW1eLziUZ4+dUvVg6NpQEP5ycz9HW46F9BgCs18wSTFp+QC7uoLqyb0eGEV9Hd+
lTj/plRX12UnZGpa1SmlfL+RKAEnddh9qfgEIXMCgSabSJYcHaV0bEGXOY+BeNtE
abFi9YZVz1ADW0T3M0qH+kOeTaSWz918HhasAWTdmdvic6HLXlDh26X9HISz6HO3
F5GAr4Es2RdRJZZfO+NDWJWIJz10/BW47QzYOcgYc2c6glgcUY5QXhP0BC/XbtM+
ECqZQb6kFFGkUJmCH7VIbZcDjov7zEA7pF+gNWUzs56I5iXZDMf+wuEQ3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGENtluyNY4zumbhaS60ti+8RTfmMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ68fEaDu
38/NVvpTCpdyGHYsGL6UcQgli4E48D5UKd6wvS1DkKHDffL6uxBFPI5QDwyxKw8V
WEX3+XbRwNKGXrEIGjonhkuSR+yb2HzgyeUViK1RdWw+we71tamhwUVYItvJPKMZ
vUYrmqE5PwOknUKyPXUwOzgTQ5lTwCmP2b4PWzYyxcPz073yEIp0HusOuOwk4Z2K
zdzkVJyKnxZgfcO0CqCt5zzesAkisrfaLixEBBH7HsabG8n9Vd5ZjHig2cx8/lyp
gc5pUYIGx5nbm8yQmK4IfD66B03WuU2fbXENYGdAHBGlmgAdmPudtZqGvPck1A+S
+jT9U4Rg/uGJ9w==
-----END CERTIFICATE-----