Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          tOotMSWlHvEF68GZhciQKo3h5H8TkBfRxX5gy+6AlXM=
Subject key identifier:   14:44:01:4A:81:5F:6D:34:83:AB:CE:13:8D:B7:A7:47:5D:93:2D:2F
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       0196CACDE953B5740FB3DFCDCB20423782CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          1440
Signing time:             Tue 13 May 2025 18:00:14 +0000
Manifest this update:     Tue 13 May 2025 18:00:14 +0000
Manifest next update:     Wed 14 May 2025 18:00:14 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: PKnjgpGFaJPSdZZsjKVSRqlP7dOYb1OlT9TpiisYoAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:cd:e9:53:b5:74:0f:b3:df:cd:cb:20:42:37:82:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: May 13 18:00:14 2025 GMT
            Not After : May 14 18:00:14 2025 GMT
        Subject: CN=1444014a815f6d3483abce138db7a7475d932d2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4b:df:99:1b:21:6c:02:4a:73:eb:65:ac:57:
                    af:91:eb:38:27:c9:2c:40:70:07:69:d8:30:df:ad:
                    bb:5c:ef:c5:18:70:a3:b4:43:30:28:08:a3:7d:92:
                    a1:e3:21:14:27:ac:14:5a:21:8a:f5:55:a2:fe:44:
                    ad:c1:d2:d3:ca:16:86:ef:2f:e8:96:f1:d9:8e:1b:
                    18:eb:5a:91:6c:c7:71:ed:db:e3:d3:98:ae:b0:c3:
                    77:ce:d8:71:f9:b5:7c:0a:58:02:de:55:da:34:41:
                    4a:b5:ad:11:28:2d:88:fb:81:2e:b1:c7:1b:4a:66:
                    e5:63:cd:57:3f:92:ad:ac:64:a4:7b:0d:c5:09:a1:
                    08:32:44:09:59:94:01:4c:46:ba:dc:31:aa:83:97:
                    c1:f3:88:ef:18:be:96:1a:a2:0c:1d:9d:55:0d:7b:
                    4a:2f:ec:5a:fe:ff:06:14:76:1b:6b:d1:e3:77:9b:
                    b3:91:4b:57:13:73:29:b1:18:76:29:86:bc:87:e6:
                    dd:42:f2:91:92:ae:36:a9:b1:1f:15:32:bc:e2:d5:
                    a2:81:dd:53:2b:02:26:fa:25:02:d9:16:f1:14:63:
                    41:9a:2b:70:34:7e:c2:25:58:3c:6a:e9:6a:0b:0d:
                    d0:47:0a:ff:79:98:3a:2f:71:48:c1:d3:2e:6f:6f:
                    14:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:44:01:4A:81:5F:6D:34:83:AB:CE:13:8D:B7:A7:47:5D:93:2D:2F
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:b8:b6:ec:d9:e1:91:4e:ec:38:82:50:18:ed:fc:84:ab:a5:
         b2:74:b3:b7:dc:99:c7:3f:14:59:00:a1:22:73:18:7e:d5:1f:
         69:a9:0c:30:00:72:b1:38:46:c2:20:a4:cc:21:3c:b1:50:c7:
         20:97:fd:77:3b:95:ee:c0:62:a9:b3:81:92:93:67:a4:82:46:
         b7:92:4b:eb:f2:fc:1f:cb:4c:96:e0:94:18:4d:61:e7:18:f7:
         25:31:08:25:cd:b4:1f:48:4a:4c:e2:a5:ea:82:27:64:1a:f2:
         54:61:05:f2:af:5f:f2:9a:79:47:ee:cf:d5:ee:f1:15:f1:76:
         58:71:1d:e0:b6:c5:0b:05:fa:46:fd:be:66:bf:6b:b2:53:96:
         35:a0:b4:cc:7b:d5:52:d9:63:4b:85:7a:c4:f5:5d:a3:28:67:
         b0:29:a1:b4:cd:58:dd:c3:f0:d3:67:2f:e8:a4:cf:9b:c6:b0:
         2f:1f:00:ad:5f:b7:48:39:cd:26:b2:e6:2d:1c:a7:87:d7:31:
         13:82:73:9a:bb:70:14:0c:a0:96:7a:63:8f:88:08:b9:41:ce:
         6a:64:40:62:59:9f:57:27:96:f4:f7:0d:72:38:c0:f6:a9:d6:
         3a:88:0f:c5:80:5e:97:2c:ad:87:ae:eb:9a:c1:6f:66:b1:eb:
         a3:ca:04:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKzelTtXQPs9/NyyBCN4LLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwNTEzMTgwMDE0WhcNMjUwNTE0MTgwMDE0WjAzMTEwLwYDVQQD
EygxNDQ0MDE0YTgxNWY2ZDM0ODNhYmNlMTM4ZGI3YTc0NzVkOTMyZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUvfmRshbAJKc+tlrFevkes4J8ks
QHAHadgw3627XO/FGHCjtEMwKAijfZKh4yEUJ6wUWiGK9VWi/kStwdLTyhaG7y/o
lvHZjhsY61qRbMdx7dvj05iusMN3zthx+bV8ClgC3lXaNEFKta0RKC2I+4Eusccb
SmblY81XP5KtrGSkew3FCaEIMkQJWZQBTEa63DGqg5fB84jvGL6WGqIMHZ1VDXtK
L+xa/v8GFHYba9Hjd5uzkUtXE3MpsRh2KYa8h+bdQvKRkq42qbEfFTK84tWigd1T
KwIm+iUC2RbxFGNBmitwNH7CJVg8aulqCw3QRwr/eZg6L3FIwdMub28UkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBREAUqBX200g6vOE423p0ddky0vMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArri27Nnh
kU7sOIJQGO38hKulsnSzt9yZxz8UWQChInMYftUfaakMMABysThGwiCkzCE8sVDH
IJf9dzuV7sBiqbOBkpNnpIJGt5JL6/L8H8tMluCUGE1h5xj3JTEIJc20H0hKTOKl
6oInZBryVGEF8q9f8pp5R+7P1e7xFfF2WHEd4LbFCwX6Rv2+Zr9rslOWNaC0zHvV
UtljS4V6xPVdoyhnsCmhtM1Y3cPw02cv6KTPm8awLx8ArV+3SDnNJrLmLRynh9cx
E4JzmrtwFAyglnpjj4gIuUHOamRAYlmfVyeW9PcNcjjA9qnWOogPxYBelyyth67r
msFvZrHro8oEsQ==
-----END CERTIFICATE-----