Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.mft
File:                     VA6axDm48rJ8GiZ9NeAZX-yFlE0.mft (raw, json)
Hash identifier:          mzvlCICMLDhuK3s2yuLIkcRxl3ZW0n6aYBf0RZMwGZs=
Subject key identifier:   13:AB:99:BB:62:C0:CB:58:9C:E5:2E:60:87:5E:D6:F7:CB:92:A5:F1
Authority key identifier: 54:0E:9A:C4:39:B8:F2:B2:7C:1A:26:7D:35:E0:19:5F:EC:85:94:4D
Certificate issuer:       /CN=540e9ac439b8f2b27c1a267d35e0195fec85944d
Certificate serial:       0199FC5882B712840A3C89016F0994A9F421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VA6axDm48rJ8GiZ9NeAZX-yFlE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.mft
Manifest number:          0B58
Signing time:             Sun 19 Oct 2025 12:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:23 +0000
Files and hashes:         1: VA6axDm48rJ8GiZ9NeAZX-yFlE0.crl (hash: kT1kqZJNSvNJ8v4bxgXAusySyPy7mjJrEukmn7wXEYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VA6axDm48rJ8GiZ9NeAZX-yFlE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:82:b7:12:84:0a:3c:89:01:6f:09:94:a9:f4:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=540e9ac439b8f2b27c1a267d35e0195fec85944d
        Validity
            Not Before: Oct 19 12:01:23 2025 GMT
            Not After : Oct 20 12:01:23 2025 GMT
        Subject: CN=13ab99bb62c0cb589ce52e60875ed6f7cb92a5f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5e:95:14:29:3a:0f:48:e4:38:93:db:b4:ba:
                    61:4e:82:d5:ac:24:09:22:09:6c:d8:dc:69:7a:66:
                    98:44:54:16:ae:55:6c:1d:da:cf:90:2d:c4:42:27:
                    f9:fc:bf:a3:13:d5:e2:ca:fc:bb:b7:af:1a:84:43:
                    52:34:d1:f6:76:e6:8f:92:49:fe:76:22:85:5f:e8:
                    99:b6:ea:c1:b8:fd:4a:01:e4:8a:72:b1:bc:29:0c:
                    0e:ca:74:66:0e:77:4c:9d:76:7f:ec:20:11:bb:77:
                    93:cd:ca:e2:a6:c6:5b:d5:52:6c:90:0a:ed:61:a3:
                    58:ec:94:36:ed:2e:11:23:3b:70:6c:eb:77:6b:0d:
                    91:45:c3:ba:19:ab:d1:80:cd:09:22:f4:b1:0a:8d:
                    ab:fc:46:6e:ad:c7:41:98:b3:4c:65:29:47:64:15:
                    99:22:27:88:bd:ae:d2:4b:13:9e:48:e8:24:89:ec:
                    a9:f2:b6:71:7e:c1:02:fd:88:c6:16:4e:0d:9e:da:
                    6e:97:9b:1d:c8:7e:8b:7d:9c:22:da:7a:00:2e:a9:
                    ea:99:92:a0:77:f0:5b:78:9d:29:0e:bf:b3:31:a3:
                    fa:73:f4:f7:34:ce:79:f3:7d:41:26:b4:01:be:40:
                    7d:4c:fd:96:df:40:b7:1b:dc:46:46:f7:19:8f:cc:
                    cd:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:AB:99:BB:62:C0:CB:58:9C:E5:2E:60:87:5E:D6:F7:CB:92:A5:F1
            X509v3 Authority Key Identifier:
                keyid:54:0E:9A:C4:39:B8:F2:B2:7C:1A:26:7D:35:E0:19:5F:EC:85:94:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VA6axDm48rJ8GiZ9NeAZX-yFlE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b98c4e-1fe9-42c8-bdbb-c96e937ac955/1/VA6axDm48rJ8GiZ9NeAZX-yFlE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:e4:e2:56:1f:68:4d:a2:3f:1b:6a:51:89:32:50:c0:1d:46:
         f6:6d:df:44:c1:cc:21:34:2f:26:b0:b0:7c:2f:fa:5a:23:09:
         e5:ec:c3:62:f0:5c:2d:4c:da:d0:ff:ed:6a:79:28:9c:0c:5e:
         25:ee:99:95:b7:7f:69:4b:2f:17:90:ff:bd:ef:a8:b7:1d:ae:
         82:95:0b:36:49:1f:43:72:a5:17:0e:5d:87:16:5f:86:1d:09:
         73:fe:f9:df:20:76:4d:66:1f:14:4c:e6:d4:4d:f0:37:98:33:
         7c:d6:72:74:47:f4:69:72:05:b4:8d:8d:8e:ae:3e:91:5e:c9:
         a2:51:b3:04:1d:c0:97:f5:83:9c:de:e0:12:2a:9e:47:50:f8:
         ec:52:86:43:f9:c7:70:b9:1b:86:eb:4b:be:68:40:d9:ad:69:
         8c:a0:be:79:b3:cd:bf:33:46:e4:3b:16:7b:c8:d6:05:eb:ea:
         f8:ff:4d:a6:7a:cd:17:dc:55:0f:9a:b6:06:8c:82:2b:96:d7:
         47:b6:47:6c:fb:4e:1c:64:46:1b:d7:a8:45:6c:4b:ef:95:1a:
         b4:c1:df:9d:4f:18:e7:38:de:00:00:dc:6f:3e:08:b3:90:f7:
         78:a2:b7:d6:79:60:be:10:d3:70:36:e8:fb:23:ef:ff:ba:f4:
         54:25:e9:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WIK3EoQKPIkBbwmUqfQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MGU5YWM0MzliOGYyYjI3YzFhMjY3ZDM1ZTAxOTVmZWM4
NTk0NGQwHhcNMjUxMDE5MTIwMTIzWhcNMjUxMDIwMTIwMTIzWjAzMTEwLwYDVQQD
EygxM2FiOTliYjYyYzBjYjU4OWNlNTJlNjA4NzVlZDZmN2NiOTJhNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA016VFCk6D0jkOJPbtLphToLVrCQJ
Igls2NxpemaYRFQWrlVsHdrPkC3EQif5/L+jE9Xiyvy7t68ahENSNNH2duaPkkn+
diKFX+iZturBuP1KAeSKcrG8KQwOynRmDndMnXZ/7CARu3eTzcripsZb1VJskArt
YaNY7JQ27S4RIztwbOt3aw2RRcO6GavRgM0JIvSxCo2r/EZurcdBmLNMZSlHZBWZ
IieIva7SSxOeSOgkieyp8rZxfsEC/YjGFk4Nntpul5sdyH6LfZwi2noALqnqmZKg
d/BbeJ0pDr+zMaP6c/T3NM55831BJrQBvkB9TP2W30C3G9xGRvcZj8zNWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOrmbtiwMtYnOUuYIde1vfLkqXxMB8GA1UdIwQY
MBaAFFQOmsQ5uPKyfBomfTXgGV/shZRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkE2YXhEbTQ4cko4R2laOU5lQVpYLXlGbEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOThjNGUtMWZlOS00MmM4LWJkYmIt
Yzk2ZTkzN2FjOTU1LzEvVkE2YXhEbTQ4cko4R2laOU5lQVpYLXlGbEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOThjNGUtMWZlOS00MmM4LWJkYmItYzk2ZTkzN2FjOTU1
LzEvVkE2YXhEbTQ4cko4R2laOU5lQVpYLXlGbEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+TiVh9o
TaI/G2pRiTJQwB1G9m3fRMHMITQvJrCwfC/6WiMJ5ezDYvBcLUza0P/tankonAxe
Je6Zlbd/aUsvF5D/ve+otx2ugpULNkkfQ3KlFw5dhxZfhh0Jc/753yB2TWYfFEzm
1E3wN5gzfNZydEf0aXIFtI2Njq4+kV7JolGzBB3Al/WDnN7gEiqeR1D47FKGQ/nH
cLkbhutLvmhA2a1pjKC+ebPNvzNG5DsWe8jWBevq+P9NpnrNF9xVD5q2BoyCK5bX
R7ZHbPtOHGRGG9eoRWxL75UatMHfnU8Y5zjeAADcbz4Is5D3eKK31nlgvhDTcDbo
+yPv/7r0VCXpyg==
-----END CERTIFICATE-----