Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
File:                     vfSGpExRBdeBNXKUVhzMPROk1nE.mft (raw, json)
Hash identifier:          5ypl8eqSHfk/JieyLRwSVhevuT5cSsNBYMyePB8vMCo=
Subject key identifier:   1D:E8:C2:C2:92:3E:F7:92:66:02:6E:0D:23:88:CE:B3:A4:FF:1F:35
Authority key identifier: BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71
Certificate issuer:       /CN=bdf486a44c5105d781357294561ccc3d13a4d671
Certificate serial:       0198D6CDCF29BCAF1D240B9807A7D2EF58F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
Manifest number:          08BA
Signing time:             Sat 23 Aug 2025 12:01:08 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:08 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:08 +0000
Files and hashes:         1: vfSGpExRBdeBNXKUVhzMPROk1nE.crl (hash: cvBlBO+v3kLPS/GCu/VSa9tK3ooAquZErsbIK2dbAWw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:cf:29:bc:af:1d:24:0b:98:07:a7:d2:ef:58:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdf486a44c5105d781357294561ccc3d13a4d671
        Validity
            Not Before: Aug 23 12:01:08 2025 GMT
            Not After : Aug 24 12:01:08 2025 GMT
        Subject: CN=1de8c2c2923ef79266026e0d2388ceb3a4ff1f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:1f:c3:a4:da:9a:1e:c0:0f:e4:9c:82:7f:d8:
                    f9:13:66:06:c9:f0:7e:10:bf:58:73:95:43:d3:97:
                    cf:ef:65:97:d7:76:ea:62:86:5a:2f:9a:40:44:1d:
                    aa:c9:3f:65:8b:cc:d6:f7:3c:2f:ca:d1:90:c9:05:
                    3b:95:ae:58:0f:06:f2:c0:ee:9b:cf:48:f0:b2:8d:
                    97:df:7b:f9:96:cf:af:81:83:de:07:7d:1e:3e:2d:
                    86:6b:74:8f:30:f9:c2:e0:14:03:5b:6f:17:ee:08:
                    b7:34:df:9c:54:a2:d2:de:0c:ed:f9:b3:a4:b5:81:
                    e0:1d:43:f4:b9:03:ed:68:d2:6a:34:ea:0e:3d:b4:
                    46:3a:1f:2f:9a:6d:cb:0c:30:27:c4:82:7f:93:14:
                    99:7a:5f:5d:a1:7f:e6:c6:57:64:6e:f6:30:b7:41:
                    39:86:f9:00:d3:b4:70:64:4b:ad:9e:95:d1:cb:8a:
                    c2:aa:d7:4f:92:9c:54:47:9d:e7:dd:21:c3:33:d3:
                    e2:c5:1a:6a:52:10:51:93:1d:39:53:8a:9a:84:9e:
                    eb:eb:31:90:6c:30:b7:88:2a:99:88:9e:cd:58:08:
                    d5:5c:93:a5:f1:22:6e:97:6d:38:68:2e:4d:6f:3a:
                    94:d1:cd:04:1d:95:40:38:2f:ba:97:ae:c2:50:c4:
                    15:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E8:C2:C2:92:3E:F7:92:66:02:6E:0D:23:88:CE:B3:A4:FF:1F:35
            X509v3 Authority Key Identifier:
                keyid:BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:e4:5e:b7:24:f3:5a:aa:44:5c:a1:b3:6e:3e:1e:3b:0e:fa:
         dd:ac:1f:73:ba:48:eb:e7:7f:d7:e3:6c:92:40:d0:ae:79:0c:
         27:27:14:df:f3:6f:8c:20:14:5e:27:ed:c4:54:5c:2d:a7:1e:
         f8:f2:7a:56:6f:d0:3b:dc:48:87:a8:04:09:b9:e7:0a:33:d7:
         67:c4:1c:ae:8b:ea:0b:6d:7c:cd:21:04:04:ed:36:df:ed:ef:
         68:6b:ef:81:cd:e3:f7:25:bc:8d:4a:6b:61:be:b1:dc:19:2b:
         0d:f3:ef:b7:af:11:a3:b3:48:bf:47:c4:cd:ef:d9:18:d7:bc:
         13:fd:6b:ca:27:3c:1f:39:01:08:ff:6b:97:5c:45:8e:a9:cf:
         8e:40:44:8c:3e:c6:ca:32:4e:0d:12:65:47:56:2b:0c:1e:04:
         43:f1:f9:b8:f5:6e:f7:be:e5:b1:14:e6:cd:4c:12:a4:69:86:
         83:1f:a1:6f:24:9e:a4:a0:2a:34:a5:57:40:42:82:cf:67:36:
         c3:78:49:6c:72:1c:4c:f0:a2:c7:19:9b:a2:42:ff:e8:a2:19:
         98:16:6b:bc:18:97:23:77:5a:f2:44:14:42:9e:82:0d:50:ae:
         4f:d9:1b:a4:50:b4:23:ca:20:22:02:5e:8c:74:2c:0b:c9:9b:
         74:f3:7b:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzc8pvK8dJAuYB6fS71j1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjQ4NmE0NGM1MTA1ZDc4MTM1NzI5NDU2MWNjYzNkMTNh
NGQ2NzEwHhcNMjUwODIzMTIwMTA4WhcNMjUwODI0MTIwMTA4WjAzMTEwLwYDVQQD
EygxZGU4YzJjMjkyM2VmNzkyNjYwMjZlMGQyMzg4Y2ViM2E0ZmYxZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0B/DpNqaHsAP5JyCf9j5E2YGyfB+
EL9Yc5VD05fP72WX13bqYoZaL5pARB2qyT9li8zW9zwvytGQyQU7la5YDwbywO6b
z0jwso2X33v5ls+vgYPeB30ePi2Ga3SPMPnC4BQDW28X7gi3NN+cVKLS3gzt+bOk
tYHgHUP0uQPtaNJqNOoOPbRGOh8vmm3LDDAnxIJ/kxSZel9doX/mxldkbvYwt0E5
hvkA07RwZEutnpXRy4rCqtdPkpxUR53n3SHDM9PixRpqUhBRkx05U4qahJ7r6zGQ
bDC3iCqZiJ7NWAjVXJOl8SJul204aC5NbzqU0c0EHZVAOC+6l67CUMQVQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3owsKSPveSZgJuDSOIzrOk/x81MB8GA1UdIwQY
MBaAFL30hqRMUQXXgTVylFYczD0TpNZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2Et
ZjY5MWY2NDc1OGFjLzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2EtZjY5MWY2NDc1OGFj
LzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuRetyTz
WqpEXKGzbj4eOw763awfc7pI6+d/1+NskkDQrnkMJycU3/NvjCAUXiftxFRcLace
+PJ6Vm/QO9xIh6gECbnnCjPXZ8QcrovqC218zSEEBO023+3vaGvvgc3j9yW8jUpr
Yb6x3BkrDfPvt68Ro7NIv0fEze/ZGNe8E/1ryic8HzkBCP9rl1xFjqnPjkBEjD7G
yjJODRJlR1YrDB4EQ/H5uPVu977lsRTmzUwSpGmGgx+hbySepKAqNKVXQEKCz2c2
w3hJbHIcTPCixxmbokL/6KIZmBZrvBiXI3da8kQUQp6CDVCuT9kbpFC0I8ogIgJe
jHQsC8mbdPN7vA==
-----END CERTIFICATE-----