Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          flBKPYszPMfk4txea1kqwzeIWjs0T8btb89b3UNHNrM=
Subject key identifier:   99:EA:9E:61:A4:16:68:AA:D0:7A:7F:83:19:C1:05:C5:D8:8B:ED:89
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019A4EF5EBC7C7659F795EFE08523237B169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          0727
Signing time:             Tue 04 Nov 2025 13:02:10 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:10 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:10 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: Ec1244L5fIHDgatfHjBEIRIMggKKmzgYvaBs3OazVTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:eb:c7:c7:65:9f:79:5e:fe:08:52:32:37:b1:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Nov  4 13:02:10 2025 GMT
            Not After : Nov  5 13:02:10 2025 GMT
        Subject: CN=99ea9e61a41668aad07a7f8319c105c5d88bed89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:07:9e:12:d8:f3:8f:16:ac:39:ac:d1:70:73:
                    7a:67:3a:99:f8:43:cb:2b:db:5f:11:39:2f:bf:4a:
                    57:6e:21:c2:0d:05:cb:00:4d:a5:24:7e:cf:e3:b0:
                    f2:79:3c:d3:89:e1:ae:2a:ec:1a:30:da:f6:60:34:
                    e2:15:19:0c:25:dc:d6:60:24:78:fc:8e:e0:c4:06:
                    37:25:93:4d:ab:a3:4d:fa:ae:30:6d:c7:2d:9a:ee:
                    72:db:d2:7f:4f:7b:a3:6b:8b:23:2a:26:dd:53:cf:
                    99:f5:65:02:f4:df:0a:a1:88:f2:24:00:8e:94:85:
                    92:91:0c:d9:f8:2f:21:e7:9c:51:b6:fd:48:3a:3c:
                    85:5f:01:fa:42:c8:2c:01:fd:bd:00:70:ce:13:cf:
                    b6:be:25:1a:53:ca:5f:e7:1f:08:ab:c2:dc:28:f7:
                    25:c0:d0:15:cf:03:86:4f:b8:7a:c4:58:18:e1:d4:
                    b7:51:3d:6e:f8:88:70:1d:99:3e:49:0e:4d:15:dd:
                    30:f7:f2:05:20:5b:cc:f5:07:33:77:a3:7c:23:15:
                    1b:2e:6c:47:c1:a6:28:53:4b:b7:a1:3d:01:1a:d4:
                    e6:5a:e7:3f:5a:83:94:54:72:15:d0:e5:96:53:a9:
                    1d:11:b2:26:cd:c4:b7:25:fa:9f:f0:84:e3:eb:66:
                    30:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:EA:9E:61:A4:16:68:AA:D0:7A:7F:83:19:C1:05:C5:D8:8B:ED:89
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:c4:16:b4:dc:45:fd:92:3e:39:b6:e3:0b:7a:c1:69:9b:dc:
         c5:1d:cb:09:2b:08:aa:7f:db:8a:0f:68:e7:08:fb:8a:5a:8a:
         4a:aa:e0:1e:9d:35:4e:77:d4:dc:43:8c:a5:a2:49:ef:65:b2:
         16:c9:4f:4a:dd:8f:1c:91:d9:55:16:80:ed:d1:e3:0e:24:91:
         36:7f:71:d6:41:6e:f7:1a:fb:ba:df:9b:75:92:de:d7:9d:c0:
         4e:dc:bf:e4:4e:b2:12:d0:52:3c:7c:35:3c:44:43:59:8b:0c:
         0d:e2:b9:87:e2:05:97:0f:81:8b:67:3b:e7:ec:d3:f0:f3:b2:
         b7:76:6a:6b:b0:20:8d:33:1a:11:97:9e:80:75:2a:69:f7:c7:
         b5:d2:cd:1b:d4:33:63:83:26:e1:aa:63:14:61:6b:ed:b9:1b:
         e9:f0:5a:df:21:77:68:a2:12:63:48:6c:06:1a:5c:3e:19:d7:
         e9:a1:01:28:15:36:4d:52:09:ea:cf:c7:71:6f:24:5b:00:98:
         32:5f:49:39:1e:c6:d1:7b:c7:39:03:99:fa:da:e2:2c:81:01:
         bd:fc:c7:d1:ed:78:46:6b:78:cf:29:2d:dd:fa:24:99:47:52:
         6e:d9:b0:0e:dc:b0:e3:d0:17:6b:6d:94:6b:d2:82:5d:78:ce:
         04:ad:31:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9evHx2WfeV7+CFIyN7FpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUxMTA0MTMwMjEwWhcNMjUxMTA1MTMwMjEwWjAzMTEwLwYDVQQD
Eyg5OWVhOWU2MWE0MTY2OGFhZDA3YTdmODMxOWMxMDVjNWQ4OGJlZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAeeEtjzjxasOazRcHN6ZzqZ+EPL
K9tfETkvv0pXbiHCDQXLAE2lJH7P47DyeTzTieGuKuwaMNr2YDTiFRkMJdzWYCR4
/I7gxAY3JZNNq6NN+q4wbcctmu5y29J/T3uja4sjKibdU8+Z9WUC9N8KoYjyJACO
lIWSkQzZ+C8h55xRtv1IOjyFXwH6QsgsAf29AHDOE8+2viUaU8pf5x8Iq8LcKPcl
wNAVzwOGT7h6xFgY4dS3UT1u+IhwHZk+SQ5NFd0w9/IFIFvM9Qczd6N8IxUbLmxH
waYoU0u3oT0BGtTmWuc/WoOUVHIV0OWWU6kdEbImzcS3Jfqf8ITj62YwPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnqnmGkFmiq0Hp/gxnBBcXYi+2JMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8QWtNxF
/ZI+ObbjC3rBaZvcxR3LCSsIqn/big9o5wj7ilqKSqrgHp01TnfU3EOMpaJJ72Wy
FslPSt2PHJHZVRaA7dHjDiSRNn9x1kFu9xr7ut+bdZLe153ATty/5E6yEtBSPHw1
PERDWYsMDeK5h+IFlw+Bi2c75+zT8POyt3Zqa7AgjTMaEZeegHUqaffHtdLNG9Qz
Y4Mm4apjFGFr7bkb6fBa3yF3aKISY0hsBhpcPhnX6aEBKBU2TVIJ6s/HcW8kWwCY
Ml9JOR7G0XvHOQOZ+triLIEBvfzH0e14Rmt4zykt3fokmUdSbtmwDtyw49AXa22U
a9KCXXjOBK0xzg==
-----END CERTIFICATE-----