Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          M5CPW0OfB/vdLJaZJFM1XKF3Keqsie9uf1CZDamnI44=
Subject key identifier:   09:F9:34:5E:66:44:12:BC:F3:B2:1B:4D:04:5B:11:89:73:3A:6C:0B
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       019A71B835AD5FEB35001C83AC35A019D8A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0D77
Signing time:             Tue 11 Nov 2025 07:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:28 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: Ysz4idDs5XNZdSid9+qREKyA5mPC8q7++i0ARCxLrk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:35:ad:5f:eb:35:00:1c:83:ac:35:a0:19:d8:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Nov 11 07:01:28 2025 GMT
            Not After : Nov 12 07:01:28 2025 GMT
        Subject: CN=09f9345e664412bcf3b21b4d045b1189733a6c0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e4:5a:a9:55:b0:be:58:99:ac:4d:f9:58:6d:
                    0d:16:5c:58:c3:fc:26:57:cf:3a:e1:3f:5f:47:87:
                    c9:16:3c:f8:fe:51:d9:11:5f:66:99:06:43:bb:b1:
                    5e:2d:38:87:99:b9:63:53:61:cc:5a:bb:28:e7:ae:
                    b9:61:84:4b:e7:7a:68:c2:79:85:c0:80:60:75:02:
                    b5:0e:42:8f:44:1c:35:be:87:5a:57:f9:42:3b:3f:
                    57:9e:ff:97:ac:1b:74:a6:2b:b4:a0:9a:94:c8:24:
                    9c:8d:6a:a6:44:a1:e0:e1:94:83:ac:db:14:3a:7f:
                    c4:bd:87:eb:26:4f:91:c2:f3:f0:9c:2b:3a:ee:a0:
                    4a:f9:ed:3d:77:21:45:da:46:c4:58:1c:73:4e:7c:
                    b5:f9:d4:85:66:79:47:89:75:9b:5c:d0:16:d4:50:
                    fd:9c:a5:1e:7d:db:fe:5d:17:87:20:60:ba:5e:73:
                    6d:9f:d2:4d:dd:ee:94:f2:1a:a0:6b:b8:57:d7:e7:
                    e9:08:da:3c:c2:8d:c1:36:aa:14:74:54:e3:08:e6:
                    d7:1a:19:9c:3b:e2:b9:19:f6:96:54:0d:f0:d9:ca:
                    24:97:e9:fc:48:ba:db:f5:82:c7:54:de:7f:7c:23:
                    4b:7c:3e:e7:ce:d0:c1:54:dd:a5:03:13:7a:eb:d6:
                    e7:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F9:34:5E:66:44:12:BC:F3:B2:1B:4D:04:5B:11:89:73:3A:6C:0B
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:90:fa:00:cb:8c:e4:0e:7c:00:b4:47:07:1a:14:5f:55:90:
         48:a1:d6:cb:68:d6:c7:c8:af:0d:14:49:7f:80:ab:c1:c3:9d:
         d4:58:14:0a:38:41:5b:05:e1:92:c3:10:26:f8:80:bf:53:39:
         ed:81:47:75:9c:0b:d9:14:e8:c5:a1:3d:e3:2b:39:76:c0:d8:
         e2:7f:17:10:ab:0d:42:43:7b:94:90:ab:af:90:bf:f9:40:6d:
         38:57:51:bf:84:75:34:3e:fd:c6:a7:ba:1e:a8:e5:e8:db:6c:
         f0:26:8f:a1:3b:78:d7:c8:47:61:e1:57:44:28:3d:54:13:9c:
         f4:36:bb:0a:bf:c2:e5:61:d3:5d:2c:67:2a:82:97:b1:e5:b9:
         0f:c7:69:7e:ca:0b:32:d6:a8:14:4d:15:00:06:89:77:7f:32:
         49:3b:08:76:27:32:8e:6a:03:44:f9:7a:a8:56:60:73:7a:45:
         cd:40:3f:4f:d2:3e:41:a4:15:7b:dd:3b:34:38:58:00:58:6d:
         98:86:4f:70:23:d5:84:85:34:1e:74:16:0d:8b:cc:7a:d1:85:
         95:22:4c:f3:92:79:86:6e:4b:f3:4d:71:e8:ce:1b:bc:f3:be:
         f8:2c:45:8a:96:ce:22:e0:7d:bf:57:83:f9:9d:b9:f7:eb:0e:
         2e:36:37:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDWtX+s1AByDrDWgGdimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUxMTExMDcwMTI4WhcNMjUxMTEyMDcwMTI4WjAzMTEwLwYDVQQD
EygwOWY5MzQ1ZTY2NDQxMmJjZjNiMjFiNGQwNDViMTE4OTczM2E2YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+RaqVWwvliZrE35WG0NFlxYw/wm
V8864T9fR4fJFjz4/lHZEV9mmQZDu7FeLTiHmbljU2HMWrso5665YYRL53pownmF
wIBgdQK1DkKPRBw1vodaV/lCOz9Xnv+XrBt0piu0oJqUyCScjWqmRKHg4ZSDrNsU
On/EvYfrJk+RwvPwnCs67qBK+e09dyFF2kbEWBxzTny1+dSFZnlHiXWbXNAW1FD9
nKUefdv+XReHIGC6XnNtn9JN3e6U8hqga7hX1+fpCNo8wo3BNqoUdFTjCObXGhmc
O+K5GfaWVA3w2cokl+n8SLrb9YLHVN5/fCNLfD7nztDBVN2lAxN669bnawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAn5NF5mRBK887IbTQRbEYlzOmwLMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZD6AMuM
5A58ALRHBxoUX1WQSKHWy2jWx8ivDRRJf4CrwcOd1FgUCjhBWwXhksMQJviAv1M5
7YFHdZwL2RToxaE94ys5dsDY4n8XEKsNQkN7lJCrr5C/+UBtOFdRv4R1ND79xqe6
Hqjl6Nts8CaPoTt418hHYeFXRCg9VBOc9Da7Cr/C5WHTXSxnKoKXseW5D8dpfsoL
MtaoFE0VAAaJd38ySTsIdicyjmoDRPl6qFZgc3pFzUA/T9I+QaQVe907NDhYAFht
mIZPcCPVhIU0HnQWDYvMetGFlSJM85J5hm5L801x6M4bvPO++CxFipbOIuB9v1eD
+Z259+sOLjY3wQ==
-----END CERTIFICATE-----