Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
File:                     vfSGpExRBdeBNXKUVhzMPROk1nE.mft (raw, json)
Hash identifier:          AXcJV5DVTgMnQzL3Qmb5f4zwMhUK96DUPGlDZueoksU=
Subject key identifier:   D7:D6:A5:BA:3D:04:A4:5C:7A:BD:54:59:A9:95:8A:33:B5:4E:E5:F0
Authority key identifier: BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71
Certificate issuer:       /CN=bdf486a44c5105d781357294561ccc3d13a4d671
Certificate serial:       0197CA5EF8AB4704E70975D9546ADEBA8C71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
Manifest number:          082F
Signing time:             Wed 02 Jul 2025 09:01:50 +0000
Manifest this update:     Wed 02 Jul 2025 09:01:50 +0000
Manifest next update:     Thu 03 Jul 2025 09:01:50 +0000
Files and hashes:         1: vfSGpExRBdeBNXKUVhzMPROk1nE.crl (hash: 1riORAcafuez+ysOTDPuF2FNK35p1OR4nQKTqzNRhq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 09:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:5e:f8:ab:47:04:e7:09:75:d9:54:6a:de:ba:8c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdf486a44c5105d781357294561ccc3d13a4d671
        Validity
            Not Before: Jul  2 09:01:50 2025 GMT
            Not After : Jul  3 09:01:50 2025 GMT
        Subject: CN=d7d6a5ba3d04a45c7abd5459a9958a33b54ee5f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:20:53:73:80:82:bb:56:8f:54:0c:d2:3a:b5:
                    a8:63:d2:e6:b2:8a:93:88:14:47:9d:23:d9:6f:79:
                    f1:7b:a0:a1:d1:bf:b6:86:80:62:ff:48:52:a0:54:
                    d0:97:d5:94:00:c9:34:2a:aa:76:71:73:bc:7a:57:
                    8b:3f:9e:f9:79:44:f7:c2:8e:79:ec:09:53:ca:2f:
                    4c:88:53:53:7c:f7:c3:8d:30:37:85:7d:8e:58:f6:
                    6c:b8:8e:e7:46:f8:37:1d:65:a2:02:d3:80:30:26:
                    24:97:96:8a:f7:05:0e:1d:c5:6c:3a:88:31:a7:f3:
                    58:59:fb:f9:4d:b3:3d:e6:67:7e:82:fd:a4:b7:e0:
                    8c:4d:04:2f:e0:d6:44:dc:5d:5f:6a:c6:5d:89:a8:
                    4f:db:f3:21:aa:29:76:eb:62:9c:05:8e:27:cf:99:
                    37:7c:71:01:1d:5e:06:db:b1:9d:76:9e:b6:3d:57:
                    70:af:e5:a6:df:f3:78:07:56:bf:ac:aa:3c:ff:8c:
                    4b:a8:b3:dc:1f:8a:52:8b:6f:d5:b1:22:55:cb:f6:
                    fa:3d:08:1f:bf:b6:7d:e4:a9:3d:92:04:ae:e2:4d:
                    45:2f:59:2f:32:e5:e9:6b:17:1a:7c:56:67:ec:2b:
                    18:1a:e7:23:b7:a7:32:0b:db:82:00:5a:8a:9a:7f:
                    30:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:D6:A5:BA:3D:04:A4:5C:7A:BD:54:59:A9:95:8A:33:B5:4E:E5:F0
            X509v3 Authority Key Identifier:
                keyid:BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:99:44:83:3e:54:16:9f:78:37:6a:05:71:b8:48:81:b7:e7:
         ae:ef:ea:4e:a0:7c:28:30:66:1d:5e:4a:e4:9b:9c:2f:f7:62:
         7d:bd:4d:59:3a:43:52:db:be:ee:80:ed:a4:ff:c6:6d:ed:a8:
         ba:37:fa:7d:2d:f5:75:1f:29:a1:9d:7e:c8:d2:4a:cc:9f:f0:
         cd:9c:fc:a0:e8:47:ed:ad:ff:63:24:48:3a:56:69:df:9b:71:
         3b:fd:1b:2d:8b:52:80:fb:d9:f5:5d:62:33:e3:ca:1c:d4:d0:
         76:3c:f6:f0:a0:5e:cf:1c:5f:4c:47:90:7e:b0:b3:0c:d3:39:
         3b:71:b9:da:f5:80:a2:22:80:e3:35:e3:69:53:46:f8:cf:8e:
         f3:be:81:44:9b:9c:56:0a:66:4b:f9:c1:46:36:2d:72:18:93:
         c8:1f:81:c9:22:e8:ed:24:25:a7:93:98:7f:78:f6:ae:62:3b:
         d1:4f:ba:0d:28:c2:27:f3:7f:22:55:a5:08:29:56:3d:cb:89:
         6c:6f:d2:d0:fe:66:5e:8c:20:14:fd:fa:31:31:d2:40:b8:6e:
         5d:05:3b:5c:e0:ea:84:e9:84:dd:a2:08:c7:06:42:ac:c7:8b:
         85:d2:41:97:5d:3c:2c:a1:73:6d:34:71:5e:77:46:83:dc:6e:
         b7:02:ec:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKXvirRwTnCXXZVGreuoxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjQ4NmE0NGM1MTA1ZDc4MTM1NzI5NDU2MWNjYzNkMTNh
NGQ2NzEwHhcNMjUwNzAyMDkwMTUwWhcNMjUwNzAzMDkwMTUwWjAzMTEwLwYDVQQD
EyhkN2Q2YTViYTNkMDRhNDVjN2FiZDU0NTlhOTk1OGEzM2I1NGVlNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiBTc4CCu1aPVAzSOrWoY9LmsoqT
iBRHnSPZb3nxe6Ch0b+2hoBi/0hSoFTQl9WUAMk0Kqp2cXO8eleLP575eUT3wo55
7AlTyi9MiFNTfPfDjTA3hX2OWPZsuI7nRvg3HWWiAtOAMCYkl5aK9wUOHcVsOogx
p/NYWfv5TbM95md+gv2kt+CMTQQv4NZE3F1fasZdiahP2/Mhqil262KcBY4nz5k3
fHEBHV4G27Gddp62PVdwr+Wm3/N4B1a/rKo8/4xLqLPcH4pSi2/VsSJVy/b6PQgf
v7Z95Kk9kgSu4k1FL1kvMuXpaxcafFZn7CsYGucjt6cyC9uCAFqKmn8w6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfWpbo9BKRcer1UWamVijO1TuXwMB8GA1UdIwQY
MBaAFL30hqRMUQXXgTVylFYczD0TpNZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2Et
ZjY5MWY2NDc1OGFjLzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2EtZjY5MWY2NDc1OGFj
LzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABplEgz5U
Fp94N2oFcbhIgbfnru/qTqB8KDBmHV5K5JucL/difb1NWTpDUtu+7oDtpP/Gbe2o
ujf6fS31dR8poZ1+yNJKzJ/wzZz8oOhH7a3/YyRIOlZp35txO/0bLYtSgPvZ9V1i
M+PKHNTQdjz28KBezxxfTEeQfrCzDNM5O3G52vWAoiKA4zXjaVNG+M+O876BRJuc
VgpmS/nBRjYtchiTyB+BySLo7SQlp5OYf3j2rmI70U+6DSjCJ/N/IlWlCClWPcuJ
bG/S0P5mXowgFP36MTHSQLhuXQU7XODqhOmE3aIIxwZCrMeLhdJBl108LKFzbTRx
XndGg9xutwLsyQ==
-----END CERTIFICATE-----