Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
File:                     VHdrhI_CS9SRduL0-cR0MkrycLU.mft (raw, json)
Hash identifier:          vLa6WxrJbpYNT7frzwf17qGmfOXat9ZvdWGRS17hZWs=
Subject key identifier:   86:00:7A:93:85:68:1D:94:BC:50:E7:AB:A9:00:55:E7:48:1D:3A:60
Authority key identifier: 54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5
Certificate issuer:       /CN=54776b848fc24bd49176e2f4f9c474324af270b5
Certificate serial:       0198D84F78A2645C415405E7829AE3312CE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 19:02:23 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:23 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:23 +0000
Files and hashes:         1: VHdrhI_CS9SRduL0-cR0MkrycLU.crl (hash: bL4bVpXM9yiJTnsX1S13R1aFIDokT8MxKA7aH9f/Yv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:78:a2:64:5c:41:54:05:e7:82:9a:e3:31:2c:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54776b848fc24bd49176e2f4f9c474324af270b5
        Validity
            Not Before: Aug 23 19:02:23 2025 GMT
            Not After : Aug 24 19:02:23 2025 GMT
        Subject: CN=86007a9385681d94bc50e7aba90055e7481d3a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e4:dc:eb:b9:dd:7f:53:ce:d2:2d:37:2a:86:
                    fc:f4:c5:7e:34:47:b5:97:d4:d2:c8:78:01:ed:f7:
                    4f:5a:1e:b3:4b:8b:09:2b:0f:a8:76:f4:a9:67:bb:
                    f0:f6:0c:c2:93:b4:e6:4a:d0:e4:4f:91:0b:fb:48:
                    70:85:07:60:4f:52:3c:d1:1c:9c:a1:a3:c5:e1:0b:
                    51:db:5a:5a:13:03:8a:a5:57:a5:d9:4f:56:4f:00:
                    67:61:83:f5:3e:9e:c0:9c:46:2d:dd:5f:a5:ff:3c:
                    9e:b5:73:36:cc:c8:5c:5e:2d:94:ff:e8:16:96:5d:
                    b0:c9:2d:ff:b4:29:63:aa:0a:0f:91:28:74:1c:9d:
                    3e:d9:d8:50:90:3c:d5:db:2f:52:fa:13:f8:d1:cc:
                    c1:4e:b1:7d:8e:82:f0:b0:6a:0f:96:35:1e:22:a4:
                    e2:db:47:e1:a0:e1:97:20:c0:44:20:38:3a:93:35:
                    fe:5f:25:37:75:2d:c5:c8:99:f8:ec:d8:2d:28:e7:
                    dd:76:93:c0:fe:87:aa:e1:47:f9:cb:1a:8b:bd:d7:
                    e6:87:54:4a:93:d6:b3:f3:84:74:d3:11:f7:fc:26:
                    d8:5f:35:60:f9:b5:fb:27:d4:9b:9c:9c:89:93:82:
                    ac:c1:93:29:fd:09:d3:91:35:38:fb:4e:03:ec:39:
                    f9:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:00:7A:93:85:68:1D:94:BC:50:E7:AB:A9:00:55:E7:48:1D:3A:60
            X509v3 Authority Key Identifier:
                keyid:54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ad:24:f0:bf:d4:95:9f:ec:6b:26:19:52:eb:a0:72:28:a9:
         d5:96:fd:67:d1:4c:94:6f:cd:62:c6:fb:40:4f:e1:06:1b:49:
         1f:81:f9:ab:52:73:6e:f9:a7:8f:6b:34:84:8a:b2:99:25:4d:
         4d:c9:fe:d6:b1:e3:4e:12:b5:a9:81:73:79:b2:c7:7e:b2:b6:
         74:cb:ea:c5:bd:94:d7:be:01:73:7a:dc:2d:d3:81:67:6d:f9:
         f3:e3:59:95:10:ac:87:4d:4b:98:db:68:d3:e0:cc:bb:f3:c0:
         64:38:09:4b:95:f3:c5:1c:e8:ea:d2:c5:41:37:96:2e:6c:14:
         df:49:b2:8a:cc:07:33:4e:c2:e8:ae:fe:a0:5e:60:06:eb:c1:
         b8:56:d5:fe:05:92:01:22:a4:a6:21:80:2f:21:ea:f5:49:c6:
         c3:ed:b5:94:03:c9:4d:48:52:9b:12:4a:b9:a4:2b:15:06:78:
         08:0c:24:4a:52:c1:96:db:58:dc:dc:bf:39:93:5d:af:aa:c1:
         34:1a:bc:e9:dd:ed:a8:49:50:11:4a:6f:0d:b7:54:f7:7b:4d:
         14:5a:f1:b9:8f:ed:a1:18:5e:7e:b1:f6:44:6c:ec:bb:88:ca:
         c3:a0:e6:ca:91:b4:06:04:cf:a9:6d:30:a8:be:52:16:ac:b1:
         51:ce:be:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT3iiZFxBVAXngprjMSziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzc2Yjg0OGZjMjRiZDQ5MTc2ZTJmNGY5YzQ3NDMyNGFm
MjcwYjUwHhcNMjUwODIzMTkwMjIzWhcNMjUwODI0MTkwMjIzWjAzMTEwLwYDVQQD
Eyg4NjAwN2E5Mzg1NjgxZDk0YmM1MGU3YWJhOTAwNTVlNzQ4MWQzYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeTc67ndf1PO0i03Kob89MV+NEe1
l9TSyHgB7fdPWh6zS4sJKw+odvSpZ7vw9gzCk7TmStDkT5EL+0hwhQdgT1I80Ryc
oaPF4QtR21paEwOKpVel2U9WTwBnYYP1Pp7AnEYt3V+l/zyetXM2zMhcXi2U/+gW
ll2wyS3/tCljqgoPkSh0HJ0+2dhQkDzV2y9S+hP40czBTrF9joLwsGoPljUeIqTi
20fhoOGXIMBEIDg6kzX+XyU3dS3FyJn47NgtKOfddpPA/oeq4Uf5yxqLvdfmh1RK
k9az84R00xH3/CbYXzVg+bX7J9SbnJyJk4KswZMp/QnTkTU4+04D7Dn53QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYAepOFaB2UvFDnq6kAVedIHTpgMB8GA1UdIwQY
MBaAFFR3a4SPwkvUkXbi9PnEdDJK8nC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEt
NjNmMjQ1MGJlZmVlLzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEtNjNmMjQ1MGJlZmVl
LzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIa0k8L/U
lZ/sayYZUuugciip1Zb9Z9FMlG/NYsb7QE/hBhtJH4H5q1Jzbvmnj2s0hIqymSVN
Tcn+1rHjThK1qYFzebLHfrK2dMvqxb2U174Bc3rcLdOBZ2358+NZlRCsh01LmNto
0+DMu/PAZDgJS5XzxRzo6tLFQTeWLmwU30myiswHM07C6K7+oF5gBuvBuFbV/gWS
ASKkpiGALyHq9UnGw+21lAPJTUhSmxJKuaQrFQZ4CAwkSlLBlttY3Ny/OZNdr6rB
NBq86d3tqElQEUpvDbdU93tNFFrxuY/toRhefrH2RGzsu4jKw6DmypG0BgTPqW0w
qL5SFqyxUc6+NA==
-----END CERTIFICATE-----