Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          M1QgUy/DsWlAhmJjXi+sKGlQSwnzy9DJXcrTRODUYyU=
Subject key identifier:   43:13:2E:D7:C1:D3:EC:75:01:B0:54:12:3C:D6:48:0A:AD:F7:BA:1D
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       01975422CCEBDAE2BE0BC0E55D59DC80AADD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0BDA
Signing time:             Mon 09 Jun 2025 10:00:56 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:56 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:56 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: fnsOLhXXAq/st8Aiq9EJHOBMJy2lEXUzPu2EAns9fEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:cc:eb:da:e2:be:0b:c0:e5:5d:59:dc:80:aa:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Jun  9 10:00:56 2025 GMT
            Not After : Jun 10 10:00:56 2025 GMT
        Subject: CN=43132ed7c1d3ec7501b054123cd6480aadf7ba1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c1:65:bf:98:00:24:24:e3:dc:67:aa:84:c6:
                    da:5b:84:32:4d:56:83:ad:a3:81:b9:35:7f:32:1e:
                    a3:34:9e:86:20:87:ef:16:ea:7a:59:e1:ac:b7:bf:
                    3a:f4:bd:6b:d2:0a:63:3e:63:a7:2f:89:69:af:ec:
                    e3:b4:2a:65:4a:2c:9a:de:86:09:78:49:e6:85:ee:
                    73:5a:ad:2c:92:58:64:5b:5c:02:30:9d:eb:3c:5e:
                    a0:c9:d1:98:12:7d:c8:47:4c:5b:36:63:d3:e0:df:
                    b7:99:f1:18:c5:49:21:34:12:0e:11:8b:94:6d:f6:
                    17:1f:01:c9:76:37:b7:9a:ee:e4:cf:00:1e:bf:92:
                    31:f0:a4:f1:c7:96:c8:25:21:8f:e1:6f:f4:d2:13:
                    39:4f:fc:da:1e:3f:72:d5:6f:cf:e9:90:26:43:61:
                    d0:e8:01:80:4c:65:92:f7:4d:3e:08:73:1f:f1:76:
                    28:30:32:36:76:2a:f5:81:54:2e:f5:08:b8:fe:c4:
                    03:78:34:df:2f:8b:8e:d8:39:ad:36:73:c6:c5:66:
                    50:df:f5:87:03:3b:c9:61:e4:93:f6:e6:a5:77:b3:
                    89:3e:10:36:82:54:91:77:f7:e5:f3:29:8c:39:6a:
                    33:f9:46:28:73:8a:1d:5c:02:c1:53:4a:00:1c:59:
                    24:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:13:2E:D7:C1:D3:EC:75:01:B0:54:12:3C:D6:48:0A:AD:F7:BA:1D
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:3f:77:5c:e2:1e:9e:d7:4e:a7:7b:8a:26:ee:64:8f:80:06:
         20:4a:48:37:6d:be:62:d2:dd:09:8d:91:6a:f9:a6:4b:e1:6a:
         51:b0:e2:37:37:4b:3e:98:a3:33:61:02:c2:14:0f:16:a8:59:
         0f:36:71:65:dc:0c:e9:2b:27:91:4e:f1:3c:57:07:40:71:9f:
         ac:cd:c4:45:98:06:30:23:54:74:66:43:c0:e5:e9:43:54:dc:
         a2:0e:95:a3:f2:55:74:98:cf:ab:c8:2b:1c:ba:9d:e4:59:78:
         7d:1d:3a:69:7b:44:b7:27:ba:6c:2a:7d:b5:ef:f1:3e:ee:e4:
         11:26:5f:63:69:68:ab:40:7f:07:3c:3d:8c:b7:e2:6f:85:32:
         5e:35:fe:45:1b:03:9e:fc:df:ad:42:80:d4:b1:47:95:d0:38:
         10:c0:09:e7:b6:b5:87:fd:55:30:ae:bc:bb:37:9e:f8:81:2d:
         62:cf:a9:92:5d:e8:51:07:00:57:ca:c3:f1:c8:04:57:11:08:
         62:a7:cb:67:12:05:35:86:0c:01:e2:af:2a:f8:1d:ae:88:7e:
         c2:55:08:f3:a6:b0:0d:b1:3f:bf:51:96:1d:b3:cd:7c:83:f6:
         01:32:a3:42:26:27:af:6d:6c:9e:f4:0b:0a:d3:41:a9:9c:17:
         82:0b:2d:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIszr2uK+C8DlXVncgKrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUwNjA5MTAwMDU2WhcNMjUwNjEwMTAwMDU2WjAzMTEwLwYDVQQD
Eyg0MzEzMmVkN2MxZDNlYzc1MDFiMDU0MTIzY2Q2NDgwYWFkZjdiYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMFlv5gAJCTj3GeqhMbaW4QyTVaD
raOBuTV/Mh6jNJ6GIIfvFup6WeGst7869L1r0gpjPmOnL4lpr+zjtCplSiya3oYJ
eEnmhe5zWq0sklhkW1wCMJ3rPF6gydGYEn3IR0xbNmPT4N+3mfEYxUkhNBIOEYuU
bfYXHwHJdje3mu7kzwAev5Ix8KTxx5bIJSGP4W/00hM5T/zaHj9y1W/P6ZAmQ2HQ
6AGATGWS900+CHMf8XYoMDI2dir1gVQu9Qi4/sQDeDTfL4uO2DmtNnPGxWZQ3/WH
AzvJYeST9uald7OJPhA2glSRd/fl8ymMOWoz+UYoc4odXALBU0oAHFkkcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMTLtfB0+x1AbBUEjzWSAqt97odMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACT93XOIe
ntdOp3uKJu5kj4AGIEpIN22+YtLdCY2RavmmS+FqUbDiNzdLPpijM2ECwhQPFqhZ
DzZxZdwM6SsnkU7xPFcHQHGfrM3ERZgGMCNUdGZDwOXpQ1Tcog6Vo/JVdJjPq8gr
HLqd5Fl4fR06aXtEtye6bCp9te/xPu7kESZfY2loq0B/Bzw9jLfib4UyXjX+RRsD
nvzfrUKA1LFHldA4EMAJ57a1h/1VMK68uzee+IEtYs+pkl3oUQcAV8rD8cgEVxEI
YqfLZxIFNYYMAeKvKvgdroh+wlUI86awDbE/v1GWHbPNfIP2ATKjQiYnr21snvQL
CtNBqZwXggst5A==
-----END CERTIFICATE-----