Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          nUpxoa545Ts/T89cC/s345jpmenXGFD9AqVLJDwO4Ew=
Subject key identifier:   41:4C:71:1B:44:EE:EB:CE:CD:8E:BD:EB:13:E6:A2:1C:08:EF:A1:24
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       019A72264865E61575FA9681619B9762FDB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          1370
Signing time:             Tue 11 Nov 2025 09:01:42 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:42 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:42 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: EVo+UxrHMejyiH42qbnrAKnzMIviEtarjdKWgoQRaf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:48:65:e6:15:75:fa:96:81:61:9b:97:62:fd:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Nov 11 09:01:42 2025 GMT
            Not After : Nov 12 09:01:42 2025 GMT
        Subject: CN=414c711b44eeebcecd8ebdeb13e6a21c08efa124
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:7b:8e:bc:f8:8e:ef:d5:a7:f6:49:a7:28:04:
                    8b:f5:72:75:b0:e1:1b:54:38:29:4d:67:9f:4b:f5:
                    af:1a:24:8c:03:35:4e:e6:1a:b3:e4:ca:55:db:c9:
                    50:72:7b:97:3b:02:2a:6b:31:4d:42:93:8f:c3:68:
                    d2:be:9c:17:3b:8b:4c:04:a9:99:40:f8:41:5d:8a:
                    b9:38:74:3e:06:1d:fc:bd:63:56:5a:8e:2f:5f:41:
                    27:11:09:f2:08:ed:f9:f2:bc:e0:d9:c5:fb:4b:d8:
                    45:60:ae:12:e4:0d:ef:91:00:e9:f6:ba:49:92:91:
                    fe:bf:d7:7c:04:1a:c0:85:2c:13:20:c9:34:13:79:
                    fc:13:8f:c5:33:63:6b:35:8e:66:a8:09:4d:e4:2e:
                    3c:ef:57:6f:ce:50:3d:0a:b1:21:cb:6b:19:ad:86:
                    ac:5a:09:fd:7b:ec:07:f8:25:54:bd:17:05:ab:fa:
                    e8:1d:6c:73:9c:be:98:80:4f:83:70:3c:eb:cb:91:
                    5e:12:ce:1b:66:10:1f:47:66:6c:8d:28:b3:a0:b5:
                    c6:ed:f0:8d:60:84:e9:0c:bb:8c:47:c1:5c:b7:9f:
                    c5:5e:d0:ab:33:36:75:1b:9d:74:a1:96:32:a2:31:
                    e6:a6:51:9b:bc:8f:cd:6b:00:38:3f:18:04:0c:2a:
                    87:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4C:71:1B:44:EE:EB:CE:CD:8E:BD:EB:13:E6:A2:1C:08:EF:A1:24
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:3e:db:19:1a:38:88:7a:ec:17:2d:0a:22:d4:99:6d:e4:65:
         1a:6c:9f:51:69:a6:97:a3:0f:1d:92:0a:4d:e3:54:6e:42:b3:
         dc:43:5d:94:45:5d:76:24:76:71:39:cd:d7:3b:e5:de:2e:5c:
         10:98:8d:10:66:54:51:21:b9:2e:91:d7:89:b6:f0:eb:f4:9e:
         f0:f7:97:69:54:46:b7:a2:9a:0a:4d:96:bc:e3:fc:9f:23:33:
         30:99:67:fa:65:b0:7a:e6:85:a5:c7:5d:39:11:0d:ad:22:fe:
         7e:47:69:77:fe:b1:83:1e:49:7f:64:f7:1a:2f:2e:83:c6:4d:
         98:91:21:c9:35:08:4d:1e:d9:96:90:cc:37:54:e9:9f:4c:d8:
         cd:6b:4a:ed:82:3d:26:20:2d:d3:2a:d3:b0:2b:71:46:db:29:
         12:94:be:df:b0:ce:f3:8b:5c:0b:5a:25:e4:5d:93:8c:e3:11:
         44:a3:00:49:1a:b4:f9:4f:e8:54:00:eb:ac:ff:92:a3:eb:34:
         63:bf:30:78:a0:df:b4:6e:30:1d:95:b9:a3:1d:65:ca:61:ec:
         7d:d2:4e:b2:1c:c9:48:c6:31:fa:79:51:a8:69:3d:f7:ca:09:
         ba:1b:4f:17:13:b4:bd:c0:43:83:46:eb:9e:c4:29:64:b4:6b:
         4b:83:71:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJkhl5hV1+paBYZuXYv24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUxMTExMDkwMTQyWhcNMjUxMTEyMDkwMTQyWjAzMTEwLwYDVQQD
Eyg0MTRjNzExYjQ0ZWVlYmNlY2Q4ZWJkZWIxM2U2YTIxYzA4ZWZhMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HuOvPiO79Wn9kmnKASL9XJ1sOEb
VDgpTWefS/WvGiSMAzVO5hqz5MpV28lQcnuXOwIqazFNQpOPw2jSvpwXO4tMBKmZ
QPhBXYq5OHQ+Bh38vWNWWo4vX0EnEQnyCO358rzg2cX7S9hFYK4S5A3vkQDp9rpJ
kpH+v9d8BBrAhSwTIMk0E3n8E4/FM2NrNY5mqAlN5C4871dvzlA9CrEhy2sZrYas
Wgn9e+wH+CVUvRcFq/roHWxznL6YgE+DcDzry5FeEs4bZhAfR2ZsjSizoLXG7fCN
YITpDLuMR8Fct5/FXtCrMzZ1G510oZYyojHmplGbvI/NawA4PxgEDCqHyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFMcRtE7uvOzY696xPmohwI76EkMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdD7bGRo4
iHrsFy0KItSZbeRlGmyfUWmml6MPHZIKTeNUbkKz3ENdlEVddiR2cTnN1zvl3i5c
EJiNEGZUUSG5LpHXibbw6/Se8PeXaVRGt6KaCk2WvOP8nyMzMJln+mWweuaFpcdd
ORENrSL+fkdpd/6xgx5Jf2T3Gi8ug8ZNmJEhyTUITR7ZlpDMN1Tpn0zYzWtK7YI9
JiAt0yrTsCtxRtspEpS+37DO84tcC1ol5F2TjOMRRKMASRq0+U/oVADrrP+So+s0
Y78weKDftG4wHZW5ox1lymHsfdJOshzJSMYx+nlRqGk998oJuhtPFxO0vcBDg0br
nsQpZLRrS4NxoA==
-----END CERTIFICATE-----