Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
File:                     vtJXlaaCsRmplIBal2V4U9dUoFw.mft (raw, json)
Hash identifier:          sax4VjWVzAgBkjoqTV1bScmlr/nKQFkhl5LNlzL29sc=
Subject key identifier:   FF:2B:A8:14:D0:EB:8F:E4:A8:92:85:2E:05:0A:FF:60:DA:26:10:B4
Authority key identifier: BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C
Certificate issuer:       /CN=bed25795a682b119a994805a97657853d754a05c
Certificate serial:       0196AC8D6C76B5534405A642155DABEBCB8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
Manifest number:          09B9
Signing time:             Wed 07 May 2025 21:01:11 +0000
Manifest this update:     Wed 07 May 2025 21:01:11 +0000
Manifest next update:     Thu 08 May 2025 21:01:11 +0000
Files and hashes:         1: vtJXlaaCsRmplIBal2V4U9dUoFw.crl (hash: IFA3XdH3DhEh5JRoyjujpttpPIXW8i7NBlC2ISuUbYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:8d:6c:76:b5:53:44:05:a6:42:15:5d:ab:eb:cb:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bed25795a682b119a994805a97657853d754a05c
        Validity
            Not Before: May  7 21:01:11 2025 GMT
            Not After : May  8 21:01:11 2025 GMT
        Subject: CN=ff2ba814d0eb8fe4a892852e050aff60da2610b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d9:d4:22:c0:76:7a:08:be:e6:2b:9a:52:59:
                    a8:01:5b:76:b5:2e:eb:a9:03:e4:4a:2e:fc:ed:cc:
                    6d:22:be:1e:f4:72:09:d0:3e:d9:e1:65:45:4d:41:
                    af:9a:c9:4d:e0:cc:00:72:fc:ee:af:e2:84:2a:8b:
                    e0:8a:ce:75:83:2a:5b:04:bf:a8:bd:35:bd:f9:d0:
                    7e:bc:29:ef:c6:c9:19:49:4a:86:42:c9:50:56:f8:
                    6c:99:b0:8a:99:44:6e:27:a7:47:90:78:b4:f1:2f:
                    38:e1:ab:14:f1:8e:55:48:d8:5c:bd:da:9f:3b:57:
                    db:66:90:76:8b:0d:ac:34:6a:7b:7c:20:05:9c:cc:
                    cc:14:d7:01:04:a6:1e:8b:73:a0:a8:c7:b6:82:1e:
                    79:d5:0e:6c:9a:83:c4:2c:7d:5c:a9:6f:10:69:9c:
                    ce:18:64:76:54:16:32:fa:76:ab:f0:83:ed:51:4b:
                    1f:09:a7:be:2e:61:5f:81:ea:6f:64:aa:f9:60:0b:
                    02:1d:df:0b:0a:e8:98:e3:ee:00:c5:e7:cb:77:5a:
                    ee:cd:38:9f:3c:82:7f:e6:d2:09:c2:fa:39:c0:72:
                    6f:23:e9:d5:c8:64:22:e1:78:00:e3:38:98:8d:0d:
                    d1:67:a3:48:29:82:ef:2e:91:eb:9d:fd:a7:99:ae:
                    24:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:2B:A8:14:D0:EB:8F:E4:A8:92:85:2E:05:0A:FF:60:DA:26:10:B4
            X509v3 Authority Key Identifier:
                keyid:BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:9f:57:73:38:63:87:63:d2:68:ff:29:25:89:2f:11:26:78:
         49:75:d8:25:95:d3:ee:0f:84:89:94:5f:61:94:26:ac:a5:b7:
         19:1d:51:e4:3b:af:e7:04:c2:d9:c7:f9:e8:03:e0:85:a5:d1:
         ea:05:d0:73:50:4f:ea:ac:fc:68:18:37:65:c5:a9:fb:6b:0f:
         98:dc:f8:7e:45:35:b3:30:63:39:f6:b3:af:09:41:ce:6e:b1:
         e9:6c:87:fb:be:70:7b:d7:0a:52:33:63:71:80:d4:ff:42:a9:
         ef:6a:5b:10:6e:dc:3e:f6:a7:d9:85:bf:53:ae:cc:ad:d4:f2:
         6f:fe:74:db:77:91:1e:a3:dd:a6:c0:16:04:97:a3:a6:87:88:
         11:65:10:18:65:a7:22:72:d5:32:00:b4:86:82:6e:0b:e1:cf:
         f9:30:55:52:14:13:1c:cf:27:d7:0a:27:06:6b:97:11:3d:de:
         bb:5b:34:6f:79:4f:6c:20:00:32:88:e3:a0:a3:7e:73:53:89:
         a8:a7:38:94:3e:3b:95:c1:51:07:fd:da:2e:13:c0:5a:1d:00:
         da:8b:42:1a:97:06:b4:60:34:f5:78:8e:68:3e:13:05:cd:04:
         5a:db:6f:10:7f:07:af:a8:aa:50:c5:19:57:98:6b:ca:c7:2d:
         db:1a:73:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasjWx2tVNEBaZCFV2r68uOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZDI1Nzk1YTY4MmIxMTlhOTk0ODA1YTk3NjU3ODUzZDc1
NGEwNWMwHhcNMjUwNTA3MjEwMTExWhcNMjUwNTA4MjEwMTExWjAzMTEwLwYDVQQD
EyhmZjJiYTgxNGQwZWI4ZmU0YTg5Mjg1MmUwNTBhZmY2MGRhMjYxMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldnUIsB2egi+5iuaUlmoAVt2tS7r
qQPkSi787cxtIr4e9HIJ0D7Z4WVFTUGvmslN4MwAcvzur+KEKovgis51gypbBL+o
vTW9+dB+vCnvxskZSUqGQslQVvhsmbCKmURuJ6dHkHi08S844asU8Y5VSNhcvdqf
O1fbZpB2iw2sNGp7fCAFnMzMFNcBBKYei3OgqMe2gh551Q5smoPELH1cqW8QaZzO
GGR2VBYy+nar8IPtUUsfCae+LmFfgepvZKr5YAsCHd8LCuiY4+4AxefLd1ruzTif
PIJ/5tIJwvo5wHJvI+nVyGQi4XgA4ziYjQ3RZ6NIKYLvLpHrnf2nma4kEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8rqBTQ64/kqJKFLgUK/2DaJhC0MB8GA1UdIwQY
MBaAFL7SV5WmgrEZqZSAWpdleFPXVKBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQt
MTFkMGYyMGU4Y2IwLzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQtMTFkMGYyMGU4Y2Iw
LzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAp9Xczhj
h2PSaP8pJYkvESZ4SXXYJZXT7g+EiZRfYZQmrKW3GR1R5Duv5wTC2cf56APghaXR
6gXQc1BP6qz8aBg3ZcWp+2sPmNz4fkU1szBjOfazrwlBzm6x6WyH+75we9cKUjNj
cYDU/0Kp72pbEG7cPvan2YW/U67MrdTyb/5023eRHqPdpsAWBJejpoeIEWUQGGWn
InLVMgC0hoJuC+HP+TBVUhQTHM8n1wonBmuXET3eu1s0b3lPbCAAMojjoKN+c1OJ
qKc4lD47lcFRB/3aLhPAWh0A2otCGpcGtGA09XiOaD4TBc0EWttvEH8Hr6iqUMUZ
V5hrysct2xpzjg==
-----END CERTIFICATE-----