Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
File:                     vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json)
Hash identifier:          TGvbqEY1UNyTmWTI03cee4V2ONUDR/PBCY9hK5o1b5Y=
Subject key identifier:   D3:6E:1F:F4:C6:55:E0:BC:D7:C3:37:C8:ED:31:52:38:3B:A4:E7:C0
Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C
Certificate issuer:       /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
Certificate serial:       0196C15E11D8DA11256497E18A55D6B286EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
Manifest number:          0AC7
Signing time:             Sun 11 May 2025 22:01:29 +0000
Manifest this update:     Sun 11 May 2025 22:01:29 +0000
Manifest next update:     Mon 12 May 2025 22:01:29 +0000
Files and hashes:         1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: E4VO3eOqLwssKWA7J3+HkhJbtU1sXVZOTgXx8l2N4fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5e:11:d8:da:11:25:64:97:e1:8a:55:d6:b2:86:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
        Validity
            Not Before: May 11 22:01:29 2025 GMT
            Not After : May 12 22:01:29 2025 GMT
        Subject: CN=d36e1ff4c655e0bcd7c337c8ed3152383ba4e7c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ef:93:7c:f3:53:04:e1:bd:38:2a:40:c8:34:
                    d8:d3:8f:0f:ff:23:5d:c9:d8:50:25:7b:8a:e2:38:
                    08:13:a3:d3:f9:72:57:00:bc:ab:60:cf:06:0c:5f:
                    d6:be:0e:b8:72:be:a6:ea:bf:c7:42:04:cc:48:43:
                    ec:b8:9b:c2:d4:c7:3c:17:c7:a3:ee:4d:73:6f:6e:
                    9b:51:cc:ab:03:d1:b9:a9:b3:12:d6:aa:f7:3e:d0:
                    46:16:f9:ed:b4:42:a5:ad:c3:0a:a9:e0:2b:62:75:
                    d3:9d:1a:1d:2f:ea:d4:f5:25:af:cd:ac:51:d4:a1:
                    d6:9c:33:a2:8f:04:24:bb:1d:39:da:17:33:92:c2:
                    d9:50:f8:6c:0e:7d:58:b1:ce:a3:99:58:4a:21:aa:
                    1a:88:a5:0c:a4:ad:55:7f:bb:a1:ee:fe:a1:f1:fd:
                    78:0c:d0:f4:0a:83:3f:2e:7f:ab:d2:4f:67:f9:b0:
                    e7:6c:bb:34:9f:95:d6:79:bd:c9:29:fd:ee:e3:cd:
                    0a:20:cf:a9:ba:69:72:9b:61:ad:b2:a7:56:29:49:
                    32:89:a8:67:72:7d:85:8f:bb:29:6e:56:20:83:d7:
                    00:73:92:01:a7:3d:7f:ae:97:6f:d5:72:fd:91:2e:
                    d1:26:68:e4:d7:e0:e9:6d:96:1e:ad:96:f1:49:7f:
                    bb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:6E:1F:F4:C6:55:E0:BC:D7:C3:37:C8:ED:31:52:38:3B:A4:E7:C0
            X509v3 Authority Key Identifier:
                keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:bc:90:1f:fd:f0:c9:bf:69:99:89:60:36:40:02:d0:a7:37:
         1d:e8:87:32:40:bc:f9:7c:04:f8:ed:1f:a4:98:e1:56:a7:9d:
         bf:90:78:44:ee:bc:4b:a4:43:82:d2:88:40:91:e1:b5:c9:70:
         80:6c:ac:d7:f7:d6:5c:69:f1:da:f4:2b:bb:db:ca:b8:e2:0c:
         d7:b9:55:e8:af:6b:af:d7:9c:7d:a2:8a:cb:6c:0f:8d:f6:f0:
         72:77:03:fe:8c:fd:21:e6:50:7f:e6:31:12:cf:cb:93:45:3e:
         b7:15:1d:b8:1b:e2:1c:a2:90:78:6a:c0:d3:68:bc:d5:3b:b8:
         ae:69:f8:53:31:6b:4a:a3:ba:d3:4e:e8:7e:47:f4:92:32:c4:
         21:ad:fd:b7:94:0d:25:f9:9d:c3:26:87:ca:58:28:d6:ba:58:
         6c:15:d4:55:86:a8:dc:04:97:84:f7:4e:39:a7:23:03:e5:89:
         90:a5:43:4e:2e:ae:2e:3a:96:29:3a:23:eb:59:ab:7c:73:60:
         e7:1e:1c:13:1f:08:28:c1:aa:32:60:f7:0a:5f:57:2d:0f:d6:
         9e:2b:69:78:73:51:1c:d1:b4:23:d4:f2:d2:ea:e1:c7:2d:77:
         47:b1:8d:92:a2:b2:4e:1e:18:38:93:86:07:73:e6:3f:69:0d:
         72:98:91:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXhHY2hElZJfhilXWsobuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0
MDFlM2MwHhcNMjUwNTExMjIwMTI5WhcNMjUwNTEyMjIwMTI5WjAzMTEwLwYDVQQD
EyhkMzZlMWZmNGM2NTVlMGJjZDdjMzM3YzhlZDMxNTIzODNiYTRlN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e+TfPNTBOG9OCpAyDTY048P/yNd
ydhQJXuK4jgIE6PT+XJXALyrYM8GDF/Wvg64cr6m6r/HQgTMSEPsuJvC1Mc8F8ej
7k1zb26bUcyrA9G5qbMS1qr3PtBGFvnttEKlrcMKqeArYnXTnRodL+rU9SWvzaxR
1KHWnDOijwQkux052hczksLZUPhsDn1Ysc6jmVhKIaoaiKUMpK1Vf7uh7v6h8f14
DND0CoM/Ln+r0k9n+bDnbLs0n5XWeb3JKf3u480KIM+pumlym2GtsqdWKUkyiahn
cn2Fj7spblYgg9cAc5IBpz1/rpdv1XL9kS7RJmjk1+DpbZYerZbxSX+7XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNuH/TGVeC818M3yO0xUjg7pOfAMB8GA1UdIwQY
MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt
N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk
LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbyQH/3w
yb9pmYlgNkAC0Kc3HeiHMkC8+XwE+O0fpJjhVqedv5B4RO68S6RDgtKIQJHhtclw
gGys1/fWXGnx2vQru9vKuOIM17lV6K9rr9ecfaKKy2wPjfbwcncD/oz9IeZQf+Yx
Es/Lk0U+txUduBviHKKQeGrA02i81Tu4rmn4UzFrSqO6007ofkf0kjLEIa39t5QN
JfmdwyaHylgo1rpYbBXUVYao3ASXhPdOOacjA+WJkKVDTi6uLjqWKToj61mrfHNg
5x4cEx8IKMGqMmD3Cl9XLQ/WnitpeHNRHNG0I9Ty0urhxy13R7GNkqKyTh4YOJOG
B3PmP2kNcpiR1A==
-----END CERTIFICATE-----