Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          w48ssFo8fARWuKyRS3+oBmGY1sgwgqHVzUYVSYNGnL8=
Subject key identifier:   C8:50:07:C9:B4:B4:3E:3A:F6:87:4A:9B:34:9F:91:73:D6:A6:EA:6E
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019A52D1FF21FBB1D80C3821FCCFCE38BFE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          170B
Signing time:             Wed 05 Nov 2025 07:01:25 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:25 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:25 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: 4SI20Qa7Wy9n5/SefdmOJa2UisPCRnfbQXsaDyKQoT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:ff:21:fb:b1:d8:0c:38:21:fc:cf:ce:38:bf:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Nov  5 07:01:25 2025 GMT
            Not After : Nov  6 07:01:25 2025 GMT
        Subject: CN=c85007c9b4b43e3af6874a9b349f9173d6a6ea6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ad:09:93:a4:0c:bd:47:00:32:eb:5a:03:1d:
                    9b:f1:70:69:30:48:89:c0:a2:27:c6:9d:c3:e1:22:
                    9a:05:13:b2:ba:f5:05:75:30:27:4a:2f:c3:df:b5:
                    b0:37:a2:74:f5:c3:9d:43:35:0b:11:d6:5d:4f:88:
                    51:b7:f2:6f:0f:2c:6f:01:11:32:c0:11:d9:f9:29:
                    4a:1f:b4:5f:e3:31:27:0f:3f:a1:2c:58:a7:28:8c:
                    89:d7:eb:b2:dc:28:6e:2e:fe:5e:79:eb:d9:ca:56:
                    9a:12:05:7e:0b:9a:59:3c:4b:56:7f:36:09:85:20:
                    a1:7e:d6:01:5f:6b:b3:17:de:ed:f3:44:83:34:54:
                    ae:ca:f6:2d:4f:cf:41:75:96:89:43:ea:18:5f:7b:
                    3e:06:ed:b2:ff:e1:d8:ce:da:43:cf:95:34:90:c2:
                    32:4d:d1:92:16:ab:58:92:9a:b7:70:3a:0b:c0:8b:
                    ee:94:83:89:a7:15:9a:a6:a1:d7:9c:70:63:5f:71:
                    f7:8c:e5:8a:44:32:90:a0:c3:87:a4:bb:99:d4:3c:
                    b8:b5:c1:17:b1:69:32:20:41:ea:d4:f6:38:7c:f2:
                    ed:38:97:5f:27:87:0b:f2:9a:05:7f:db:c4:dc:ff:
                    1d:bf:d8:6d:f6:a8:4a:65:33:a9:ad:76:ce:86:3d:
                    c9:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:50:07:C9:B4:B4:3E:3A:F6:87:4A:9B:34:9F:91:73:D6:A6:EA:6E
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:eb:30:aa:a0:d3:39:6c:45:f2:26:09:6d:30:58:95:ae:f1:
         68:7e:b3:1f:f8:03:51:3c:8b:5d:6f:61:71:55:d0:93:dc:69:
         a3:9f:aa:2e:d1:6e:33:87:57:f6:2d:17:4f:56:09:2f:3d:de:
         4b:21:6f:12:58:2b:0f:0c:1a:24:78:82:61:c1:c0:17:4f:ab:
         79:de:e6:28:18:af:0a:65:04:dc:09:41:f7:4d:b9:fc:42:c8:
         a3:68:9a:69:cf:9e:79:c6:30:6e:11:f0:39:82:4c:5a:49:14:
         8f:55:58:3f:5d:ef:18:ab:93:cd:41:48:be:4d:48:57:d7:ce:
         af:ff:d3:91:1c:12:f0:bf:61:4a:46:c5:50:ef:e8:50:1e:d2:
         50:e3:d2:68:b9:c1:63:11:8e:c4:9f:fb:38:91:2b:8f:f8:3f:
         54:70:ca:8b:48:0f:a2:76:2a:c5:b3:cc:12:50:a5:fb:50:0d:
         c1:01:cb:e8:04:a4:47:91:4a:b5:84:97:d3:e8:24:fa:f8:84:
         ba:9f:29:11:a6:0e:a4:15:df:26:d4:e0:81:ac:8c:7f:40:8d:
         6f:67:e2:08:b2:fc:fc:b8:ed:6a:be:49:b5:71:34:e9:f5:60:
         94:27:5a:c1:21:23:be:2f:27:65:95:70:f2:0d:66:63:a8:05:
         c3:a9:05:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0f8h+7HYDDgh/M/OOL/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUxMTA1MDcwMTI1WhcNMjUxMTA2MDcwMTI1WjAzMTEwLwYDVQQD
EyhjODUwMDdjOWI0YjQzZTNhZjY4NzRhOWIzNDlmOTE3M2Q2YTZlYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK0Jk6QMvUcAMutaAx2b8XBpMEiJ
wKInxp3D4SKaBROyuvUFdTAnSi/D37WwN6J09cOdQzULEdZdT4hRt/JvDyxvAREy
wBHZ+SlKH7Rf4zEnDz+hLFinKIyJ1+uy3ChuLv5eeevZylaaEgV+C5pZPEtWfzYJ
hSChftYBX2uzF97t80SDNFSuyvYtT89BdZaJQ+oYX3s+Bu2y/+HYztpDz5U0kMIy
TdGSFqtYkpq3cDoLwIvulIOJpxWapqHXnHBjX3H3jOWKRDKQoMOHpLuZ1Dy4tcEX
sWkyIEHq1PY4fPLtOJdfJ4cL8poFf9vE3P8dv9ht9qhKZTOprXbOhj3JEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhQB8m0tD469odKmzSfkXPWpupuMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEOswqqDT
OWxF8iYJbTBYla7xaH6zH/gDUTyLXW9hcVXQk9xpo5+qLtFuM4dX9i0XT1YJLz3e
SyFvElgrDwwaJHiCYcHAF0+red7mKBivCmUE3AlB9025/ELIo2iaac+eecYwbhHw
OYJMWkkUj1VYP13vGKuTzUFIvk1IV9fOr//TkRwS8L9hSkbFUO/oUB7SUOPSaLnB
YxGOxJ/7OJErj/g/VHDKi0gPonYqxbPMElCl+1ANwQHL6ASkR5FKtYSX0+gk+viE
up8pEaYOpBXfJtTggayMf0CNb2fiCLL8/Ljtar5JtXE06fVglCdawSEjvi8nZZVw
8g1mY6gFw6kFjQ==
-----END CERTIFICATE-----