Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
File:                     VHdrhI_CS9SRduL0-cR0MkrycLU.mft (raw, json)
Hash identifier:          dWg79cGRA5wzYhwJeJ/i7GEhiZo/XeZYsqkQUOOLjUg=
Subject key identifier:   13:64:A1:86:79:BB:BC:A9:D1:7B:38:52:FC:19:5C:92:F8:FE:7D:3E
Authority key identifier: 54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5
Certificate issuer:       /CN=54776b848fc24bd49176e2f4f9c474324af270b5
Certificate serial:       0199FBEB57615FDD88DA5307CFD5B771623A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:08 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:08 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:08 +0000
Files and hashes:         1: VHdrhI_CS9SRduL0-cR0MkrycLU.crl (hash: vtAjy2hMJFh7ghXRf2u9wDpR165GuWA/MqDnifsgrXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:57:61:5f:dd:88:da:53:07:cf:d5:b7:71:62:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54776b848fc24bd49176e2f4f9c474324af270b5
        Validity
            Not Before: Oct 19 10:02:08 2025 GMT
            Not After : Oct 20 10:02:08 2025 GMT
        Subject: CN=1364a18679bbbca9d17b3852fc195c92f8fe7d3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:36:fe:0d:ba:c3:6a:3d:54:1f:07:45:97:4f:
                    12:7b:03:a0:3b:95:55:5b:c9:b8:3f:b2:e5:d2:c1:
                    2c:f9:28:5e:7d:12:ff:14:8b:92:b4:aa:2e:cd:14:
                    3e:35:28:c7:62:01:7b:30:76:f2:c8:d6:17:29:bf:
                    3b:9e:f5:0e:71:23:25:fc:c6:a4:7d:f2:8a:fb:4b:
                    2a:d8:b0:71:67:db:ad:6d:eb:6c:a4:85:79:41:a0:
                    58:91:c7:ae:da:b1:dc:03:1a:a2:bb:33:68:50:0e:
                    af:07:62:b8:fb:9a:3f:51:07:ac:4d:80:15:36:6b:
                    5d:0f:6b:5f:54:57:67:67:f1:31:62:b5:fa:7c:15:
                    c3:07:8d:3c:42:b2:77:a4:eb:51:85:96:a4:cb:fa:
                    5c:85:62:38:40:b9:df:0d:dd:58:1c:7d:af:36:ef:
                    9f:3b:ae:2a:35:83:76:87:a6:08:06:9c:b0:f1:e1:
                    d3:fe:c5:8a:26:5d:63:bb:24:ce:7a:80:b6:95:9d:
                    4f:6e:22:f7:f0:31:18:e0:f3:39:5c:c8:1e:1c:54:
                    60:bf:6c:95:53:f8:d2:cb:56:a9:db:b6:86:f6:fd:
                    52:95:0b:f5:69:19:57:d2:3b:a3:2c:8a:98:27:12:
                    51:6e:2c:6f:f1:50:bf:65:bf:74:5b:fe:60:71:0c:
                    dc:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:64:A1:86:79:BB:BC:A9:D1:7B:38:52:FC:19:5C:92:F8:FE:7D:3E
            X509v3 Authority Key Identifier:
                keyid:54:77:6B:84:8F:C2:4B:D4:91:76:E2:F4:F9:C4:74:32:4A:F2:70:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHdrhI_CS9SRduL0-cR0MkrycLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ba8e58-ed60-4a7c-9891-63f2450befee/1/VHdrhI_CS9SRduL0-cR0MkrycLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:9c:81:a7:f6:15:c1:cd:ee:57:44:3f:75:b4:2a:8f:7f:11:
         62:94:13:1c:f6:40:64:e1:ad:9a:4a:cb:b0:24:b4:ef:d2:25:
         ec:99:0a:5f:49:a5:a9:df:15:4c:77:db:69:dc:7b:e5:0b:9a:
         e9:d6:3f:46:a5:69:e5:1e:4e:d6:b0:12:40:09:20:36:36:34:
         9a:ce:9a:0b:ee:27:65:53:47:81:bb:17:54:c4:00:65:18:7a:
         c7:ea:87:0e:e3:11:c2:3e:39:b3:a0:19:7a:d6:ee:ae:ba:ba:
         89:11:74:7d:7b:df:d7:01:77:af:af:a0:ef:91:42:1e:36:f4:
         e0:7f:4f:00:8b:d2:7d:74:a9:b1:59:e7:0d:e3:9b:78:17:44:
         ca:e5:97:e2:04:df:66:5a:03:ba:76:03:bd:cf:d0:f4:20:2f:
         60:06:d6:d4:ae:32:e8:48:59:3b:51:bc:00:46:9b:12:86:cd:
         8c:6d:f8:ed:df:7f:25:f1:4a:0c:c4:3d:8c:7d:a1:e2:a5:09:
         aa:27:1a:bf:31:38:42:ed:9a:12:f8:26:a6:8e:81:71:60:50:
         a8:d6:4b:4b:47:1b:ae:00:e9:a3:5d:76:55:dd:62:63:c5:a3:
         32:09:60:ee:65:c0:08:42:4a:ad:04:64:a3:7d:6f:71:d5:24:
         27:7d:dc:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn761dhX92I2lMHz9W3cWI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzc2Yjg0OGZjMjRiZDQ5MTc2ZTJmNGY5YzQ3NDMyNGFm
MjcwYjUwHhcNMjUxMDE5MTAwMjA4WhcNMjUxMDIwMTAwMjA4WjAzMTEwLwYDVQQD
EygxMzY0YTE4Njc5YmJiY2E5ZDE3YjM4NTJmYzE5NWM5MmY4ZmU3ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDb+DbrDaj1UHwdFl08SewOgO5VV
W8m4P7Ll0sEs+ShefRL/FIuStKouzRQ+NSjHYgF7MHbyyNYXKb87nvUOcSMl/Mak
ffKK+0sq2LBxZ9utbetspIV5QaBYkceu2rHcAxqiuzNoUA6vB2K4+5o/UQesTYAV
NmtdD2tfVFdnZ/ExYrX6fBXDB408QrJ3pOtRhZaky/pchWI4QLnfDd1YHH2vNu+f
O64qNYN2h6YIBpyw8eHT/sWKJl1juyTOeoC2lZ1PbiL38DEY4PM5XMgeHFRgv2yV
U/jSy1ap27aG9v1SlQv1aRlX0jujLIqYJxJRbixv8VC/Zb90W/5gcQzcXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNkoYZ5u7yp0Xs4UvwZXJL4/n0+MB8GA1UdIwQY
MBaAFFR3a4SPwkvUkXbi9PnEdDJK8nC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEt
NjNmMjQ1MGJlZmVlLzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iYThlNTgtZWQ2MC00YTdjLTk4OTEtNjNmMjQ1MGJlZmVl
LzEvVkhkcmhJX0NTOVNSZHVMMC1jUjBNa3J5Y0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI5yBp/YV
wc3uV0Q/dbQqj38RYpQTHPZAZOGtmkrLsCS079Il7JkKX0mlqd8VTHfbadx75Qua
6dY/RqVp5R5O1rASQAkgNjY0ms6aC+4nZVNHgbsXVMQAZRh6x+qHDuMRwj45s6AZ
etburrq6iRF0fXvf1wF3r6+g75FCHjb04H9PAIvSfXSpsVnnDeObeBdEyuWX4gTf
ZloDunYDvc/Q9CAvYAbW1K4y6EhZO1G8AEabEobNjG347d9/JfFKDMQ9jH2h4qUJ
qicavzE4Qu2aEvgmpo6BcWBQqNZLS0cbrgDpo112Vd1iY8WjMglg7mXACEJKrQRk
o31vcdUkJ33cXA==
-----END CERTIFICATE-----