Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          rBy1ppxBNnI3z7+nH+63EpbdQfMvXoH3BvzGTthFZVw=
Subject key identifier:   63:E6:D5:2D:05:D6:7B:C0:8D:D0:72:B2:3D:BC:40:AF:5C:7C:F5:A9
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       019757FF72C0CF44C9CF7EB155633896A497
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0BDC
Signing time:             Tue 10 Jun 2025 04:00:48 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:48 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:48 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: avqo9tpXH8kW3QA0Tu90hi5Gp8/5E1CBunOOar5AOV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:72:c0:cf:44:c9:cf:7e:b1:55:63:38:96:a4:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Jun 10 04:00:48 2025 GMT
            Not After : Jun 11 04:00:48 2025 GMT
        Subject: CN=63e6d52d05d67bc08dd072b23dbc40af5c7cf5a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:70:a9:90:cb:ed:f3:c6:72:9d:3c:0c:5f:43:
                    1c:ef:68:59:e5:7c:fc:0d:13:5c:95:95:ae:6f:62:
                    1f:76:bb:bf:af:27:ad:1e:f1:ca:fe:2e:5d:08:e5:
                    32:4d:ed:21:ff:a3:35:69:3f:2c:ee:ad:97:41:6c:
                    a6:bd:28:6d:b8:21:b2:f5:5d:70:06:fa:c9:ce:70:
                    47:bb:fc:e5:ce:23:d1:3e:ea:81:7e:d5:30:0f:3c:
                    87:9d:1f:6b:ec:fe:9a:27:85:13:76:73:d8:f4:c2:
                    75:eb:e1:d7:7a:01:99:e8:c1:53:0d:06:cd:a3:95:
                    ec:fa:54:4c:b9:32:3e:d2:3a:ae:1e:77:fb:6c:fd:
                    a3:69:78:58:9f:91:a1:88:1b:2a:e1:3e:1d:a4:1e:
                    2b:4a:b2:6a:bf:29:a1:a4:dc:28:f3:ed:46:1b:86:
                    2c:87:4c:1c:d8:b1:4a:7a:b1:3a:c6:58:bc:91:f9:
                    64:a8:b3:94:3d:92:79:16:5f:84:93:57:5f:1c:97:
                    ea:cc:2c:4c:27:e3:84:67:5e:3d:28:f4:83:ad:75:
                    44:23:21:df:73:87:a0:af:2d:d6:97:d1:29:5d:db:
                    da:48:5d:68:21:7e:67:aa:69:3f:21:7a:6d:bd:e2:
                    0a:c8:ca:e1:66:f1:e3:ad:55:a5:44:9b:4c:6d:30:
                    ef:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:E6:D5:2D:05:D6:7B:C0:8D:D0:72:B2:3D:BC:40:AF:5C:7C:F5:A9
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:7c:90:52:07:2c:d0:5c:48:63:6c:dd:0c:88:cc:f2:64:b3:
         77:d6:27:ff:a1:42:3d:5c:f7:bd:06:27:b0:08:da:37:76:6f:
         22:8b:25:fa:62:0f:ff:2c:c3:3d:39:20:2a:d3:49:54:38:c8:
         cb:ab:eb:15:6e:f8:04:79:8f:f0:6f:12:50:be:a3:e3:14:f3:
         f5:34:cb:c8:bf:e9:16:94:04:a9:c1:2f:9c:bd:ec:97:65:26:
         f2:9e:f0:cc:33:bb:2b:7d:da:ec:24:8f:46:cc:35:ea:3e:86:
         11:0a:d3:0f:94:0c:11:34:73:e3:ba:55:8b:35:e0:e7:dd:1f:
         d7:00:ad:ec:d8:8a:e8:10:a5:db:5e:46:25:25:b8:ab:e7:7d:
         bb:ea:10:8f:58:45:86:51:1a:8e:b8:45:96:63:62:19:a2:4c:
         9c:e2:3e:2b:c5:f2:f3:be:cd:46:ee:a8:ea:00:93:15:22:c9:
         1d:d0:ae:d9:ae:7d:57:5f:fc:d1:41:b6:c5:c4:5f:28:fe:7d:
         67:48:7f:fc:f1:e7:5e:fc:be:de:01:21:70:90:66:bc:ac:9e:
         ea:ec:46:42:63:85:c6:04:4d:e0:1b:53:cd:8f:2b:cd:2c:7b:
         fc:95:da:e3:7c:18:e2:69:3e:c3:48:12:05:67:17:fd:02:27:
         46:2b:b3:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/3LAz0TJz36xVWM4lqSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUwNjEwMDQwMDQ4WhcNMjUwNjExMDQwMDQ4WjAzMTEwLwYDVQQD
Eyg2M2U2ZDUyZDA1ZDY3YmMwOGRkMDcyYjIzZGJjNDBhZjVjN2NmNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HCpkMvt88ZynTwMX0Mc72hZ5Xz8
DRNclZWub2Ifdru/ryetHvHK/i5dCOUyTe0h/6M1aT8s7q2XQWymvShtuCGy9V1w
BvrJznBHu/zlziPRPuqBftUwDzyHnR9r7P6aJ4UTdnPY9MJ16+HXegGZ6MFTDQbN
o5Xs+lRMuTI+0jquHnf7bP2jaXhYn5GhiBsq4T4dpB4rSrJqvymhpNwo8+1GG4Ys
h0wc2LFKerE6xli8kflkqLOUPZJ5Fl+Ek1dfHJfqzCxMJ+OEZ149KPSDrXVEIyHf
c4egry3Wl9EpXdvaSF1oIX5nqmk/IXptveIKyMrhZvHjrVWlRJtMbTDv0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPm1S0F1nvAjdBysj28QK9cfPWpMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo3yQUgcs
0FxIY2zdDIjM8mSzd9Yn/6FCPVz3vQYnsAjaN3ZvIosl+mIP/yzDPTkgKtNJVDjI
y6vrFW74BHmP8G8SUL6j4xTz9TTLyL/pFpQEqcEvnL3sl2Um8p7wzDO7K33a7CSP
Rsw16j6GEQrTD5QMETRz47pVizXg590f1wCt7NiK6BCl215GJSW4q+d9u+oQj1hF
hlEajrhFlmNiGaJMnOI+K8Xy877NRu6o6gCTFSLJHdCu2a59V1/80UG2xcRfKP59
Z0h//PHnXvy+3gEhcJBmvKye6uxGQmOFxgRN4BtTzY8rzSx7/JXa43wY4mk+w0gS
BWcX/QInRiuzow==
-----END CERTIFICATE-----