Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
File:                     yigmXgq4MyeqVJI0yrsT64_2ZDc.mft (raw, json)
Hash identifier:          a7UJAizrxolbVApvcRs3V2lo4xTnga0DommTEjilVlU=
Subject key identifier:   4E:A5:D3:5C:35:A4:51:6A:6F:05:24:CE:5D:37:AC:77:C4:F3:E6:E5
Authority key identifier: CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37
Certificate issuer:       /CN=ca28265e0ab83327aa549234cabb13eb8ff66437
Certificate serial:       019A4FD00D999F338FE57DEE3AC0A2D45B2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
Manifest number:          106E
Signing time:             Tue 04 Nov 2025 17:00:26 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:26 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:26 +0000
Files and hashes:         1: yigmXgq4MyeqVJI0yrsT64_2ZDc.crl (hash: ysDFCuJUNGWuBtF3jSpEKyKDzp196xx/x3Nhqzb8Eyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:0d:99:9f:33:8f:e5:7d:ee:3a:c0:a2:d4:5b:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca28265e0ab83327aa549234cabb13eb8ff66437
        Validity
            Not Before: Nov  4 17:00:26 2025 GMT
            Not After : Nov  5 17:00:26 2025 GMT
        Subject: CN=4ea5d35c35a4516a6f0524ce5d37ac77c4f3e6e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:97:37:2f:98:74:5e:73:3b:f6:0c:1e:9a:de:
                    92:f5:92:38:8c:11:02:38:2e:90:60:a3:48:ed:ec:
                    c4:31:61:ea:f3:9a:28:87:98:9f:5d:87:be:d3:22:
                    99:0a:7e:62:0b:b0:48:74:be:90:5d:d4:60:98:eb:
                    08:b8:ac:2e:43:5d:56:ef:29:e1:7b:ee:dc:82:f7:
                    7b:98:01:16:4c:58:5a:b1:b8:1e:1c:5b:93:aa:36:
                    65:e8:0e:23:57:cc:62:a4:20:4f:88:04:8f:6a:af:
                    d6:de:b5:2b:75:bd:b6:b3:ba:9f:25:35:97:87:19:
                    ac:31:4b:5f:d4:65:14:06:f4:fb:fe:f4:50:5a:76:
                    ca:40:d7:50:f8:6a:f9:c8:be:b0:a3:9e:6a:b6:20:
                    38:9a:0b:58:88:49:74:37:ef:f2:3b:22:d0:07:9f:
                    3e:f8:35:f5:6e:98:09:62:eb:26:68:d6:b2:7f:db:
                    77:97:9c:60:a4:7d:11:16:86:11:a8:43:5e:42:be:
                    54:bb:5e:78:31:ae:5b:53:94:da:a1:d8:2a:19:15:
                    a3:90:a9:0c:ed:50:4b:12:5b:23:50:34:b4:2f:09:
                    0f:2f:03:f4:c6:53:f0:f9:84:d4:dc:62:b1:41:b8:
                    9e:4e:0f:30:e7:ae:ee:2e:f0:8a:6d:d5:d7:60:bd:
                    be:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:A5:D3:5C:35:A4:51:6A:6F:05:24:CE:5D:37:AC:77:C4:F3:E6:E5
            X509v3 Authority Key Identifier:
                keyid:CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ff:9b:59:9b:52:c6:db:05:e0:02:34:dc:19:36:82:87:c5:
         32:c4:63:d4:4a:4d:c1:d2:00:5f:a0:87:65:0d:29:aa:73:e4:
         04:f8:03:dd:bd:85:31:50:0d:31:d3:07:64:f8:e8:90:68:11:
         df:8f:72:94:d3:2e:44:a0:ac:43:68:cd:bf:9a:15:13:48:c8:
         77:94:2d:a7:43:e0:4d:3e:5d:05:21:b7:21:61:c0:66:21:30:
         2a:5e:ce:6c:06:85:5c:f1:35:29:f0:39:2f:1c:c7:13:40:c4:
         ce:15:ef:61:d3:e2:1c:13:83:cf:87:bd:57:af:2c:c9:35:8f:
         7f:2b:bc:f6:e5:97:14:59:7d:cf:f0:5c:95:73:6e:28:f0:a8:
         37:c0:7f:68:e9:b1:33:2e:2e:e4:d0:10:c1:c1:4c:da:1b:73:
         47:51:ee:e8:3a:88:c6:82:51:cc:5c:46:2c:42:c7:68:06:37:
         b2:c2:13:1b:46:4c:a7:01:52:55:f1:71:8f:bd:19:5f:12:cc:
         e0:f4:ea:06:fe:e6:61:3c:66:4d:aa:73:90:ef:28:f5:ca:55:
         f3:69:3e:72:38:5d:b4:44:a1:d2:f2:c2:a6:f0:38:bf:ad:9f:
         4c:33:99:4a:8d:0d:30:8a:ee:b0:3e:b9:d9:8f:70:50:85:d6:
         3d:14:b3:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0A2ZnzOP5X3uOsCi1FstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjgyNjVlMGFiODMzMjdhYTU0OTIzNGNhYmIxM2ViOGZm
NjY0MzcwHhcNMjUxMTA0MTcwMDI2WhcNMjUxMTA1MTcwMDI2WjAzMTEwLwYDVQQD
Eyg0ZWE1ZDM1YzM1YTQ1MTZhNmYwNTI0Y2U1ZDM3YWM3N2M0ZjNlNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJc3L5h0XnM79gwemt6S9ZI4jBEC
OC6QYKNI7ezEMWHq85ooh5ifXYe+0yKZCn5iC7BIdL6QXdRgmOsIuKwuQ11W7ynh
e+7cgvd7mAEWTFhasbgeHFuTqjZl6A4jV8xipCBPiASPaq/W3rUrdb22s7qfJTWX
hxmsMUtf1GUUBvT7/vRQWnbKQNdQ+Gr5yL6wo55qtiA4mgtYiEl0N+/yOyLQB58+
+DX1bpgJYusmaNayf9t3l5xgpH0RFoYRqENeQr5Uu154Ma5bU5TaodgqGRWjkKkM
7VBLElsjUDS0LwkPLwP0xlPw+YTU3GKxQbieTg8w567uLvCKbdXXYL2+/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6l01w1pFFqbwUkzl03rHfE8+blMB8GA1UdIwQY
MBaAFMooJl4KuDMnqlSSNMq7E+uP9mQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEt
MTJkZmQ1ZTM5NWY5LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEtMTJkZmQ1ZTM5NWY5
LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhv+bWZtS
xtsF4AI03Bk2gofFMsRj1EpNwdIAX6CHZQ0pqnPkBPgD3b2FMVANMdMHZPjokGgR
349ylNMuRKCsQ2jNv5oVE0jId5Qtp0PgTT5dBSG3IWHAZiEwKl7ObAaFXPE1KfA5
LxzHE0DEzhXvYdPiHBODz4e9V68syTWPfyu89uWXFFl9z/BclXNuKPCoN8B/aOmx
My4u5NAQwcFM2htzR1Hu6DqIxoJRzFxGLELHaAY3ssITG0ZMpwFSVfFxj70ZXxLM
4PTqBv7mYTxmTapzkO8o9cpV82k+cjhdtESh0vLCpvA4v62fTDOZSo0NMIrusD65
2Y9wUIXWPRSzsQ==
-----END CERTIFICATE-----