Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          LHIXHgJIULth5mp49uJTEw796ZjAp3zbRKkjh42fo+o=
Subject key identifier:   7F:28:80:BF:D1:EA:3B:B6:A5:1C:23:62:28:B4:C6:FC:2A:48:7B:0F
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019A4EF4A1F0CFE25D9551C66B1ABB40E517
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0E6D
Signing time:             Tue 04 Nov 2025 13:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:46 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: nVU3ujS+smo1GEcYm2ozdCRtmb4OHRAuX3EZfktZ9GU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:a1:f0:cf:e2:5d:95:51:c6:6b:1a:bb:40:e5:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Nov  4 13:00:46 2025 GMT
            Not After : Nov  5 13:00:46 2025 GMT
        Subject: CN=7f2880bfd1ea3bb6a51c236228b4c6fc2a487b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e1:79:1f:30:56:79:b1:d6:ed:a5:54:fe:73:
                    fd:ee:4a:25:4d:5d:3a:1c:19:c1:cc:9f:94:c8:08:
                    f3:d9:af:34:1f:df:63:30:94:b1:1e:51:1a:90:07:
                    49:dd:12:7c:a8:e8:53:08:a0:2e:3e:fc:92:61:5b:
                    d4:86:3d:ed:f2:30:71:b7:e0:92:b6:1e:b6:df:57:
                    6a:96:5f:46:7d:72:a8:53:a8:d9:21:fb:f4:06:30:
                    bb:01:aa:1c:93:55:50:85:d9:f0:af:1c:20:0d:9f:
                    3c:56:44:60:3a:e7:95:06:bd:7b:47:b5:d6:62:65:
                    1e:e5:0b:77:74:3c:84:a5:89:a8:9b:2c:42:00:da:
                    af:57:86:7d:9c:e8:de:83:ca:77:46:c7:19:16:17:
                    1e:1b:75:c1:56:c1:35:3d:48:4f:cc:6d:e1:85:d4:
                    53:5d:8e:b5:02:fa:cb:84:2a:ae:cf:3d:c0:fb:3c:
                    58:25:be:95:11:95:88:b0:f1:6e:9d:29:11:26:fc:
                    56:0a:1d:2c:b2:17:93:2c:9c:91:be:34:1e:67:f1:
                    13:6b:b3:eb:ae:69:26:4e:ae:cd:aa:dd:7f:3f:6d:
                    02:c2:b9:8d:08:6b:83:13:e2:83:bd:61:83:99:2f:
                    88:b1:fe:b6:a0:3c:d4:55:90:6b:72:14:57:21:0a:
                    6c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:28:80:BF:D1:EA:3B:B6:A5:1C:23:62:28:B4:C6:FC:2A:48:7B:0F
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:9d:01:89:45:8f:a3:92:d4:d8:4e:c1:9c:4b:89:b4:a7:0d:
         c9:d6:4d:fc:a7:6e:93:6d:72:c4:3a:74:0a:2e:2e:20:20:71:
         22:e8:ba:c2:f5:d9:1c:04:60:80:84:e6:9e:f5:e7:c0:40:d0:
         1b:7f:e9:6a:d8:5a:4b:ce:d4:4f:2e:9c:d0:58:47:de:00:05:
         1b:86:8b:1a:fe:ee:a2:02:3e:9f:96:69:0b:42:ff:ca:1b:85:
         10:c6:02:18:82:c0:f9:b1:41:bb:95:26:5c:72:d0:6a:ed:c5:
         0d:b1:36:1c:e2:ac:00:74:99:c9:6d:a8:f8:44:e9:18:ad:e0:
         aa:7b:bb:03:72:b5:ca:f7:6f:ec:90:64:d9:5b:1b:b6:7a:b7:
         98:5e:0e:4a:65:15:6c:7e:6e:67:e1:ad:15:a8:34:e2:db:11:
         b6:cd:b9:3f:9c:fa:46:52:70:9e:ff:10:c6:e0:a1:e5:51:2b:
         35:f1:2c:9d:2b:87:0b:f8:f7:64:70:74:05:9b:06:3b:43:85:
         16:f1:56:7d:a9:03:47:f9:b9:5f:b4:5d:ba:2f:66:1f:08:67:
         80:a5:3a:7f:27:b7:06:06:9a:dd:49:6d:da:17:7a:a7:c1:2a:
         d5:33:95:6d:f1:93:bc:09:54:83:84:86:5d:ae:b9:31:b4:03:
         de:86:00:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KHwz+JdlVHGaxq7QOUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUxMTA0MTMwMDQ2WhcNMjUxMTA1MTMwMDQ2WjAzMTEwLwYDVQQD
Eyg3ZjI4ODBiZmQxZWEzYmI2YTUxYzIzNjIyOGI0YzZmYzJhNDg3YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOF5HzBWebHW7aVU/nP97kolTV06
HBnBzJ+UyAjz2a80H99jMJSxHlEakAdJ3RJ8qOhTCKAuPvySYVvUhj3t8jBxt+CS
th6231dqll9GfXKoU6jZIfv0BjC7Aaock1VQhdnwrxwgDZ88VkRgOueVBr17R7XW
YmUe5Qt3dDyEpYmomyxCANqvV4Z9nOjeg8p3RscZFhceG3XBVsE1PUhPzG3hhdRT
XY61AvrLhCquzz3A+zxYJb6VEZWIsPFunSkRJvxWCh0ssheTLJyRvjQeZ/ETa7Pr
rmkmTq7Nqt1/P20CwrmNCGuDE+KDvWGDmS+Isf62oDzUVZBrchRXIQpssQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8ogL/R6ju2pRwjYii0xvwqSHsPMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ50BiUWP
o5LU2E7BnEuJtKcNydZN/Kduk21yxDp0Ci4uICBxIui6wvXZHARggITmnvXnwEDQ
G3/pathaS87UTy6c0FhH3gAFG4aLGv7uogI+n5ZpC0L/yhuFEMYCGILA+bFBu5Um
XHLQau3FDbE2HOKsAHSZyW2o+ETpGK3gqnu7A3K1yvdv7JBk2Vsbtnq3mF4OSmUV
bH5uZ+GtFag04tsRts25P5z6RlJwnv8QxuCh5VErNfEsnSuHC/j3ZHB0BZsGO0OF
FvFWfakDR/m5X7Rdui9mHwhngKU6fye3Bgaa3Ult2hd6p8Eq1TOVbfGTvAlUg4SG
Xa65MbQD3oYAIQ==
-----END CERTIFICATE-----