Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          DKQ4Vk+JlkQeA0xlEt0KLv3aLMmA7Ky5xy69W8iguOw=
Subject key identifier:   41:1E:02:4C:E5:EC:66:4E:41:AB:C7:5A:1A:D9:DC:DC:16:23:FB:36
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       019A537609BBDE90F033F769392730680949
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          089A
Signing time:             Wed 05 Nov 2025 10:00:35 +0000
Manifest this update:     Wed 05 Nov 2025 10:00:35 +0000
Manifest next update:     Thu 06 Nov 2025 10:00:35 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: XPtLbo+bZUPcwNTzJU/5VMqSvA4KjPMG3l3omY5lAV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 10:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:76:09:bb:de:90:f0:33:f7:69:39:27:30:68:09:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Nov  5 10:00:35 2025 GMT
            Not After : Nov  6 10:00:35 2025 GMT
        Subject: CN=411e024ce5ec664e41abc75a1ad9dcdc1623fb36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:06:07:cb:08:48:65:5f:d4:83:78:0d:53:ce:
                    cf:f8:76:50:9c:08:6c:f7:07:9b:7d:bd:52:ab:bd:
                    fc:9f:84:1e:98:2b:a4:92:68:27:9b:25:04:d1:3b:
                    4a:01:d3:3e:46:a9:cc:2c:cc:25:2b:19:86:17:44:
                    f4:bc:b2:b8:88:5f:11:9a:91:c8:d1:e8:ad:45:14:
                    c5:91:cb:ec:e5:84:01:09:47:69:20:3d:74:65:ed:
                    4f:bf:de:d7:db:9c:d9:51:cd:57:b2:98:1b:46:8e:
                    5f:76:54:0d:46:fb:a9:9e:b6:6c:d2:77:1f:7a:ad:
                    63:b7:5c:9f:a8:db:df:14:be:3a:c0:15:d9:35:a9:
                    47:f8:dc:21:f7:38:14:d1:9e:b5:4c:24:1e:34:d4:
                    8f:ef:74:d2:ab:a5:ae:70:d0:5e:fa:d1:e1:53:8e:
                    32:85:03:fe:a0:d4:b5:77:5c:8b:04:be:f3:88:13:
                    c7:23:d7:5f:9d:21:d9:ce:e5:69:d5:5a:16:f5:fc:
                    ab:9e:d0:bd:0e:13:05:fa:5e:7d:c7:d4:9e:c8:0b:
                    84:ea:85:28:22:7b:3b:a0:61:76:36:73:87:64:d1:
                    72:d6:f4:ea:93:31:a6:c9:69:f5:e9:4a:a2:11:89:
                    ea:cb:90:16:33:63:8c:95:25:93:e2:f8:c9:69:6a:
                    e4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:1E:02:4C:E5:EC:66:4E:41:AB:C7:5A:1A:D9:DC:DC:16:23:FB:36
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:6f:74:ab:70:7c:b3:1d:9d:2e:27:af:82:88:9b:9f:9d:2c:
         c0:87:54:96:66:a7:2c:33:e8:36:c8:47:28:e6:27:1f:6f:e6:
         b6:a3:2f:61:e4:cc:8a:7b:03:3d:c3:ce:2b:f8:f2:0c:46:4a:
         19:5e:83:2d:38:2c:ec:9e:51:46:56:f0:b3:90:f0:47:1e:93:
         bc:d0:91:1b:99:87:3f:2a:f7:83:60:0a:2b:77:1f:72:7c:eb:
         63:e6:27:b6:8d:be:a5:68:a0:67:89:a1:8d:9d:a5:e6:70:3c:
         34:d7:c8:89:c9:63:b7:12:2a:b6:c5:45:3b:d1:5b:3d:a7:85:
         78:e4:c1:e7:19:46:34:78:a2:1d:c1:ab:d0:df:73:73:2e:65:
         0a:b1:b7:74:cd:03:2e:de:a8:52:f4:e3:8b:dd:a9:4e:b7:c8:
         6e:f2:90:27:f5:de:ec:d4:ca:c5:44:e4:e6:37:c2:14:74:fd:
         81:47:c3:7c:66:5f:20:06:69:60:ee:44:70:22:1d:78:fa:73:
         c5:04:d5:96:fd:d0:05:40:be:82:f2:0d:fa:c8:42:a9:e7:33:
         f5:22:52:9c:b6:44:67:4d:e5:a0:cb:dd:af:35:b5:10:cd:f1:
         af:de:2a:f7:8c:b9:f8:0f:81:7d:93:dd:4f:e8:de:de:2d:93:
         84:a7:c9:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdgm73pDwM/dpOScwaAlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUxMTA1MTAwMDM1WhcNMjUxMTA2MTAwMDM1WjAzMTEwLwYDVQQD
Eyg0MTFlMDI0Y2U1ZWM2NjRlNDFhYmM3NWExYWQ5ZGNkYzE2MjNmYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgYHywhIZV/Ug3gNU87P+HZQnAhs
9webfb1Sq738n4QemCukkmgnmyUE0TtKAdM+RqnMLMwlKxmGF0T0vLK4iF8RmpHI
0eitRRTFkcvs5YQBCUdpID10Ze1Pv97X25zZUc1XspgbRo5fdlQNRvupnrZs0ncf
eq1jt1yfqNvfFL46wBXZNalH+Nwh9zgU0Z61TCQeNNSP73TSq6WucNBe+tHhU44y
hQP+oNS1d1yLBL7ziBPHI9dfnSHZzuVp1VoW9fyrntC9DhMF+l59x9SeyAuE6oUo
Ins7oGF2NnOHZNFy1vTqkzGmyWn16UqiEYnqy5AWM2OMlSWT4vjJaWrkywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEeAkzl7GZOQavHWhrZ3NwWI/s2MB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeW90q3B8
sx2dLievgoibn50swIdUlmanLDPoNshHKOYnH2/mtqMvYeTMinsDPcPOK/jyDEZK
GV6DLTgs7J5RRlbws5DwRx6TvNCRG5mHPyr3g2AKK3cfcnzrY+Ynto2+pWigZ4mh
jZ2l5nA8NNfIicljtxIqtsVFO9FbPaeFeOTB5xlGNHiiHcGr0N9zcy5lCrG3dM0D
Lt6oUvTji92pTrfIbvKQJ/Xe7NTKxUTk5jfCFHT9gUfDfGZfIAZpYO5EcCIdePpz
xQTVlv3QBUC+gvIN+shCqecz9SJSnLZEZ03loMvdrzW1EM3xr94q94y5+A+BfZPd
T+je3i2ThKfJ+Q==
-----END CERTIFICATE-----