Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          LLzUZ2cFZkU+z1mf0WaKXwl2Wsx2VYnRrYFKUjz/NpE=
Subject key identifier:   F5:AD:94:E6:32:A4:AD:A2:01:C0:F9:F6:AD:C4:75:70:F2:04:EA:75
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       019763968BB6BB23EBE5997E3DF028BC98BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0BE2
Signing time:             Thu 12 Jun 2025 10:01:39 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:39 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:39 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: 07F2PCWOBRFDlQhiCFgiILURiyfYIbdC8+dipQPmt70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:8b:b6:bb:23:eb:e5:99:7e:3d:f0:28:bc:98:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Jun 12 10:01:39 2025 GMT
            Not After : Jun 13 10:01:39 2025 GMT
        Subject: CN=f5ad94e632a4ada201c0f9f6adc47570f204ea75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:69:7b:e3:f6:0b:6a:24:15:e3:39:7b:27:7d:
                    cb:95:22:82:e8:fa:0e:ad:f1:fa:b3:aa:c3:44:04:
                    5d:81:26:85:49:48:6a:3d:55:c3:56:1a:9a:0f:ec:
                    48:1f:a8:10:9a:64:89:86:1c:89:08:22:af:82:4c:
                    01:90:ba:90:e8:f1:c6:3a:17:c1:9a:b7:9f:92:1a:
                    cd:24:76:b1:a4:bd:ab:6b:f4:2a:1e:3c:12:f3:5e:
                    2b:64:28:26:42:03:b5:9b:61:55:60:88:cd:3a:4c:
                    dd:98:8e:31:d4:7c:43:fc:8c:09:35:1e:b1:fe:c0:
                    82:1b:62:7a:66:1f:f7:1f:34:74:ab:d6:71:ac:5d:
                    92:8a:91:19:73:56:9c:17:ae:19:9f:b4:bb:a3:4b:
                    71:d3:68:4c:6e:bd:f8:0b:28:c3:9a:80:dc:cd:29:
                    f6:5e:e3:cd:5c:be:0b:31:8c:96:23:de:f8:e0:f1:
                    6b:89:04:5c:ab:9a:25:3a:38:08:49:98:f0:cd:39:
                    25:34:d3:58:82:f8:49:ed:c5:e0:20:b2:c6:5a:9b:
                    44:6e:87:ad:28:57:62:56:81:52:93:92:d9:0b:75:
                    36:db:60:f8:bf:a9:c8:db:6f:ae:b8:a8:0a:33:ee:
                    0a:5f:f0:30:06:46:28:4b:cd:18:a1:b7:3d:8c:1e:
                    45:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AD:94:E6:32:A4:AD:A2:01:C0:F9:F6:AD:C4:75:70:F2:04:EA:75
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:fc:2a:e5:83:c1:f4:01:1a:4c:1b:a1:e3:b7:75:18:0a:d3:
         86:bc:7d:e0:9b:d6:d3:30:0a:a1:3f:09:8d:57:2d:49:12:c8:
         71:84:5b:e8:84:42:37:5d:b3:8d:58:24:3a:4a:cc:6d:d8:61:
         ba:d3:0d:20:09:a3:ce:0e:62:7b:57:54:57:1c:0d:92:ef:5c:
         8d:18:ac:e8:f1:d4:4d:4a:02:65:5e:fc:a0:82:6d:29:c2:5f:
         5e:72:30:2f:17:20:5f:f7:c5:2a:09:e2:7c:15:e7:bb:a2:bd:
         f3:b0:a8:a7:f3:70:21:52:b5:8c:6a:7e:b2:6f:ce:2d:6f:27:
         71:24:d2:9c:da:57:1c:fe:9d:7c:e3:86:bd:6a:22:79:86:56:
         31:5e:ea:c4:b0:58:b8:2d:0d:13:92:d2:56:87:10:63:2a:7e:
         be:d6:98:09:66:06:9f:c6:4d:7b:1c:9d:e8:5a:25:04:82:9e:
         c5:01:76:e8:df:ba:38:2c:8b:9d:a7:a1:1d:e4:ec:50:bd:1a:
         0b:87:46:b8:bf:cd:05:f8:fc:a9:9a:2f:e8:c9:1e:a8:30:c5:
         3e:78:78:7f:e8:e1:df:d9:cf:a4:3a:de:e8:f7:0e:fc:51:34:
         01:5d:d2:f2:51:26:04:ef:6f:ea:02:42:c9:28:57:60:2a:35:
         45:f5:60:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlou2uyPr5Zl+PfAovJi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUwNjEyMTAwMTM5WhcNMjUwNjEzMTAwMTM5WjAzMTEwLwYDVQQD
EyhmNWFkOTRlNjMyYTRhZGEyMDFjMGY5ZjZhZGM0NzU3MGYyMDRlYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2l74/YLaiQV4zl7J33LlSKC6PoO
rfH6s6rDRARdgSaFSUhqPVXDVhqaD+xIH6gQmmSJhhyJCCKvgkwBkLqQ6PHGOhfB
mrefkhrNJHaxpL2ra/QqHjwS814rZCgmQgO1m2FVYIjNOkzdmI4x1HxD/IwJNR6x
/sCCG2J6Zh/3HzR0q9ZxrF2SipEZc1acF64Zn7S7o0tx02hMbr34CyjDmoDczSn2
XuPNXL4LMYyWI9744PFriQRcq5olOjgISZjwzTklNNNYgvhJ7cXgILLGWptEboet
KFdiVoFSk5LZC3U222D4v6nI22+uuKgKM+4KX/AwBkYoS80Yobc9jB5FfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWtlOYypK2iAcD59q3EdXDyBOp1MB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASPwq5YPB
9AEaTBuh47d1GArThrx94JvW0zAKoT8JjVctSRLIcYRb6IRCN12zjVgkOkrMbdhh
utMNIAmjzg5ie1dUVxwNku9cjRis6PHUTUoCZV78oIJtKcJfXnIwLxcgX/fFKgni
fBXnu6K987Cop/NwIVK1jGp+sm/OLW8ncSTSnNpXHP6dfOOGvWoieYZWMV7qxLBY
uC0NE5LSVocQYyp+vtaYCWYGn8ZNexyd6FolBIKexQF26N+6OCyLnaehHeTsUL0a
C4dGuL/NBfj8qZov6MkeqDDFPnh4f+jh39nPpDre6PcO/FE0AV3S8lEmBO9v6gJC
yShXYCo1RfVgmw==
-----END CERTIFICATE-----