Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          8ZsHy2wv3lbPUvtOwP4ALqjwq1RjL/l5Ta92BbqY/Mk=
Subject key identifier:   3E:D8:3D:8D:64:25:8B:FF:F4:81:B0:2A:EE:42:D2:EE:5D:62:74:7B
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       019A4F9980416F46430756100B842B9C4B81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          07A2
Signing time:             Tue 04 Nov 2025 16:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:51 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: rx414K7bnZfF+5V9aI6HLnwZIb/upjFubhwx63cjKdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:80:41:6f:46:43:07:56:10:0b:84:2b:9c:4b:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Nov  4 16:00:51 2025 GMT
            Not After : Nov  5 16:00:51 2025 GMT
        Subject: CN=3ed83d8d64258bfff481b02aee42d2ee5d62747b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:88:93:0b:18:d4:ef:4a:d8:fd:67:06:76:6b:
                    ab:bb:ae:af:06:b8:c1:fb:51:1e:e7:f9:42:2f:de:
                    9e:d9:af:13:92:d6:8a:a5:b2:2c:bc:4a:30:48:eb:
                    1f:ac:d3:2b:79:8f:3a:64:10:cd:bc:ad:ee:ce:25:
                    b0:57:b8:ea:6d:1f:1b:b7:4e:c5:6c:0a:cf:bf:df:
                    5f:c9:56:03:3c:39:34:21:9d:3f:88:ef:8d:12:9c:
                    ff:5f:88:ab:67:37:d5:49:5c:ee:14:fe:c3:74:a5:
                    9c:bb:3a:e2:0e:4d:80:90:fd:83:e7:ff:74:b0:1f:
                    1f:b2:8a:9b:90:c3:f4:4b:fd:34:dd:c5:f0:9c:4e:
                    09:d2:0e:16:65:d3:1e:b3:1e:f0:ba:80:fe:b0:e0:
                    06:a6:79:37:e1:de:8d:50:3c:0d:85:b4:00:b2:c6:
                    31:6b:d1:3b:ad:b1:21:fc:5d:58:fc:a1:2b:fd:47:
                    74:0a:19:3a:09:35:88:1f:11:fb:b5:07:eb:f6:85:
                    99:c3:82:c0:48:8f:bb:62:39:7c:f7:e9:9b:39:a4:
                    ee:38:7a:49:2b:47:1c:78:31:50:84:d1:fb:fe:88:
                    ed:23:ac:8b:8e:52:e8:5f:c5:d5:35:a1:d7:87:d2:
                    1c:05:46:57:fc:a2:31:72:fa:42:4a:fb:c9:48:4b:
                    0b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D8:3D:8D:64:25:8B:FF:F4:81:B0:2A:EE:42:D2:EE:5D:62:74:7B
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:18:5a:75:d8:69:fe:66:35:81:d7:0f:28:25:09:e7:2e:55:
         0f:a6:b4:a9:81:68:da:ce:a9:59:c5:7d:e1:85:bc:cc:50:fd:
         cf:60:1e:5a:b0:0f:7b:fb:b3:4b:3e:14:da:74:d1:54:0c:09:
         2d:9a:b0:5c:8d:83:72:85:98:26:83:f5:1d:3d:49:b4:ae:f5:
         3b:a5:fb:04:68:27:04:91:2c:88:1c:f5:3e:f6:8c:da:56:f3:
         a8:c4:01:89:0e:c1:5a:84:72:a0:95:7d:06:38:dc:9a:c5:e8:
         7d:09:3d:2e:d9:d4:75:24:54:2e:45:90:58:77:e5:59:ca:c7:
         a7:38:b6:70:51:05:ec:d2:c6:37:3e:47:f8:f7:5d:ef:72:54:
         3b:31:ab:f3:83:df:4c:1c:a8:b2:6f:e0:3f:77:e9:51:42:76:
         b3:91:95:a5:7c:1b:06:5d:f8:3a:0e:ae:7c:4a:5b:8a:82:93:
         fe:74:63:cd:20:79:bc:12:5a:c1:62:33:64:0e:8c:35:cc:10:
         3e:03:be:06:cf:f9:50:42:f7:c3:1e:5c:bb:75:3b:3e:4e:8d:
         66:81:6c:b6:af:76:85:f4:8b:86:75:83:66:7b:6e:72:ad:0e:
         7e:bb:e4:c3:71:a6:db:65:71:2b:44:32:ff:86:37:8c:42:c6:
         82:2c:a2:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmYBBb0ZDB1YQC4QrnEuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUxMTA0MTYwMDUxWhcNMjUxMTA1MTYwMDUxWjAzMTEwLwYDVQQD
EygzZWQ4M2Q4ZDY0MjU4YmZmZjQ4MWIwMmFlZTQyZDJlZTVkNjI3NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YiTCxjU70rY/WcGdmuru66vBrjB
+1Ee5/lCL96e2a8TktaKpbIsvEowSOsfrNMreY86ZBDNvK3uziWwV7jqbR8bt07F
bArPv99fyVYDPDk0IZ0/iO+NEpz/X4irZzfVSVzuFP7DdKWcuzriDk2AkP2D5/90
sB8fsoqbkMP0S/003cXwnE4J0g4WZdMesx7wuoD+sOAGpnk34d6NUDwNhbQAssYx
a9E7rbEh/F1Y/KEr/Ud0Chk6CTWIHxH7tQfr9oWZw4LASI+7Yjl89+mbOaTuOHpJ
K0cceDFQhNH7/ojtI6yLjlLoX8XVNaHXh9IcBUZX/KIxcvpCSvvJSEsL6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7YPY1kJYv/9IGwKu5C0u5dYnR7MB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxhaddhp
/mY1gdcPKCUJ5y5VD6a0qYFo2s6pWcV94YW8zFD9z2AeWrAPe/uzSz4U2nTRVAwJ
LZqwXI2DcoWYJoP1HT1JtK71O6X7BGgnBJEsiBz1PvaM2lbzqMQBiQ7BWoRyoJV9
BjjcmsXofQk9LtnUdSRULkWQWHflWcrHpzi2cFEF7NLGNz5H+Pdd73JUOzGr84Pf
TByosm/gP3fpUUJ2s5GVpXwbBl34Og6ufEpbioKT/nRjzSB5vBJawWIzZA6MNcwQ
PgO+Bs/5UEL3wx5cu3U7Pk6NZoFstq92hfSLhnWDZntucq0Ofrvkw3Gm22VxK0Qy
/4Y3jELGgiyiUg==
-----END CERTIFICATE-----