Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
File:                     vdI1_DzDTEVIxqhONeSVMyhTm-E.mft (raw, json)
Hash identifier:          IPxPhnWkj1aM86fMOBumgOelCMKZ+O8JO2Sf41GdGEk=
Subject key identifier:   40:C0:2F:E8:BE:EB:25:63:9F:E7:6E:97:A1:9B:1C:58:EF:4A:52:BC
Authority key identifier: BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1
Certificate issuer:       /CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
Certificate serial:       0198D5837FAB73CF082A777735BAE0AF7A92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
Manifest number:          1053
Signing time:             Sat 23 Aug 2025 06:00:21 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:21 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:21 +0000
Files and hashes:         1: vdI1_DzDTEVIxqhONeSVMyhTm-E.crl (hash: 0aKZBN66hIVhLEDMKrBf3zT4LYoJerTLj4lm1iSayQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:7f:ab:73:cf:08:2a:77:77:35:ba:e0:af:7a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
        Validity
            Not Before: Aug 23 06:00:21 2025 GMT
            Not After : Aug 24 06:00:21 2025 GMT
        Subject: CN=40c02fe8beeb25639fe76e97a19b1c58ef4a52bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:01:50:d9:07:b4:a9:38:4c:8f:f2:a9:08:a3:
                    83:7b:6d:f5:8c:f9:2d:83:92:98:7c:b1:2e:85:14:
                    75:7a:6e:ad:f2:d5:82:d7:df:85:77:f3:51:73:6e:
                    ef:28:80:01:00:dd:a0:75:68:2c:48:69:19:07:ef:
                    85:b8:b1:19:7c:e8:7d:ed:97:fe:b2:db:71:cf:ce:
                    bb:a8:28:c2:d3:b4:ca:95:7a:18:1d:ba:e6:fd:e3:
                    bf:26:d2:95:53:da:ff:e1:1a:81:cc:a6:b7:7d:d5:
                    e8:50:ea:22:5c:f7:95:af:36:16:89:82:85:28:d6:
                    f5:54:7e:3d:59:1f:f6:a0:14:eb:07:6c:e5:57:4e:
                    47:7a:42:1c:9a:8b:a8:a6:8b:f9:bc:5a:2b:8f:1e:
                    e8:50:97:9d:e6:97:14:30:d0:2f:3c:78:d1:9e:11:
                    36:36:4f:fb:f5:ec:13:87:8e:a5:a1:15:c0:37:fb:
                    42:46:21:40:7e:b2:c5:4f:29:ce:e3:49:25:7a:f2:
                    44:ef:52:29:a8:12:d2:5d:87:fd:ad:5e:6a:85:5a:
                    3a:09:d7:b2:0b:01:18:35:01:09:cb:33:e7:62:0d:
                    6d:15:65:1b:51:b0:de:01:15:fd:38:8c:0b:ad:dd:
                    63:36:7b:ef:a2:ec:7d:a3:ca:3a:d9:6b:18:dc:b9:
                    af:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C0:2F:E8:BE:EB:25:63:9F:E7:6E:97:A1:9B:1C:58:EF:4A:52:BC
            X509v3 Authority Key Identifier:
                keyid:BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:07:b5:d8:ce:36:06:e9:8f:3e:fb:36:3c:fe:a0:64:31:5a:
         94:c9:a8:0e:19:ef:f9:8d:c6:59:2d:97:c7:57:a6:b4:fe:77:
         8a:7a:c7:60:7e:db:31:84:82:a4:a7:9d:0b:4f:5d:91:ce:cb:
         21:cf:00:d0:0b:7f:38:96:39:db:cd:01:24:6c:aa:dd:f3:3b:
         04:fd:63:aa:e1:bb:a5:d0:c2:94:af:0f:d3:6e:a0:c1:6a:71:
         8c:91:54:d2:2f:64:0e:54:57:b4:08:df:00:4d:62:69:fd:66:
         10:9d:3e:b7:5e:df:d0:d1:28:3d:45:c7:f1:58:e6:d0:1a:bd:
         b5:cc:a3:22:93:98:32:8f:04:a7:67:15:57:fb:3a:c6:14:52:
         cc:2f:a9:e7:d6:b9:9a:11:f8:16:df:d0:0c:f1:68:25:f5:7d:
         93:d0:02:13:43:80:a6:d5:cb:1b:2c:a6:2f:d8:17:54:42:a0:
         2f:4b:bf:37:e4:66:c1:c1:48:01:1a:68:8f:2c:ce:f4:6e:75:
         84:f3:b3:6e:ff:c9:68:0f:0f:bf:d6:c7:48:1e:38:1b:88:09:
         3f:38:b7:30:71:fd:3a:f1:c3:ca:b9:cd:01:72:f2:da:75:ae:
         9c:2f:42:3c:7a:0a:43:8f:c1:76:9a:60:e1:14:ff:a1:59:7e:
         50:8d:5e:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg3+rc88IKnd3Nbrgr3qSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDIzNWZjM2NjMzRjNDU0OGM2YTg0ZTM1ZTQ5NTMzMjg1
MzliZTEwHhcNMjUwODIzMDYwMDIxWhcNMjUwODI0MDYwMDIxWjAzMTEwLwYDVQQD
Eyg0MGMwMmZlOGJlZWIyNTYzOWZlNzZlOTdhMTliMWM1OGVmNGE1MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AFQ2Qe0qThMj/KpCKODe231jPkt
g5KYfLEuhRR1em6t8tWC19+Fd/NRc27vKIABAN2gdWgsSGkZB++FuLEZfOh97Zf+
sttxz867qCjC07TKlXoYHbrm/eO/JtKVU9r/4RqBzKa3fdXoUOoiXPeVrzYWiYKF
KNb1VH49WR/2oBTrB2zlV05HekIcmouopov5vForjx7oUJed5pcUMNAvPHjRnhE2
Nk/79ewTh46loRXAN/tCRiFAfrLFTynO40klevJE71IpqBLSXYf9rV5qhVo6Cdey
CwEYNQEJyzPnYg1tFWUbUbDeARX9OIwLrd1jNnvvoux9o8o62WsY3LmvtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDAL+i+6yVjn+dul6GbHFjvSlK8MB8GA1UdIwQY
MBaAFL3SNfw8w0xFSMaoTjXklTMoU5vhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMt
MWVjZjFlZDY0ODdiLzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMtMWVjZjFlZDY0ODdi
LzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUwe12M42
BumPPvs2PP6gZDFalMmoDhnv+Y3GWS2Xx1emtP53inrHYH7bMYSCpKedC09dkc7L
Ic8A0At/OJY5280BJGyq3fM7BP1jquG7pdDClK8P026gwWpxjJFU0i9kDlRXtAjf
AE1iaf1mEJ0+t17f0NEoPUXH8Vjm0Bq9tcyjIpOYMo8Ep2cVV/s6xhRSzC+p59a5
mhH4Ft/QDPFoJfV9k9ACE0OAptXLGyymL9gXVEKgL0u/N+RmwcFIARpojyzO9G51
hPOzbv/JaA8Pv9bHSB44G4gJPzi3MHH9OvHDyrnNAXLy2nWunC9CPHoKQ4/Bdppg
4RT/oVl+UI1eTw==
-----END CERTIFICATE-----