Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          NMicrIadbq/Wwrf25Dzpz6aQF+i635zbYk9/fXwmINg=
Subject key identifier:   A0:DD:52:CC:B9:01:FF:F5:80:47:1B:1A:34:E1:9E:C0:0C:D0:85:39
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       019A4DE1A35004AD285AE77AF1A4D973CBC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          0EDA
Signing time:             Tue 04 Nov 2025 08:00:24 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:24 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:24 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: 5JP+J0nQY5w2MbgR5vbUcDnWGTTWTXjeBCh8OKH7l8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:a3:50:04:ad:28:5a:e7:7a:f1:a4:d9:73:cb:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Nov  4 08:00:24 2025 GMT
            Not After : Nov  5 08:00:24 2025 GMT
        Subject: CN=a0dd52ccb901fff580471b1a34e19ec00cd08539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1e:a9:34:48:9e:91:1a:0a:80:0c:02:69:db:
                    98:99:60:50:3c:3a:c4:87:7b:e1:f6:f5:f7:f6:fb:
                    c3:b1:af:a9:26:63:cb:dc:a7:a8:0d:fe:85:8a:e6:
                    1b:1d:9e:7e:90:43:21:a5:9a:b7:b7:5d:3b:ca:f5:
                    f0:d6:5a:b5:7d:f1:50:a3:a8:47:6a:9a:48:ae:4b:
                    53:d5:05:e5:03:6d:0d:07:f5:76:46:58:35:14:45:
                    8a:c9:4d:85:ad:3e:1b:c7:e9:00:e4:ae:36:09:f6:
                    2e:da:02:ac:af:74:b6:3c:45:4f:2b:60:74:4b:28:
                    93:c5:dc:8d:c6:ba:29:0d:f8:22:da:c1:3d:c1:40:
                    7e:59:ed:04:26:fc:74:76:d2:a6:0b:73:5a:4b:a8:
                    e3:c6:3c:ba:2d:51:cb:be:3f:9b:ab:7d:45:ab:81:
                    c6:87:cd:ca:98:9c:cf:a4:97:00:36:25:a9:58:a6:
                    18:64:31:06:a0:63:5d:9e:4e:f4:2e:15:a4:fa:17:
                    7c:77:f3:35:14:51:26:56:53:35:b8:59:1a:ad:24:
                    e1:3f:20:0f:1e:cd:04:a5:f2:50:79:c0:e2:4c:50:
                    84:6d:22:a9:26:26:41:33:ba:71:3c:2f:88:39:9f:
                    99:c2:df:19:af:98:42:b1:be:90:59:e4:ac:26:e6:
                    dd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:DD:52:CC:B9:01:FF:F5:80:47:1B:1A:34:E1:9E:C0:0C:D0:85:39
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:ce:4a:98:f4:71:6a:2c:34:cc:4f:6d:cb:85:2a:12:04:ba:
         dc:8a:58:d3:4a:29:a9:5b:7a:53:a4:4a:02:27:41:7e:6f:53:
         b6:83:74:dc:e6:aa:56:4f:ec:95:4e:91:4e:75:5a:32:58:a3:
         0f:8b:ed:b1:de:30:4e:90:16:7f:dd:59:c9:4f:07:bd:05:38:
         1e:2f:ff:56:31:d1:b1:ea:d6:2b:a9:cd:dc:5b:f0:d7:2a:1d:
         fb:ff:1b:c9:8d:d5:44:6c:cb:83:8f:93:f9:25:f5:71:16:e8:
         2d:4c:41:28:cc:10:1c:c2:c8:26:43:53:9a:e1:20:fd:76:b9:
         d7:dd:be:48:f4:f4:4b:80:77:be:33:f1:40:f3:c3:4a:13:73:
         02:8d:4c:ee:c1:b6:94:fd:51:22:89:64:7d:3d:dd:92:27:e7:
         90:2c:9e:a8:d3:57:25:b2:f5:8f:0b:5f:26:45:30:1e:5d:37:
         cc:71:48:52:6b:04:05:1d:4f:77:d7:cd:a9:6a:2d:3a:e6:3e:
         67:b4:0b:35:94:86:60:24:be:9f:00:f6:86:03:64:d0:b1:4b:
         5f:c2:45:c2:c2:2a:d7:f3:07:96:0d:35:20:4c:44:14:d7:7f:
         07:5c:32:b1:e8:55:17:82:cb:cf:1f:f2:5e:62:bb:9f:b5:ac:
         93:37:03:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4aNQBK0oWud68aTZc8vJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjUxMTA0MDgwMDI0WhcNMjUxMTA1MDgwMDI0WjAzMTEwLwYDVQQD
EyhhMGRkNTJjY2I5MDFmZmY1ODA0NzFiMWEzNGUxOWVjMDBjZDA4NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR6pNEiekRoKgAwCaduYmWBQPDrE
h3vh9vX39vvDsa+pJmPL3KeoDf6FiuYbHZ5+kEMhpZq3t107yvXw1lq1ffFQo6hH
appIrktT1QXlA20NB/V2Rlg1FEWKyU2FrT4bx+kA5K42CfYu2gKsr3S2PEVPK2B0
SyiTxdyNxropDfgi2sE9wUB+We0EJvx0dtKmC3NaS6jjxjy6LVHLvj+bq31Fq4HG
h83KmJzPpJcANiWpWKYYZDEGoGNdnk70LhWk+hd8d/M1FFEmVlM1uFkarSThPyAP
Hs0EpfJQecDiTFCEbSKpJiZBM7pxPC+IOZ+Zwt8Zr5hCsb6QWeSsJubdiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDdUsy5Af/1gEcbGjThnsAM0IU5MB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmM5KmPRx
aiw0zE9ty4UqEgS63IpY00opqVt6U6RKAidBfm9TtoN03OaqVk/slU6RTnVaMlij
D4vtsd4wTpAWf91ZyU8HvQU4Hi//VjHRserWK6nN3Fvw1yod+/8byY3VRGzLg4+T
+SX1cRboLUxBKMwQHMLIJkNTmuEg/Xa5192+SPT0S4B3vjPxQPPDShNzAo1M7sG2
lP1RIolkfT3dkifnkCyeqNNXJbL1jwtfJkUwHl03zHFIUmsEBR1Pd9fNqWotOuY+
Z7QLNZSGYCS+nwD2hgNk0LFLX8JFwsIq1/MHlg01IExEFNd/B1wysehVF4LLzx/y
XmK7n7WskzcDqQ==
-----END CERTIFICATE-----