Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File:                     Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier:          MyXEpn0KTSQhfbhvw1u2ykBlZC5O3yPI9f75o+RAt8M=
Subject key identifier:   AB:4F:ED:5E:5D:5F:5D:CF:F8:EF:F5:E8:35:D7:7F:6E:1B:3B:3F:7E
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer:       /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial:       019A4EF534B1F41E9AD17B090E9DE8A8B2BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number:          0F0D
Signing time:             Tue 04 Nov 2025 13:01:23 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:23 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:23 +0000
Files and hashes:         1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: O0LjD3eIs0tFimVT8W+Vw+RJdpV4Vw2smIybLOmfWnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:34:b1:f4:1e:9a:d1:7b:09:0e:9d:e8:a8:b2:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
        Validity
            Not Before: Nov  4 13:01:23 2025 GMT
            Not After : Nov  5 13:01:23 2025 GMT
        Subject: CN=ab4fed5e5d5f5dcff8eff5e835d77f6e1b3b3f7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:1a:49:b3:17:36:e7:2f:0f:4c:06:fa:be:d5:
                    60:de:07:57:88:51:bc:fd:28:97:5c:5d:01:0f:a6:
                    4e:4c:53:5c:a9:6d:c7:42:c5:32:84:cb:81:ae:df:
                    9e:a7:25:7b:25:7e:c7:75:c4:07:ac:ad:af:d5:e9:
                    05:d9:12:96:a9:ac:d6:88:a6:ec:6e:23:b2:45:81:
                    f5:18:b6:b4:67:4a:a5:11:0c:7c:04:b0:6e:46:70:
                    db:a6:3f:3a:ae:99:5c:e8:92:18:af:8a:24:de:9a:
                    20:d2:cd:83:bd:c4:6e:37:94:56:9d:dd:0b:e4:d9:
                    08:5d:25:54:49:d9:25:fb:c5:ab:e6:6f:b7:b0:5b:
                    ea:aa:47:83:27:54:87:ec:18:6f:a6:4d:bc:bf:29:
                    49:2a:fe:5f:c0:07:4d:52:94:e7:8e:20:05:d5:8c:
                    b2:78:58:bb:88:82:0f:e8:0f:01:51:31:3d:2a:b2:
                    d2:d7:56:ed:0f:0e:d7:cf:6a:1b:4d:e0:a1:53:b5:
                    2e:6a:45:bd:8e:36:b6:48:60:20:12:7c:92:26:82:
                    e3:2e:85:df:6c:2b:0a:f8:c9:2e:6d:08:2b:55:6f:
                    68:a8:6b:84:37:8d:b9:67:ef:66:58:33:e0:66:ab:
                    07:2f:19:7c:ed:c3:6a:a3:1d:63:0c:b1:5c:4d:33:
                    cf:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:4F:ED:5E:5D:5F:5D:CF:F8:EF:F5:E8:35:D7:7F:6E:1B:3B:3F:7E
            X509v3 Authority Key Identifier:
                keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:03:ae:41:b2:ca:38:eb:79:eb:53:20:78:e5:e9:1b:18:c4:
         7a:2d:66:d1:04:a9:43:45:61:7f:8b:55:68:6d:d2:bf:a9:5b:
         d9:4b:c2:4e:01:ca:aa:47:17:64:b2:71:7b:c2:b1:8d:ee:02:
         11:0d:b4:e2:df:15:89:00:b5:87:40:56:58:4b:41:77:43:95:
         60:9a:0a:4b:b7:4d:40:a8:9d:76:60:43:e6:cb:3f:e7:68:51:
         75:7d:db:48:0e:40:49:93:71:99:df:62:a8:bf:dc:fc:46:6f:
         ee:99:6e:10:50:cc:e9:4d:3e:fe:5f:5e:14:c4:f7:21:41:03:
         35:0b:27:c2:db:fd:53:1e:ba:61:0a:fe:a6:e4:a1:0c:cd:b3:
         da:1d:c8:8c:75:ff:3a:36:61:8b:2a:b6:09:f5:1c:48:7d:e1:
         78:c4:b6:a5:da:84:16:93:ff:85:d8:be:65:76:3e:13:c1:2a:
         d3:95:c8:fe:d6:7c:35:79:57:67:22:03:7c:14:4a:a0:3d:c0:
         4a:f3:c9:55:c9:9f:15:8a:87:7f:61:5b:ae:4f:ac:d0:23:37:
         0f:a4:6a:b8:69:f1:77:88:b3:78:2b:58:a1:bf:78:1a:99:3f:
         a7:b2:ed:cb:af:1c:5f:d6:96:e5:8a:bc:16:9d:38:87:69:41:
         b4:89:09:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TSx9B6a0XsJDp3oqLK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjUxMTA0MTMwMTIzWhcNMjUxMTA1MTMwMTIzWjAzMTEwLwYDVQQD
EyhhYjRmZWQ1ZTVkNWY1ZGNmZjhlZmY1ZTgzNWQ3N2Y2ZTFiM2IzZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRpJsxc25y8PTAb6vtVg3gdXiFG8
/SiXXF0BD6ZOTFNcqW3HQsUyhMuBrt+epyV7JX7HdcQHrK2v1ekF2RKWqazWiKbs
biOyRYH1GLa0Z0qlEQx8BLBuRnDbpj86rplc6JIYr4ok3pog0s2DvcRuN5RWnd0L
5NkIXSVUSdkl+8Wr5m+3sFvqqkeDJ1SH7Bhvpk28vylJKv5fwAdNUpTnjiAF1Yyy
eFi7iIIP6A8BUTE9KrLS11btDw7Xz2obTeChU7UuakW9jja2SGAgEnySJoLjLoXf
bCsK+MkubQgrVW9oqGuEN425Z+9mWDPgZqsHLxl87cNqox1jDLFcTTPPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtP7V5dX13P+O/16DXXf24bOz9+MB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAOuQbLK
OOt561MgeOXpGxjEei1m0QSpQ0Vhf4tVaG3Sv6lb2UvCTgHKqkcXZLJxe8Kxje4C
EQ204t8ViQC1h0BWWEtBd0OVYJoKS7dNQKiddmBD5ss/52hRdX3bSA5ASZNxmd9i
qL/c/EZv7pluEFDM6U0+/l9eFMT3IUEDNQsnwtv9Ux66YQr+puShDM2z2h3IjHX/
OjZhiyq2CfUcSH3heMS2pdqEFpP/hdi+ZXY+E8Eq05XI/tZ8NXlXZyIDfBRKoD3A
SvPJVcmfFYqHf2Fbrk+s0CM3D6RquGnxd4izeCtYob94Gpk/p7Lty68cX9aW5Yq8
Fp04h2lBtIkJMg==
-----END CERTIFICATE-----