Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          XNsBRr5jXBDwBzJFc9ELWHgUfBB2N3n94g70JYd8ZJQ=
Subject key identifier:   7D:31:B9:CE:70:2A:25:73:B1:6B:A4:F6:EF:3C:EF:C2:74:01:AC:82
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       019A4D73AD7C3289F957D382C313D697FE3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          0424
Signing time:             Tue 04 Nov 2025 06:00:17 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:17 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:17 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: YMTB0EmZO4E6bs/TGNIc3lW10LsT97ybQsdt4hb84NA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:ad:7c:32:89:f9:57:d3:82:c3:13:d6:97:fe:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Nov  4 06:00:17 2025 GMT
            Not After : Nov  5 06:00:17 2025 GMT
        Subject: CN=7d31b9ce702a2573b16ba4f6ef3cefc27401ac82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9e:56:b0:39:16:db:73:a3:e1:fb:f2:9d:5a:
                    83:c2:2e:13:2c:3b:b7:8b:0e:36:af:ed:dd:cd:89:
                    88:79:31:d2:07:bc:92:7a:c8:a0:fc:0b:76:fa:96:
                    12:6c:ed:96:a3:27:12:a2:95:3c:14:b9:79:a3:30:
                    f7:5d:c3:8a:b1:ce:f4:2f:6e:d7:3a:b5:1b:a4:8c:
                    e3:e8:81:f9:05:cd:a3:48:aa:a9:80:e1:21:9e:00:
                    f0:08:8f:71:67:6b:39:dd:90:f5:1e:81:42:11:b5:
                    97:e9:70:d9:6f:5f:a3:30:a2:60:84:d0:bf:24:de:
                    de:76:4b:53:74:63:41:36:72:f3:10:77:d8:ef:95:
                    b6:63:23:ee:ef:3a:a7:0f:06:b6:60:2b:bc:e0:62:
                    59:3d:55:25:9d:44:a5:79:ad:bd:1f:ad:40:b1:ca:
                    a2:d1:de:37:7a:ca:b3:da:34:ae:99:ca:b1:63:56:
                    6c:31:53:ce:d3:d8:5b:cb:eb:27:b7:eb:58:b1:f4:
                    1e:4b:df:24:91:be:ff:50:1c:6b:a6:8b:e1:e3:a1:
                    47:31:c4:a5:fa:9c:af:a3:35:3f:7b:61:31:fb:cc:
                    1c:b1:08:4c:1a:20:df:60:5c:06:92:c7:68:e1:55:
                    4c:56:c0:35:a6:0c:d8:27:34:47:61:08:54:e8:32:
                    e4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:31:B9:CE:70:2A:25:73:B1:6B:A4:F6:EF:3C:EF:C2:74:01:AC:82
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:6b:52:34:98:a3:b4:ce:7b:51:70:17:34:7c:8d:aa:d5:c9:
         b8:1c:bf:3d:74:0c:50:65:35:9c:f8:68:98:f3:b0:b5:35:13:
         1a:c8:51:b6:b2:df:7c:68:83:b4:04:d7:6b:38:49:02:0b:83:
         50:5c:03:48:c6:af:16:f3:f6:f3:de:4b:77:b5:f8:ed:42:8c:
         55:30:4b:c9:54:f4:49:c9:83:05:db:67:37:12:be:06:da:59:
         6c:06:3e:7b:65:ca:1b:41:0f:d3:22:3f:13:55:f1:31:da:3e:
         1a:dd:b1:93:e1:d0:6b:5c:f0:11:5e:77:5a:62:51:c1:75:84:
         29:a8:c6:15:a5:0d:09:24:bc:19:37:0d:55:0b:03:3d:b9:63:
         95:75:36:ba:bd:c4:33:27:d8:86:17:90:e5:c3:bb:86:a4:f6:
         a2:3e:10:8e:49:d8:f0:2d:c5:c7:ff:81:c9:2d:1a:34:6a:03:
         67:65:48:4c:5f:85:1d:29:ef:90:e9:d3:0d:9b:84:d5:5b:46:
         95:30:cf:16:c5:6b:98:75:90:ea:cb:42:28:a3:42:61:67:6d:
         9d:18:13:10:5b:7b:05:3f:40:14:1b:76:34:1d:be:35:76:f7:
         9e:9c:c1:79:d6:0d:75:fb:0d:7d:24:31:27:59:84:cd:61:f1:
         3f:6c:0d:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc618Mon5V9OCwxPWl/47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUxMTA0MDYwMDE3WhcNMjUxMTA1MDYwMDE3WjAzMTEwLwYDVQQD
Eyg3ZDMxYjljZTcwMmEyNTczYjE2YmE0ZjZlZjNjZWZjMjc0MDFhYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ5WsDkW23Oj4fvynVqDwi4TLDu3
iw42r+3dzYmIeTHSB7ySesig/At2+pYSbO2WoycSopU8FLl5ozD3XcOKsc70L27X
OrUbpIzj6IH5Bc2jSKqpgOEhngDwCI9xZ2s53ZD1HoFCEbWX6XDZb1+jMKJghNC/
JN7edktTdGNBNnLzEHfY75W2YyPu7zqnDwa2YCu84GJZPVUlnUSlea29H61Ascqi
0d43esqz2jSumcqxY1ZsMVPO09hby+snt+tYsfQeS98kkb7/UBxrpovh46FHMcSl
+pyvozU/e2Ex+8wcsQhMGiDfYFwGksdo4VVMVsA1pgzYJzRHYQhU6DLkuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0xuc5wKiVzsWuk9u8878J0AayCMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWtSNJij
tM57UXAXNHyNqtXJuBy/PXQMUGU1nPhomPOwtTUTGshRtrLffGiDtATXazhJAguD
UFwDSMavFvP2895Ld7X47UKMVTBLyVT0ScmDBdtnNxK+BtpZbAY+e2XKG0EP0yI/
E1XxMdo+Gt2xk+HQa1zwEV53WmJRwXWEKajGFaUNCSS8GTcNVQsDPbljlXU2ur3E
MyfYhheQ5cO7hqT2oj4QjknY8C3Fx/+ByS0aNGoDZ2VITF+FHSnvkOnTDZuE1VtG
lTDPFsVrmHWQ6stCKKNCYWdtnRgTEFt7BT9AFBt2NB2+NXb3npzBedYNdfsNfSQx
J1mEzWHxP2wNSA==
-----END CERTIFICATE-----