Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
File:                     VHdrhI_CS9SRduL0-cR0MkrycLU.mft (raw, json)
Hash identifier:          OlQd8Ak6sbSEOUJD5jlUoWIQx66nxM0CT3fQTPAFlB0=
Subject key identifier:   94:7B:91:74:2E:0B:1D:D5:06:1D:50:53:73:42:9E:E0:97:0C:98:F2
Authority key identifier: 54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5
Certificate issuer:       /CN=54776b848fc24bd49176e2f4f9c474324af270b5
Certificate serial:       0197B6A19F9AD464EE2A0722EB3F7461FEE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:14 +0000
Files and hashes:         1: VHdrhI_CS9SRduL0-cR0MkrycLU.crl (hash: DzimJysaTUfMayWTwFVNRnT87O9sUT4wpg6CE5AOECo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:9f:9a:d4:64:ee:2a:07:22:eb:3f:74:61:fe:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54776b848fc24bd49176e2f4f9c474324af270b5
        Validity
            Not Before: Jun 28 13:02:14 2025 GMT
            Not After : Jun 29 13:02:14 2025 GMT
        Subject: CN=947b91742e0b1dd5061d505373429ee0970c98f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:4a:32:35:ff:ab:9d:71:6b:a8:32:f1:c3:df:
                    d9:06:f6:e4:a2:6a:06:40:8b:68:23:d9:0b:be:e7:
                    fd:e2:36:e2:b4:80:5e:6a:d4:07:e1:e5:d7:55:41:
                    88:f2:39:11:91:e7:10:1c:ff:60:4f:ec:71:cc:e4:
                    b0:9f:e7:22:15:a3:39:3f:00:81:e8:4d:1b:3c:01:
                    0f:a3:02:4d:27:27:48:24:1c:fe:62:1a:48:cb:36:
                    35:ff:56:ce:90:0d:6f:6b:e0:0d:e9:42:7d:fc:22:
                    14:1a:d2:89:82:56:ad:3f:6a:f6:80:ef:8d:c0:dd:
                    cd:92:94:68:da:55:b3:ab:1f:3f:d5:5d:18:c5:dc:
                    9a:74:17:a8:62:fb:5b:65:93:cd:0d:a2:4e:1e:e4:
                    a5:c3:e9:54:e7:73:91:15:ed:6e:8a:7c:27:d9:9b:
                    60:79:da:6f:f2:e9:82:61:71:16:c5:c0:45:5e:93:
                    5b:29:f9:46:5e:c1:08:da:20:63:94:6a:a4:99:2f:
                    86:66:f8:7d:c6:1b:3a:ba:9e:23:2b:a5:10:01:3d:
                    9c:56:87:55:32:34:d4:d8:1e:23:38:2f:65:d8:da:
                    7c:1c:5e:99:aa:7e:d7:60:95:c3:5a:ad:b3:2d:7a:
                    9a:25:4a:b1:5e:61:86:1d:f0:76:b9:36:46:8d:61:
                    bb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:7B:91:74:2E:0B:1D:D5:06:1D:50:53:73:42:9E:E0:97:0C:98:F2
            X509v3 Authority Key Identifier:
                keyid:54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:68:bd:17:9e:d2:26:64:23:53:4f:1a:d5:bd:c8:ed:11:66:
         cc:d6:33:40:49:55:9c:c3:c1:88:23:c8:8c:ad:13:6d:92:e6:
         25:bf:7e:89:fd:1d:22:d6:d8:49:15:86:11:29:8a:69:aa:11:
         04:3b:96:62:eb:da:2c:6d:6f:e4:70:9e:fe:b8:f8:0f:f9:60:
         51:ea:f2:db:95:3e:02:9e:56:87:3e:11:c3:2b:3f:14:c7:8a:
         58:4a:12:be:c0:d2:85:2a:6a:1b:ae:71:c1:c7:6f:5e:a9:9d:
         d5:f5:84:b7:dc:f2:3d:14:51:93:b4:be:24:15:a6:e2:94:fa:
         27:13:92:60:99:7d:ee:8e:46:00:56:bc:b5:83:8d:da:cb:30:
         81:e1:7c:0c:42:bf:c2:88:79:40:26:d5:ab:f6:db:1f:ef:6f:
         69:61:f2:30:39:4f:64:93:5c:88:32:fc:8d:ab:cd:51:f0:2d:
         68:41:ac:07:13:23:50:5a:2c:0f:09:f9:31:1d:e1:6c:bb:fd:
         8e:1c:56:08:fb:92:9b:9e:45:1c:58:02:e2:f7:98:75:7f:e1:
         b8:30:90:3c:c7:bb:b8:54:20:09:f3:e7:72:42:7f:dd:f1:ea:
         1f:f0:34:04:9f:dc:cd:14:87:92:21:ed:fc:84:74:fd:40:a9:
         a2:93:80:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZ+a1GTuKgci6z90Yf7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzc2Yjg0OGZjMjRiZDQ5MTc2ZTJmNGY5YzQ3NDMyNGFm
MjcwYjUwHhcNMjUwNjI4MTMwMjE0WhcNMjUwNjI5MTMwMjE0WjAzMTEwLwYDVQQD
Eyg5NDdiOTE3NDJlMGIxZGQ1MDYxZDUwNTM3MzQyOWVlMDk3MGM5OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0oyNf+rnXFrqDLxw9/ZBvbkomoG
QItoI9kLvuf94jbitIBeatQH4eXXVUGI8jkRkecQHP9gT+xxzOSwn+ciFaM5PwCB
6E0bPAEPowJNJydIJBz+YhpIyzY1/1bOkA1va+AN6UJ9/CIUGtKJglatP2r2gO+N
wN3NkpRo2lWzqx8/1V0YxdyadBeoYvtbZZPNDaJOHuSlw+lU53ORFe1uinwn2Ztg
edpv8umCYXEWxcBFXpNbKflGXsEI2iBjlGqkmS+GZvh9xhs6up4jK6UQAT2cVodV
MjTU2B4jOC9l2Np8HF6Zqn7XYJXDWq2zLXqaJUqxXmGGHfB2uTZGjWG7swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJR7kXQuCx3VBh1QU3NCnuCXDJjyMB8GA1UdIwQY
MBaAFFR3a4SPwkvUkXbi9PnEdDJK8nC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEt
NjNmMjQ1MGJlZmVlLzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEtNjNmMjQ1MGJlZmVl
LzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWi9F57S
JmQjU08a1b3I7RFmzNYzQElVnMPBiCPIjK0TbZLmJb9+if0dItbYSRWGESmKaaoR
BDuWYuvaLG1v5HCe/rj4D/lgUery25U+Ap5Whz4Rwys/FMeKWEoSvsDShSpqG65x
wcdvXqmd1fWEt9zyPRRRk7S+JBWm4pT6JxOSYJl97o5GAFa8tYON2sswgeF8DEK/
woh5QCbVq/bbH+9vaWHyMDlPZJNciDL8javNUfAtaEGsBxMjUFosDwn5MR3hbLv9
jhxWCPuSm55FHFgC4veYdX/huDCQPMe7uFQgCfPnckJ/3fHqH/A0BJ/czRSHkiHt
/IR0/UCpopOA+A==
-----END CERTIFICATE-----