Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          ljmxa7uOSZHy2Mr2QbR2B7LupNIORf0oVanLx9aXhOc=
Subject key identifier:   56:88:AB:1F:B0:DD:E0:2C:DA:16:52:55:76:18:5E:11:18:E6:C5:73
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       0198D660CF5C220D9337CC4FBE0B3EC64DFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          154F
Signing time:             Sat 23 Aug 2025 10:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:05 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: Q7qlOBk6q+BCYipUyNYBqd2sl8TJn1BwIo22sjJOUIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:cf:5c:22:0d:93:37:cc:4f:be:0b:3e:c6:4d:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Aug 23 10:02:05 2025 GMT
            Not After : Aug 24 10:02:05 2025 GMT
        Subject: CN=5688ab1fb0dde02cda16525576185e1118e6c573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:01:d5:ec:a9:c8:46:79:69:b5:7a:1c:14:24:
                    c0:e6:cd:2b:7c:13:99:3b:46:0e:16:50:d7:3f:da:
                    c3:1b:57:2e:27:50:d6:0e:d6:47:9c:0b:ea:5b:76:
                    e0:07:de:eb:51:09:77:62:2f:2c:9d:70:6e:ce:2d:
                    db:36:d5:72:6b:4d:71:49:fa:4b:3b:48:2c:27:81:
                    49:e1:25:4f:0a:7d:64:60:a1:08:b0:6f:36:1d:78:
                    1c:56:96:63:62:3e:09:3b:62:05:0f:cb:a6:7c:22:
                    67:5b:69:55:d9:b2:bc:79:df:00:0b:32:bc:5c:bf:
                    48:c6:02:56:9a:3f:d3:62:47:54:1b:7f:84:b1:a1:
                    35:7a:99:3c:6c:a7:09:ec:a0:5f:66:d3:f1:3d:bc:
                    d0:69:c9:02:fe:90:ea:b9:f7:68:a3:66:c0:c7:5d:
                    5a:ef:b9:13:76:47:04:ee:1b:27:7d:f9:b3:6c:88:
                    36:f1:12:81:1d:72:08:82:d4:c2:1e:ef:4b:95:da:
                    b8:a3:e2:54:5c:bf:43:d7:9b:af:6b:2a:c3:11:ef:
                    e8:06:6d:f9:62:53:df:c5:ee:44:93:eb:f9:04:89:
                    29:80:76:63:0c:04:c2:b5:8e:f1:73:c1:d7:4a:ad:
                    6c:f8:39:04:96:27:22:55:41:3f:ac:7a:e8:d9:77:
                    0a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:88:AB:1F:B0:DD:E0:2C:DA:16:52:55:76:18:5E:11:18:E6:C5:73
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:5a:9a:04:d8:49:c0:85:a5:7f:be:19:fe:07:b3:1e:61:7e:
         f5:24:dc:c3:eb:44:83:c8:0c:19:ea:5f:59:1f:08:b3:82:ae:
         40:bb:0f:ff:00:6b:30:43:25:1e:90:04:c9:61:55:5e:40:5f:
         b6:6a:cf:9a:d4:96:3a:3f:47:b5:d7:f8:94:60:05:cc:32:43:
         53:8d:d5:66:71:ee:ae:64:51:55:25:5f:f4:5f:ef:14:3c:f7:
         e7:e4:8a:35:f1:64:53:49:5d:3e:2d:bf:21:84:e0:06:5e:c4:
         ad:b8:61:d7:d3:29:b2:cc:c6:a7:82:d3:29:45:f4:76:f4:8d:
         a8:97:b7:97:10:09:95:97:52:69:1e:6f:29:bd:de:0d:8e:83:
         71:bd:98:b8:fb:c0:aa:26:05:16:c4:8f:dd:6a:21:52:8e:5b:
         2d:be:5c:f3:5c:9c:90:0c:0c:f3:1a:b7:02:45:64:dd:9f:8e:
         fb:03:be:fe:07:6e:f6:fc:e5:72:d2:84:89:ea:ae:d4:fa:96:
         1a:1d:b0:46:10:fd:a1:f1:e1:85:1a:2a:39:20:55:3b:5c:20:
         1b:48:88:99:03:e2:be:56:a6:04:2a:87:58:15:54:4a:cd:89:
         52:48:ca:8e:4b:06:f3:17:c9:eb:ff:8a:40:a3:78:ff:db:23:
         09:a5:92:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYM9cIg2TN8xPvgs+xk38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjUwODIzMTAwMjA1WhcNMjUwODI0MTAwMjA1WjAzMTEwLwYDVQQD
Eyg1Njg4YWIxZmIwZGRlMDJjZGExNjUyNTU3NjE4NWUxMTE4ZTZjNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wHV7KnIRnlptXocFCTA5s0rfBOZ
O0YOFlDXP9rDG1cuJ1DWDtZHnAvqW3bgB97rUQl3Yi8snXBuzi3bNtVya01xSfpL
O0gsJ4FJ4SVPCn1kYKEIsG82HXgcVpZjYj4JO2IFD8umfCJnW2lV2bK8ed8ACzK8
XL9IxgJWmj/TYkdUG3+EsaE1epk8bKcJ7KBfZtPxPbzQackC/pDqufdoo2bAx11a
77kTdkcE7hsnffmzbIg28RKBHXIIgtTCHu9Lldq4o+JUXL9D15uvayrDEe/oBm35
YlPfxe5Ek+v5BIkpgHZjDATCtY7xc8HXSq1s+DkEliciVUE/rHro2XcKGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaIqx+w3eAs2hZSVXYYXhEY5sVzMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlqaBNhJ
wIWlf74Z/gezHmF+9STcw+tEg8gMGepfWR8Is4KuQLsP/wBrMEMlHpAEyWFVXkBf
tmrPmtSWOj9Htdf4lGAFzDJDU43VZnHurmRRVSVf9F/vFDz35+SKNfFkU0ldPi2/
IYTgBl7Erbhh19MpsszGp4LTKUX0dvSNqJe3lxAJlZdSaR5vKb3eDY6Dcb2YuPvA
qiYFFsSP3WohUo5bLb5c81yckAwM8xq3AkVk3Z+O+wO+/gdu9vzlctKEiequ1PqW
Gh2wRhD9ofHhhRoqOSBVO1wgG0iImQPivlamBCqHWBVUSs2JUkjKjksG8xfJ6/+K
QKN4/9sjCaWSxw==
-----END CERTIFICATE-----