Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          4ryS8k+y1pnFAgoybRdtlbRlZkhA9fWlmyRzadNt7Xg=
Subject key identifier:   56:A1:0A:B2:EC:96:10:69:61:48:9D:16:18:25:8D:1B:8F:22:59:C1
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       0199FDD8B6B5D4D20489E3EC684CEFCD0DDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0D3B
Signing time:             Sun 19 Oct 2025 19:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:02 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: 6gTYpmA9O8sbsjHS/K0F89wtS+9ThmToJPVKHxRHygY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:b6:b5:d4:d2:04:89:e3:ec:68:4c:ef:cd:0d:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Oct 19 19:01:02 2025 GMT
            Not After : Oct 20 19:01:02 2025 GMT
        Subject: CN=56a10ab2ec96106961489d1618258d1b8f2259c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:fb:68:d9:af:64:78:98:3c:62:bf:2f:fe:78:
                    d7:aa:c6:a2:19:8d:9d:71:11:a6:02:41:7f:20:ea:
                    8e:57:2c:99:11:6e:12:07:8f:fb:d5:5d:78:92:df:
                    88:df:2a:e0:dc:0c:57:46:05:c6:17:44:d2:95:33:
                    fd:ca:58:4e:fe:d0:93:f5:b3:c8:3b:94:57:25:60:
                    fe:bf:69:06:d8:e6:5e:46:dd:8a:92:72:6b:38:04:
                    2d:9b:f3:63:1c:35:ae:15:7b:c4:7a:c4:67:70:0d:
                    70:52:2c:b8:1c:0d:4b:d0:9d:e6:d6:0e:70:04:04:
                    71:38:98:f2:c2:52:47:8e:de:2e:42:46:b2:c3:17:
                    71:b0:4c:00:fa:97:34:b2:63:5c:53:48:6f:2c:ae:
                    8d:e7:09:9a:5a:14:fb:4a:ff:1d:25:f8:7a:65:93:
                    22:5b:46:3b:ad:4d:75:65:d2:4e:05:ab:fd:28:59:
                    7a:6d:bc:64:1d:ae:40:53:85:59:ac:eb:ed:61:8d:
                    59:16:a8:1d:0c:8f:0d:ca:11:c4:56:a3:ad:01:dc:
                    52:18:02:d3:0b:eb:96:05:1d:f4:5a:26:16:55:04:
                    bf:a5:5c:3f:bc:8f:fc:b8:7c:ac:22:fe:9e:28:63:
                    57:32:0e:e4:74:c3:90:60:1d:f9:c1:53:4e:4e:ce:
                    df:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:A1:0A:B2:EC:96:10:69:61:48:9D:16:18:25:8D:1B:8F:22:59:C1
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:bc:0f:d3:3a:b5:22:b3:fb:02:fc:c8:1f:6a:94:49:07:1e:
         82:59:78:1b:11:a1:e8:f1:9d:bc:73:3f:a0:8e:ad:8f:8b:c8:
         40:a3:a0:00:f6:0f:5b:17:a2:d2:43:3b:25:64:77:66:94:1a:
         c8:0b:ce:5a:66:be:8d:1b:09:63:5b:26:bc:aa:92:db:4a:3c:
         f8:72:95:e7:b1:b7:f1:79:3f:68:d6:07:c8:77:0f:24:b7:f8:
         72:50:25:df:2f:a0:41:86:3a:4b:e2:8e:c8:81:bb:99:b4:b0:
         c6:12:6c:76:ca:0d:e0:c6:5e:0c:cf:27:8a:d4:9b:cf:f1:a7:
         6e:f7:f6:ad:ac:2a:22:f2:ca:47:02:c9:57:fc:df:79:fd:bf:
         23:63:77:f6:42:73:ea:34:c6:fd:eb:6f:1d:77:38:6a:ac:6e:
         b1:95:c2:94:4a:c0:9f:25:15:df:68:91:5d:8b:70:4a:55:4c:
         15:df:b4:37:55:2e:e6:62:a7:87:1b:a5:32:05:c1:3d:97:06:
         a6:de:e7:44:31:c3:e3:a3:5d:b7:a6:7d:d6:e9:33:ec:6c:f7:
         df:96:66:0f:0d:78:86:77:bd:ba:3f:27:12:7d:dd:76:f1:84:
         79:92:25:dc:91:bd:01:54:c4:14:e8:49:1a:b3:db:60:48:93:
         ce:88:eb:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92La11NIEiePsaEzvzQ3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjUxMDE5MTkwMTAyWhcNMjUxMDIwMTkwMTAyWjAzMTEwLwYDVQQD
Eyg1NmExMGFiMmVjOTYxMDY5NjE0ODlkMTYxODI1OGQxYjhmMjI1OWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fto2a9keJg8Yr8v/njXqsaiGY2d
cRGmAkF/IOqOVyyZEW4SB4/71V14kt+I3yrg3AxXRgXGF0TSlTP9ylhO/tCT9bPI
O5RXJWD+v2kG2OZeRt2KknJrOAQtm/NjHDWuFXvEesRncA1wUiy4HA1L0J3m1g5w
BARxOJjywlJHjt4uQkaywxdxsEwA+pc0smNcU0hvLK6N5wmaWhT7Sv8dJfh6ZZMi
W0Y7rU11ZdJOBav9KFl6bbxkHa5AU4VZrOvtYY1ZFqgdDI8NyhHEVqOtAdxSGALT
C+uWBR30WiYWVQS/pVw/vI/8uHysIv6eKGNXMg7kdMOQYB35wVNOTs7fQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFahCrLslhBpYUidFhgljRuPIlnBMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbwP0zq1
IrP7AvzIH2qUSQcegll4GxGh6PGdvHM/oI6tj4vIQKOgAPYPWxei0kM7JWR3ZpQa
yAvOWma+jRsJY1smvKqS20o8+HKV57G38Xk/aNYHyHcPJLf4clAl3y+gQYY6S+KO
yIG7mbSwxhJsdsoN4MZeDM8nitSbz/Gnbvf2rawqIvLKRwLJV/zfef2/I2N39kJz
6jTG/etvHXc4aqxusZXClErAnyUV32iRXYtwSlVMFd+0N1Uu5mKnhxulMgXBPZcG
pt7nRDHD46Ndt6Z91ukz7Gz335ZmDw14hne9uj8nEn3ddvGEeZIl3JG9AVTEFOhJ
GrPbYEiTzojrFQ==
-----END CERTIFICATE-----