Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          Ipz4YJLXzCxPTFlwD+VdPi5f7taoXK6xBiUe2v4AH9Y=
Subject key identifier:   69:37:03:EC:9E:40:6F:CF:50:58:A6:39:21:FF:62:4B:98:85:0F:51
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       01976026B46C637CC56DAFC2D01EFC01CA96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          11D9
Signing time:             Wed 11 Jun 2025 18:00:38 +0000
Manifest this update:     Wed 11 Jun 2025 18:00:38 +0000
Manifest next update:     Thu 12 Jun 2025 18:00:38 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: uMR61qZVkCAhd2Y+pWxhwXHYoEPQafawiu8ihmDjjIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 18:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:26:b4:6c:63:7c:c5:6d:af:c2:d0:1e:fc:01:ca:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Jun 11 18:00:38 2025 GMT
            Not After : Jun 12 18:00:38 2025 GMT
        Subject: CN=693703ec9e406fcf5058a63921ff624b98850f51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:0b:94:85:f0:8c:d1:93:a2:f4:68:88:f8:40:
                    26:ba:4f:ec:f7:c4:f4:1f:e4:62:b4:02:81:6f:88:
                    e8:ff:08:87:95:f2:c1:05:4c:3f:cb:d7:4a:49:45:
                    66:89:c2:58:51:44:e7:e3:7a:29:b5:24:e6:fa:b1:
                    b0:2e:d8:eb:bf:d8:0c:cd:f0:65:09:68:ae:26:2a:
                    de:08:c4:b3:8a:70:de:19:0a:9e:25:08:ad:ec:38:
                    e2:09:83:d5:77:6d:f2:a1:ff:41:37:1b:6d:d6:74:
                    9c:3a:19:38:47:24:90:eb:af:41:f0:d5:0d:bd:ef:
                    1c:8d:75:9f:ce:d1:3f:2f:56:cb:8c:40:ee:3c:ae:
                    fa:05:6d:a5:35:b1:c1:c0:40:fb:08:8f:4c:23:cc:
                    9e:52:04:25:d0:a0:a1:ea:d8:1a:db:42:f3:f5:ce:
                    c6:de:a4:40:e3:e1:8f:60:54:45:b6:54:8e:ae:ac:
                    86:1c:37:ff:b0:c2:b7:fe:ee:36:67:25:69:65:51:
                    1e:31:df:6b:3e:d8:a7:4d:6b:8c:c4:66:13:67:ba:
                    d6:ce:90:80:24:36:93:d1:45:9f:ae:c5:03:1d:9a:
                    8e:e7:ce:c2:34:a6:aa:6c:e8:30:ab:9e:cf:1c:60:
                    bb:b7:88:bb:05:c5:00:9e:e7:2a:8c:30:72:b7:60:
                    2e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:37:03:EC:9E:40:6F:CF:50:58:A6:39:21:FF:62:4B:98:85:0F:51
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:eb:64:a6:aa:d8:95:a4:6f:a3:06:f4:c2:ff:5e:ab:3f:b7:
         7b:d7:7a:1f:25:7a:c8:2f:ad:cf:5f:67:77:50:08:01:f0:14:
         f9:78:56:2c:eb:70:47:e4:11:a6:df:91:f0:b0:2a:9e:13:ab:
         d8:a2:eb:64:cd:f9:d5:ed:73:49:4f:c9:02:73:ad:43:cb:48:
         e4:2f:f2:96:4d:94:9e:a8:2c:72:a2:53:2a:46:50:d9:c2:68:
         8b:6d:6b:e9:17:c8:10:9d:52:d7:a7:8a:5e:a2:47:8e:41:9d:
         2c:b8:4e:a1:82:1a:01:e8:6d:00:84:d2:bf:70:5b:66:cb:6f:
         12:70:d2:d3:52:b0:e1:39:7e:8e:15:8b:ab:fc:ba:b1:8c:90:
         cc:9a:5f:4b:e3:2f:27:18:cb:5f:b2:d1:f5:20:3f:9b:3e:81:
         26:18:1a:51:e2:c9:bc:ff:ee:be:50:d6:e2:61:97:2e:2c:2b:
         5f:c1:b5:cf:67:42:3c:f6:97:fd:26:2f:6b:0e:76:3f:42:48:
         1d:6b:5c:e4:b0:1a:a1:21:bf:46:c2:5f:84:55:1d:37:44:2f:
         ce:3b:49:94:0a:56:08:44:ea:f2:ea:e5:64:ed:70:39:79:6f:
         f8:0d:ce:c3:5f:76:dd:d7:77:7c:05:cd:2a:12:3b:e8:4d:bc:
         f6:a2:ab:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJrRsY3zFba/C0B78AcqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwNjExMTgwMDM4WhcNMjUwNjEyMTgwMDM4WjAzMTEwLwYDVQQD
Eyg2OTM3MDNlYzllNDA2ZmNmNTA1OGE2MzkyMWZmNjI0Yjk4ODUwZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnguUhfCM0ZOi9GiI+EAmuk/s98T0
H+RitAKBb4jo/wiHlfLBBUw/y9dKSUVmicJYUUTn43optSTm+rGwLtjrv9gMzfBl
CWiuJireCMSzinDeGQqeJQit7DjiCYPVd23yof9BNxtt1nScOhk4RySQ669B8NUN
ve8cjXWfztE/L1bLjEDuPK76BW2lNbHBwED7CI9MI8yeUgQl0KCh6tga20Lz9c7G
3qRA4+GPYFRFtlSOrqyGHDf/sMK3/u42ZyVpZVEeMd9rPtinTWuMxGYTZ7rWzpCA
JDaT0UWfrsUDHZqO587CNKaqbOgwq57PHGC7t4i7BcUAnucqjDByt2Au6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk3A+yeQG/PUFimOSH/YkuYhQ9RMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOtkpqrY
laRvowb0wv9eqz+3e9d6HyV6yC+tz19nd1AIAfAU+XhWLOtwR+QRpt+R8LAqnhOr
2KLrZM351e1zSU/JAnOtQ8tI5C/ylk2UnqgscqJTKkZQ2cJoi21r6RfIEJ1S16eK
XqJHjkGdLLhOoYIaAehtAITSv3BbZstvEnDS01Kw4Tl+jhWLq/y6sYyQzJpfS+Mv
JxjLX7LR9SA/mz6BJhgaUeLJvP/uvlDW4mGXLiwrX8G1z2dCPPaX/SYvaw52P0JI
HWtc5LAaoSG/RsJfhFUdN0QvzjtJlApWCETq8urlZO1wOXlv+A3Ow1923dd3fAXN
KhI76E289qKrvA==
-----END CERTIFICATE-----