Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
File:                     y_sCefzSOo5YPzRauQRyjm0OTGI.mft (raw, json)
Hash identifier:          oSm8zNzKYOpWZZ/m4xVmXJknYODhMRAAv3g5UIw0Ips=
Subject key identifier:   DA:36:92:C0:9B:72:44:CC:F2:4D:8C:54:4C:D3:92:00:95:EC:A4:F1
Authority key identifier: CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62
Certificate issuer:       /CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
Certificate serial:       019A4DE204E047D178C1E80A784D22F3B348
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
Manifest number:          0736
Signing time:             Tue 04 Nov 2025 08:00:49 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:49 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:49 +0000
Files and hashes:         1: y_sCefzSOo5YPzRauQRyjm0OTGI.crl (hash: b6EEr/7gCtI/WvE9pyBG4sWOTOABD6b+tUiBd+7pX9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:04:e0:47:d1:78:c1:e8:0a:78:4d:22:f3:b3:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
        Validity
            Not Before: Nov  4 08:00:49 2025 GMT
            Not After : Nov  5 08:00:49 2025 GMT
        Subject: CN=da3692c09b7244ccf24d8c544cd3920095eca4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:00:01:89:7a:13:72:d2:2b:08:1a:7e:8a:ae:
                    63:68:ee:d7:cc:9c:c5:84:c6:80:3a:8e:66:15:82:
                    d7:fb:69:02:75:1d:7b:4b:34:10:dd:aa:15:61:53:
                    d8:c8:1a:dd:37:97:f8:d7:9e:0e:18:b7:7f:05:9f:
                    71:06:2f:b8:56:45:0e:cd:fc:cf:5e:96:14:ad:c4:
                    76:07:ac:fc:a2:da:45:14:ba:30:65:46:a5:13:c2:
                    ee:f2:ca:2d:93:b1:d3:2b:74:b6:ce:43:87:c4:97:
                    5d:79:89:72:5c:c2:3d:ea:80:93:49:69:6f:87:6d:
                    f6:af:e7:09:59:56:1d:88:d8:88:b3:43:c9:ef:ef:
                    32:cf:77:35:dd:62:3c:97:12:fb:fb:18:50:d4:f3:
                    b5:e1:cc:08:41:d7:80:d5:7f:b2:01:4f:1d:23:33:
                    b8:29:bd:33:37:cc:93:31:55:99:8b:7b:8d:04:fa:
                    26:6e:e8:e4:6a:ab:fd:a9:f9:ca:b1:86:7d:b5:fe:
                    98:d6:4e:47:d4:84:ef:4f:13:7a:fb:b2:6e:e4:4a:
                    05:2c:de:7d:4a:f6:97:59:9f:e5:90:8f:08:1c:40:
                    6e:1a:10:69:6f:1d:29:a8:0e:1c:bc:16:56:c4:d6:
                    4d:13:56:87:61:f9:d2:aa:f9:a9:b0:c3:ac:1e:d3:
                    ce:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:36:92:C0:9B:72:44:CC:F2:4D:8C:54:4C:D3:92:00:95:EC:A4:F1
            X509v3 Authority Key Identifier:
                keyid:CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:79:24:8c:67:8e:7c:9a:85:83:98:50:fd:4e:bf:46:18:b3:
         58:07:0b:df:1a:6a:20:66:98:af:e7:61:ba:2a:be:38:bd:a2:
         de:9a:30:b6:64:dc:15:4b:ae:06:ea:dd:d5:18:08:76:35:e0:
         2f:ff:b2:fa:23:ed:b5:5f:bb:34:cb:c3:fd:53:6a:e4:7b:5e:
         af:5b:ff:af:26:ed:97:dc:60:86:53:73:24:0c:5f:6b:a9:e3:
         84:99:eb:08:48:0d:e4:69:8e:60:c1:7f:e7:95:47:c2:dd:2c:
         a5:6a:bc:d4:17:9e:8d:ca:e8:20:fa:f6:3c:25:73:09:14:7b:
         72:bb:68:0b:38:be:42:e8:a4:98:06:c2:20:e0:5f:5b:71:bd:
         7c:c7:f5:4c:d2:42:2d:44:57:39:79:de:2d:47:c4:f5:a1:50:
         a3:68:4c:0c:84:e8:ff:6d:54:45:93:4e:fc:a1:35:4d:45:bf:
         31:10:e8:07:50:b7:2e:a6:c6:2b:33:da:ff:e5:7d:a2:db:6c:
         3c:fe:7c:95:53:99:91:b7:45:ca:09:bf:34:a9:47:52:32:1e:
         cd:af:e3:cc:8d:76:cc:e2:28:e2:3d:b5:d0:29:a1:77:73:ad:
         7c:be:ca:22:6c:bb:a4:49:ed:ef:7f:5c:ac:0b:fd:b9:1d:df:
         cc:de:22:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gTgR9F4wegKeE0i87NIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmIwMjc5ZmNkMjNhOGU1ODNmMzQ1YWI5MDQ3MjhlNmQw
ZTRjNjIwHhcNMjUxMTA0MDgwMDQ5WhcNMjUxMTA1MDgwMDQ5WjAzMTEwLwYDVQQD
EyhkYTM2OTJjMDliNzI0NGNjZjI0ZDhjNTQ0Y2QzOTIwMDk1ZWNhNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gABiXoTctIrCBp+iq5jaO7XzJzF
hMaAOo5mFYLX+2kCdR17SzQQ3aoVYVPYyBrdN5f4154OGLd/BZ9xBi+4VkUOzfzP
XpYUrcR2B6z8otpFFLowZUalE8Lu8sotk7HTK3S2zkOHxJddeYlyXMI96oCTSWlv
h232r+cJWVYdiNiIs0PJ7+8yz3c13WI8lxL7+xhQ1PO14cwIQdeA1X+yAU8dIzO4
Kb0zN8yTMVWZi3uNBPombujkaqv9qfnKsYZ9tf6Y1k5H1ITvTxN6+7Ju5EoFLN59
SvaXWZ/lkI8IHEBuGhBpbx0pqA4cvBZWxNZNE1aHYfnSqvmpsMOsHtPO9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNo2ksCbckTM8k2MVEzTkgCV7KTxMB8GA1UdIwQY
MBaAFMv7Ann80jqOWD80WrkEco5tDkxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgt
ODBmODIwMjcxNGRhLzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgtODBmODIwMjcxNGRh
LzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3XkkjGeO
fJqFg5hQ/U6/RhizWAcL3xpqIGaYr+dhuiq+OL2i3powtmTcFUuuBurd1RgIdjXg
L/+y+iPttV+7NMvD/VNq5Hter1v/rybtl9xghlNzJAxfa6njhJnrCEgN5GmOYMF/
55VHwt0spWq81BeejcroIPr2PCVzCRR7crtoCzi+QuikmAbCIOBfW3G9fMf1TNJC
LURXOXneLUfE9aFQo2hMDITo/21URZNO/KE1TUW/MRDoB1C3LqbGKzPa/+V9otts
PP58lVOZkbdFygm/NKlHUjIeza/jzI12zOIo4j210Cmhd3OtfL7KImy7pEnt739c
rAv9uR3fzN4irA==
-----END CERTIFICATE-----