Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
File:                     vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft (raw, json)
Hash identifier:          cEz+MAAIZfohRJSr5I31t6ZHek0cs3o1hMoOCgCLJrY=
Subject key identifier:   66:91:EB:D1:BA:83:E5:64:80:C5:18:D4:BE:32:DC:32:F4:56:0D:F6
Authority key identifier: BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD
Certificate issuer:       /CN=be5539afe925db80b415efb14c631b2d82c8cedd
Certificate serial:       0197B74559154AC40AC0CE2B0D2DF06C784F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
Manifest number:          0192
Signing time:             Sat 28 Jun 2025 16:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:04 +0000
Files and hashes:         1: vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl (hash: AynkYRQRFxH/OBIZVECRoYeAmOHSILH8PAjCzdg4lY8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:59:15:4a:c4:0a:c0:ce:2b:0d:2d:f0:6c:78:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5539afe925db80b415efb14c631b2d82c8cedd
        Validity
            Not Before: Jun 28 16:01:04 2025 GMT
            Not After : Jun 29 16:01:04 2025 GMT
        Subject: CN=6691ebd1ba83e56480c518d4be32dc32f4560df6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:37:7c:f0:4c:85:4d:9c:ef:cf:e2:f9:29:34:
                    cb:eb:4f:72:34:13:82:62:5a:0d:e5:82:5d:0e:ac:
                    5c:45:09:0f:74:05:3a:02:2e:10:92:71:5b:a8:1e:
                    18:37:d3:70:b3:ec:7b:e1:c0:c1:da:4b:88:5a:ce:
                    61:92:26:e7:49:36:ba:0c:21:ba:8b:4d:9c:72:3f:
                    44:f0:8a:21:24:90:43:04:2c:78:35:bd:69:79:43:
                    e7:07:3b:36:a7:70:b6:9e:fb:6f:08:98:c6:65:a3:
                    12:57:53:1e:ba:2a:09:c9:93:8b:f3:e7:f3:28:53:
                    1e:52:7d:07:bb:cf:1f:2f:c4:10:1a:f4:07:7b:22:
                    05:5e:f6:f6:ad:2c:b3:a7:00:db:02:9b:17:9b:96:
                    b0:18:bf:f9:a8:c3:9f:a7:da:3f:19:61:35:42:d2:
                    74:50:bc:0e:27:7d:2d:3a:96:06:3f:cd:4e:70:b9:
                    ec:c9:d5:78:9e:d3:bb:03:87:a9:1a:61:40:c1:12:
                    32:d7:91:c5:44:60:4a:6c:e4:04:af:10:3d:5e:4b:
                    ff:ee:88:06:1f:11:67:15:9f:6d:d9:83:ab:43:da:
                    19:e5:21:aa:a7:87:5c:03:8d:a4:75:07:9e:9b:60:
                    e5:75:fd:a9:8c:d1:50:a7:27:7a:57:27:fa:4a:8e:
                    84:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:91:EB:D1:BA:83:E5:64:80:C5:18:D4:BE:32:DC:32:F4:56:0D:F6
            X509v3 Authority Key Identifier:
                keyid:BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:76:e8:bb:55:05:3f:3d:0a:c9:fc:93:ae:31:a2:f6:e2:78:
         25:d8:a6:52:2e:78:0e:0e:8a:15:b3:33:f0:54:64:c9:da:9a:
         af:fb:43:e0:8b:ea:3d:c0:a2:2c:e9:83:ee:51:02:94:29:ce:
         e7:d8:04:96:35:37:93:f9:88:67:7d:2b:c5:78:c4:8b:d3:25:
         bf:e8:8e:89:f7:af:9e:b9:f9:d8:f3:90:9f:37:62:f2:f7:02:
         61:9b:18:67:78:c6:b1:8b:ad:2a:3f:ad:be:29:cd:81:52:65:
         01:f4:78:fa:fb:de:cf:fc:f1:5d:e1:72:36:26:9d:d5:b9:10:
         9e:b1:89:8b:13:d9:b0:9a:a8:de:b9:8c:f2:45:7b:4d:46:5b:
         c9:bd:0e:41:ea:e9:f1:27:4a:8e:3e:2e:06:15:ca:dc:ab:23:
         d8:64:ce:ba:79:86:ec:23:8c:39:b7:c5:9b:22:59:d6:c6:fa:
         e1:92:cc:69:cc:d4:df:46:73:98:a4:3c:bb:61:c8:a5:ec:65:
         4b:2a:05:88:8c:09:3d:a7:69:87:47:7f:c2:f7:99:17:8d:8e:
         5e:99:47:8c:d1:fe:97:78:db:1e:ec:fc:c5:dd:1b:93:84:fa:
         89:d6:54:f9:73:bb:78:ff:b4:e8:2d:34:7e:eb:e0:89:f1:5e:
         32:fc:f2:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RVkVSsQKwM4rDS3wbHhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUzOWFmZTkyNWRiODBiNDE1ZWZiMTRjNjMxYjJkODJj
OGNlZGQwHhcNMjUwNjI4MTYwMTA0WhcNMjUwNjI5MTYwMTA0WjAzMTEwLwYDVQQD
Eyg2NjkxZWJkMWJhODNlNTY0ODBjNTE4ZDRiZTMyZGMzMmY0NTYwZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTd88EyFTZzvz+L5KTTL609yNBOC
YloN5YJdDqxcRQkPdAU6Ai4QknFbqB4YN9Nws+x74cDB2kuIWs5hkibnSTa6DCG6
i02ccj9E8IohJJBDBCx4Nb1peUPnBzs2p3C2nvtvCJjGZaMSV1MeuioJyZOL8+fz
KFMeUn0Hu88fL8QQGvQHeyIFXvb2rSyzpwDbApsXm5awGL/5qMOfp9o/GWE1QtJ0
ULwOJ30tOpYGP81OcLnsydV4ntO7A4epGmFAwRIy15HFRGBKbOQErxA9Xkv/7ogG
HxFnFZ9t2YOrQ9oZ5SGqp4dcA42kdQeem2Dldf2pjNFQpyd6Vyf6So6ExQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaR69G6g+VkgMUY1L4y3DL0Vg32MB8GA1UdIwQY
MBaAFL5VOa/pJduAtBXvsUxjGy2CyM7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUt
MjUwMGY0ZWZhYjY5LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUtMjUwMGY0ZWZhYjY5
LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXbou1UF
Pz0KyfyTrjGi9uJ4JdimUi54Dg6KFbMz8FRkydqar/tD4IvqPcCiLOmD7lEClCnO
59gEljU3k/mIZ30rxXjEi9Mlv+iOifevnrn52POQnzdi8vcCYZsYZ3jGsYutKj+t
vinNgVJlAfR4+vvez/zxXeFyNiad1bkQnrGJixPZsJqo3rmM8kV7TUZbyb0OQerp
8SdKjj4uBhXK3Ksj2GTOunmG7COMObfFmyJZ1sb64ZLMaczU30ZzmKQ8u2HIpexl
SyoFiIwJPadph0d/wveZF42OXplHjNH+l3jbHuz8xd0bk4T6idZU+XO7eP+06C00
fuvgifFeMvzyHw==
-----END CERTIFICATE-----