Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          cw3kVA01cWGvWEC7TkjqC4DJG+izC+mb5+1rO0fARzg=
Subject key identifier:   99:8A:4F:17:47:2E:B2:79:AD:A4:FB:26:62:25:0B:2B:42:3F:8D:A1
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       0199FBEB0B7D8FA72E7F796A9E98E5A6ED28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          15E7
Signing time:             Sun 19 Oct 2025 10:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:49 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: iRMmFO3Lzcv0H+ryhMv6yFcxECrvB1usx1e6+7rmeSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:0b:7d:8f:a7:2e:7f:79:6a:9e:98:e5:a6:ed:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Oct 19 10:01:49 2025 GMT
            Not After : Oct 20 10:01:49 2025 GMT
        Subject: CN=998a4f17472eb279ada4fb2662250b2b423f8da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5c:c5:4a:72:4b:67:f9:59:89:31:a8:79:62:
                    1e:fd:a0:5e:07:43:de:49:cf:3b:e8:8f:7f:c8:06:
                    a2:77:a1:4f:65:46:2a:0c:f0:45:35:d9:9e:aa:1b:
                    b9:04:63:4d:37:68:eb:b0:71:ba:76:91:ff:e3:1e:
                    83:c7:d7:2a:d8:44:41:07:e4:54:49:c8:b0:cd:9c:
                    ab:bb:32:d4:08:cd:57:6f:e8:a3:e4:5c:5e:4b:27:
                    70:40:d6:e7:f4:d5:8f:ed:a1:39:88:4f:3d:fb:83:
                    c7:c3:33:d0:04:a8:77:84:f2:ad:6a:01:bd:8b:83:
                    1c:c5:7f:b7:cf:89:b0:3f:3c:d5:06:f0:33:ea:d4:
                    20:3f:67:02:43:4e:08:2c:c3:a0:09:f7:4b:e2:d0:
                    9c:bb:ed:3e:38:c2:e5:ff:ec:f7:fb:a2:14:f2:0a:
                    56:45:85:3c:80:8b:98:29:0e:f2:b1:e1:18:d0:95:
                    5e:09:41:80:43:7f:34:31:d2:46:28:46:f8:01:1c:
                    7d:c9:b9:80:f6:8f:f2:f3:28:31:98:ee:83:df:9a:
                    e0:a6:e8:cf:2a:c3:4d:df:78:79:59:23:41:e2:be:
                    8c:0a:12:47:66:d7:8a:ee:0a:81:94:65:c5:e2:3b:
                    35:7b:4d:e4:0e:84:d3:04:df:b3:0c:b3:fc:c8:57:
                    58:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:8A:4F:17:47:2E:B2:79:AD:A4:FB:26:62:25:0B:2B:42:3F:8D:A1
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:f6:a5:ee:67:b0:20:7c:df:d7:bf:1e:ec:1e:b9:f9:ea:4b:
         7c:b6:41:91:4a:91:43:45:73:4b:7e:e9:d1:86:8c:f5:f1:04:
         57:5c:2f:7d:9a:22:6c:be:69:62:4c:c6:89:d5:3d:ca:ee:9e:
         e8:27:7c:ea:56:38:b7:9a:0e:52:0d:d9:be:e6:d1:c8:bb:ad:
         b9:04:2a:4d:96:87:82:2c:bb:ee:40:02:02:66:e5:78:1d:78:
         cc:de:8e:ed:ab:37:59:f9:84:c4:11:f6:ec:7c:f0:de:fb:5c:
         82:c0:05:17:9d:aa:ba:8f:6f:b8:49:7d:ca:f3:f9:d1:59:26:
         f0:fb:bd:58:7a:7b:20:74:78:15:45:e6:96:4e:f3:0b:d1:a6:
         f7:03:07:76:c0:26:d9:b9:36:ec:25:38:ef:9c:ea:d8:59:19:
         2c:d1:e2:c6:50:5e:a5:ab:60:eb:a0:be:6b:96:99:e3:32:5f:
         a6:6a:5b:35:e7:66:c4:2c:2f:8f:c6:32:c8:14:37:11:b0:bc:
         6a:03:c8:ba:df:a4:8f:8d:51:de:85:ab:35:b9:08:d1:c5:dc:
         f6:94:a6:1f:9c:41:0f:5d:16:e5:99:04:f7:d1:3e:65:fe:af:
         a1:de:4f:64:67:7f:bf:ae:31:1d:26:dc:ea:75:7b:09:bb:69:
         e5:81:be:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wt9j6cuf3lqnpjlpu0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUxMDE5MTAwMTQ5WhcNMjUxMDIwMTAwMTQ5WjAzMTEwLwYDVQQD
Eyg5OThhNGYxNzQ3MmViMjc5YWRhNGZiMjY2MjI1MGIyYjQyM2Y4ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFzFSnJLZ/lZiTGoeWIe/aBeB0Pe
Sc876I9/yAaid6FPZUYqDPBFNdmeqhu5BGNNN2jrsHG6dpH/4x6Dx9cq2ERBB+RU
SciwzZyruzLUCM1Xb+ij5FxeSydwQNbn9NWP7aE5iE89+4PHwzPQBKh3hPKtagG9
i4McxX+3z4mwPzzVBvAz6tQgP2cCQ04ILMOgCfdL4tCcu+0+OMLl/+z3+6IU8gpW
RYU8gIuYKQ7yseEY0JVeCUGAQ380MdJGKEb4ARx9ybmA9o/y8ygxmO6D35rgpujP
KsNN33h5WSNB4r6MChJHZteK7gqBlGXF4js1e03kDoTTBN+zDLP8yFdYZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmKTxdHLrJ5raT7JmIlCytCP42hMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfal7mew
IHzf178e7B65+epLfLZBkUqRQ0VzS37p0YaM9fEEV1wvfZoibL5pYkzGidU9yu6e
6Cd86lY4t5oOUg3ZvubRyLutuQQqTZaHgiy77kACAmbleB14zN6O7as3WfmExBH2
7Hzw3vtcgsAFF52quo9vuEl9yvP50Vkm8Pu9WHp7IHR4FUXmlk7zC9Gm9wMHdsAm
2bk27CU475zq2FkZLNHixlBepatg66C+a5aZ4zJfpmpbNedmxCwvj8YyyBQ3EbC8
agPIut+kj41R3oWrNbkI0cXc9pSmH5xBD10W5ZkE99E+Zf6vod5PZGd/v64xHSbc
6nV7Cbtp5YG+lQ==
-----END CERTIFICATE-----