Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          zoUjEu+TyaM9buPUQZ3G1unaxrwgnvxmaY/sPQ0FWxE=
Subject key identifier:   91:B5:7B:7C:CE:97:A5:EF:ED:79:D4:D5:C0:30:45:A5:CE:4D:B1:F0
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       0199221E72BFC4953D4D80B97ABF480B2154
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          12C2
Signing time:             Sun 07 Sep 2025 03:00:44 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:44 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:44 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: 9JfJqYnKQtQRdkiiLpc6G2sizcZqW5VmZOgCP85DGEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:72:bf:c4:95:3d:4d:80:b9:7a:bf:48:0b:21:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Sep  7 03:00:44 2025 GMT
            Not After : Sep  8 03:00:44 2025 GMT
        Subject: CN=91b57b7cce97a5efed79d4d5c03045a5ce4db1f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:73:1c:18:81:79:c7:f1:25:e5:c9:9f:60:19:
                    30:f1:5d:9a:37:28:8d:4d:f6:fd:13:3a:34:15:b8:
                    e6:61:4f:d5:89:e0:28:8f:21:cb:84:16:33:1b:a8:
                    c9:9c:09:9a:0f:f7:8b:4a:a5:eb:19:9d:e5:51:2c:
                    44:48:5d:95:a4:2b:21:c8:ac:60:e8:6e:46:1c:b9:
                    42:ae:ed:6c:26:93:a6:6f:a8:58:7f:d5:64:65:7f:
                    3a:89:89:d1:d1:44:64:10:f6:ce:8e:d2:40:b6:01:
                    d8:07:6c:cc:6d:3e:bd:fc:1f:db:51:31:a7:d6:14:
                    87:17:73:22:88:2c:0e:62:e1:e6:8a:15:2d:a0:65:
                    6c:94:5c:85:a8:dd:e9:5e:38:fc:01:d3:87:d3:d2:
                    04:63:7a:b0:12:e5:a5:73:4c:10:a3:71:b2:d9:55:
                    59:b5:21:60:59:90:ea:62:ff:8d:e6:7a:1b:f8:a7:
                    53:f7:e2:61:df:71:79:ae:aa:9b:d2:49:d0:c4:43:
                    1f:83:d5:14:91:29:20:f6:e1:5c:3b:70:e7:c5:d2:
                    cd:3d:0d:8a:e9:6a:b8:2b:c1:e3:8d:c2:26:e3:f1:
                    62:68:dc:d3:39:ce:c5:b2:b1:e2:88:a6:c7:33:22:
                    46:81:d5:44:97:5d:f7:04:43:a2:8d:68:44:f8:e0:
                    d4:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:B5:7B:7C:CE:97:A5:EF:ED:79:D4:D5:C0:30:45:A5:CE:4D:B1:F0
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:68:a7:d0:94:3b:07:26:34:5e:1f:0b:1a:a8:57:36:fe:01:
         2d:d3:bf:2d:34:62:b3:71:8c:e4:95:b5:cb:06:d8:c7:97:bf:
         1c:0c:55:55:4e:d0:63:ad:09:ba:62:48:0c:cf:9f:98:55:99:
         34:fe:16:2c:b3:06:31:4f:5b:d6:1d:54:0d:cd:18:fe:0d:a1:
         0c:81:07:9d:29:78:4a:68:bc:ec:3d:94:d2:6d:59:9a:09:09:
         3f:67:bd:00:a9:a3:46:7c:9e:c1:09:90:00:a9:ae:28:32:dc:
         94:4f:cb:d7:a8:8f:16:d9:91:c9:12:7e:f7:58:f1:f3:ca:92:
         8b:78:73:c9:b4:be:81:76:af:5b:b2:2c:90:1e:04:22:52:c1:
         e2:9c:ea:ad:98:b2:23:59:bd:c3:6a:04:c7:97:5f:9f:ba:22:
         25:4d:fe:b8:7c:eb:27:fb:1f:f9:c0:fb:30:a7:f7:a3:86:61:
         e1:3a:52:51:b9:c0:58:05:38:0e:29:a8:b7:34:f4:54:0e:12:
         10:28:51:57:b0:7f:f2:39:aa:ec:47:10:42:c6:07:1d:06:e7:
         d7:43:9b:73:86:3f:84:92:48:1a:aa:06:99:94:46:1c:e8:ac:
         4b:02:aa:98:bb:af:f2:3c:a5:11:e3:b2:6b:82:cf:36:f1:4b:
         c1:43:a5:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHnK/xJU9TYC5er9ICyFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwOTA3MDMwMDQ0WhcNMjUwOTA4MDMwMDQ0WjAzMTEwLwYDVQQD
Eyg5MWI1N2I3Y2NlOTdhNWVmZWQ3OWQ0ZDVjMDMwNDVhNWNlNGRiMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nMcGIF5x/El5cmfYBkw8V2aNyiN
Tfb9Ezo0FbjmYU/VieAojyHLhBYzG6jJnAmaD/eLSqXrGZ3lUSxESF2VpCshyKxg
6G5GHLlCru1sJpOmb6hYf9VkZX86iYnR0URkEPbOjtJAtgHYB2zMbT69/B/bUTGn
1hSHF3MiiCwOYuHmihUtoGVslFyFqN3pXjj8AdOH09IEY3qwEuWlc0wQo3Gy2VVZ
tSFgWZDqYv+N5nob+KdT9+Jh33F5rqqb0knQxEMfg9UUkSkg9uFcO3DnxdLNPQ2K
6Wq4K8HjjcIm4/FiaNzTOc7FsrHiiKbHMyJGgdVEl133BEOijWhE+ODUDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJG1e3zOl6Xv7XnU1cAwRaXOTbHwMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmin0JQ7
ByY0Xh8LGqhXNv4BLdO/LTRis3GM5JW1ywbYx5e/HAxVVU7QY60JumJIDM+fmFWZ
NP4WLLMGMU9b1h1UDc0Y/g2hDIEHnSl4Smi87D2U0m1ZmgkJP2e9AKmjRnyewQmQ
AKmuKDLclE/L16iPFtmRyRJ+91jx88qSi3hzybS+gXavW7IskB4EIlLB4pzqrZiy
I1m9w2oEx5dfn7oiJU3+uHzrJ/sf+cD7MKf3o4Zh4TpSUbnAWAU4DimotzT0VA4S
EChRV7B/8jmq7EcQQsYHHQbn10Obc4Y/hJJIGqoGmZRGHOisSwKqmLuv8jylEeOy
a4LPNvFLwUOlog==
-----END CERTIFICATE-----