Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          EDavV6Jbt/YXUiCTNN6YLVlCPdj9oeWF50Ay5QMnxXE=
Subject key identifier:   48:46:7E:51:76:49:7E:20:C3:1B:21:38:2E:23:1A:7B:A3:E0:0C:5C
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       019A4D0709705CF2DE67B71F822E1A8AC294
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 04:01:37 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:37 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:37 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: poW6rdCujw9gex54ziiZymqsxaUVUmZUGOe33+1HG8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:09:70:5c:f2:de:67:b7:1f:82:2e:1a:8a:c2:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Nov  4 04:01:37 2025 GMT
            Not After : Nov  5 04:01:37 2025 GMT
        Subject: CN=48467e5176497e20c31b21382e231a7ba3e00c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d1:15:95:57:9a:bd:3b:d1:c2:25:ed:8d:46:
                    85:d9:49:f4:d1:19:71:b1:7a:2e:14:89:49:e2:20:
                    56:fb:5a:55:37:19:71:17:c1:de:74:e1:bb:ff:dd:
                    b9:11:c4:c5:c2:04:bb:56:44:ad:5a:9b:09:16:6b:
                    42:dd:41:1a:0f:41:c9:20:ad:23:61:60:bc:db:06:
                    65:99:40:a9:f1:0f:46:ca:c9:09:4f:5f:57:cb:bf:
                    5c:68:21:15:e0:7e:81:77:f6:81:b4:be:70:cd:79:
                    de:cd:44:1d:48:e5:85:fb:70:9c:31:b5:37:82:0c:
                    76:bb:99:2f:65:3d:a0:42:51:46:10:ff:07:dd:4a:
                    85:67:f0:19:d8:ac:35:d7:a5:48:8a:5a:ad:7f:2d:
                    2c:e1:2b:2f:80:6b:c7:ed:1c:17:3e:58:72:92:41:
                    ab:65:1d:ab:18:0e:d0:36:89:71:f4:70:26:79:75:
                    81:63:24:dc:b0:27:5e:b5:9c:06:8b:8a:77:23:3d:
                    22:32:73:e0:b6:6a:26:59:4b:3f:57:d8:ed:bc:4b:
                    6a:26:34:b8:94:ab:af:e6:bd:55:ea:cd:a9:c1:63:
                    ab:21:c8:38:41:d3:56:66:91:dd:ab:6f:f8:d0:8e:
                    91:c6:e0:2d:64:29:16:97:36:6f:cd:d7:5a:8c:69:
                    7c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:46:7E:51:76:49:7E:20:C3:1B:21:38:2E:23:1A:7B:A3:E0:0C:5C
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:b1:59:a5:e7:86:df:91:05:97:8e:63:de:b0:28:40:e0:ff:
         1e:3a:33:c4:0e:b9:b8:08:d1:26:13:9e:0a:ac:80:25:d7:36:
         b3:d1:a7:3b:49:1d:56:bb:37:0a:7c:20:de:6f:30:bc:35:66:
         bf:eb:f4:f7:be:e2:72:9e:0f:27:24:f4:be:e4:7a:5f:6c:8a:
         27:b8:47:3e:44:ba:92:14:68:30:3b:b8:06:eb:40:85:94:b0:
         41:ff:8e:49:4f:46:90:29:74:aa:67:1c:77:28:fc:ed:42:3a:
         62:8c:79:81:79:6c:79:08:61:15:76:ef:25:44:92:b7:45:81:
         a2:b4:ec:e6:15:3a:21:cf:b7:3e:5b:98:7e:fa:10:93:78:82:
         09:2a:99:c3:fc:29:f5:98:e0:6c:8d:a3:94:f4:d6:cd:23:3e:
         7d:80:61:21:52:d0:df:31:5f:e4:71:81:66:63:26:24:15:d5:
         79:aa:fb:eb:c5:3e:28:06:ef:95:0f:d1:66:11:de:df:60:cf:
         04:c1:38:c3:e3:80:e9:6a:33:60:f1:5c:2f:12:ab:9d:0b:d2:
         72:22:cc:88:1b:fb:c6:73:f1:41:d4:c2:98:41:83:a0:70:a8:
         65:23:54:cc:0a:14:53:b8:09:f3:29:f5:34:10:16:ec:43:d9:
         24:5e:1c:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBwlwXPLeZ7cfgi4aisKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjUxMTA0MDQwMTM3WhcNMjUxMTA1MDQwMTM3WjAzMTEwLwYDVQQD
Eyg0ODQ2N2U1MTc2NDk3ZTIwYzMxYjIxMzgyZTIzMWE3YmEzZTAwYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9EVlVeavTvRwiXtjUaF2Un00Rlx
sXouFIlJ4iBW+1pVNxlxF8HedOG7/925EcTFwgS7VkStWpsJFmtC3UEaD0HJIK0j
YWC82wZlmUCp8Q9GyskJT19Xy79caCEV4H6Bd/aBtL5wzXnezUQdSOWF+3CcMbU3
ggx2u5kvZT2gQlFGEP8H3UqFZ/AZ2Kw116VIilqtfy0s4SsvgGvH7RwXPlhykkGr
ZR2rGA7QNolx9HAmeXWBYyTcsCdetZwGi4p3Iz0iMnPgtmomWUs/V9jtvEtqJjS4
lKuv5r1V6s2pwWOrIcg4QdNWZpHdq2/40I6RxuAtZCkWlzZvzddajGl8WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhGflF2SX4gwxshOC4jGnuj4AxcMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQrFZpeeG
35EFl45j3rAoQOD/HjozxA65uAjRJhOeCqyAJdc2s9GnO0kdVrs3Cnwg3m8wvDVm
v+v0977icp4PJyT0vuR6X2yKJ7hHPkS6khRoMDu4ButAhZSwQf+OSU9GkCl0qmcc
dyj87UI6Yox5gXlseQhhFXbvJUSSt0WBorTs5hU6Ic+3PluYfvoQk3iCCSqZw/wp
9ZjgbI2jlPTWzSM+fYBhIVLQ3zFf5HGBZmMmJBXVear768U+KAbvlQ/RZhHe32DP
BME4w+OA6WozYPFcLxKrnQvSciLMiBv7xnPxQdTCmEGDoHCoZSNUzAoUU7gJ8yn1
NBAW7EPZJF4cCA==
-----END CERTIFICATE-----