Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          h3zxMe5f0fJ8P/AvY+9Zii8y4jz03K9593VUqfZZn44=
Subject key identifier:   4D:61:AA:32:C4:FD:35:5B:85:2C:32:E1:6C:C6:6A:3E:1E:A8:50:23
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019A4EF538077CA9E8B4C37BDF5260703B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0C2E
Signing time:             Tue 04 Nov 2025 13:01:24 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:24 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:24 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: 2CjM2IrGOJPorAp2Qs8115irOE+RBbLoVgpbPK7nV2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:38:07:7c:a9:e8:b4:c3:7b:df:52:60:70:3b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Nov  4 13:01:24 2025 GMT
            Not After : Nov  5 13:01:24 2025 GMT
        Subject: CN=4d61aa32c4fd355b852c32e16cc66a3e1ea85023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:36:49:f6:ef:f8:81:20:f6:2a:d9:6a:15:8e:
                    e2:9d:01:e6:71:26:84:dc:8e:b3:a8:1c:d2:40:3f:
                    37:52:f3:80:eb:ad:9c:2f:1e:f0:ef:6c:0c:c8:63:
                    7c:14:3a:c9:bf:22:d5:ce:1b:3f:e4:28:1c:e1:7f:
                    f4:f7:5d:44:dd:05:72:a8:72:f5:e0:fd:77:bf:45:
                    27:20:ce:59:d6:91:32:6c:65:f9:ed:8c:a7:0e:d9:
                    88:ab:71:d9:32:aa:bc:66:ac:32:d4:b4:95:78:46:
                    98:45:0c:e1:5a:11:f7:0c:97:23:c0:be:ae:70:dd:
                    ae:10:ed:0f:c7:e9:77:db:cf:42:f5:23:01:c5:2f:
                    ce:46:c7:03:25:3c:dc:02:77:2c:9a:51:a1:59:90:
                    27:75:e6:d4:54:39:09:0f:60:6d:1d:25:3b:26:4f:
                    cc:11:d1:34:18:03:a9:5d:05:8e:28:c9:12:4a:8f:
                    8b:46:e0:0b:e5:9e:cc:72:3d:12:b4:fd:f2:60:4b:
                    01:b9:02:73:ae:0c:45:67:61:97:02:4e:c3:97:f5:
                    05:56:1f:f7:17:62:9d:98:2c:2b:5b:67:e9:01:77:
                    86:5b:e6:58:c5:9e:b6:da:49:e8:3a:a2:41:6b:ed:
                    a7:60:b3:6b:3b:01:df:68:17:d7:33:0c:38:5f:8c:
                    58:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:61:AA:32:C4:FD:35:5B:85:2C:32:E1:6C:C6:6A:3E:1E:A8:50:23
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:92:f0:3a:62:85:71:a1:bf:a0:dd:25:82:a7:14:19:fc:29:
         f7:42:9b:19:96:05:87:da:86:19:3e:1b:b3:35:de:1f:e0:46:
         c6:93:75:81:b8:c1:b5:86:c5:66:20:39:0a:d3:36:2c:e4:ed:
         55:8a:d0:59:07:b0:c5:2a:b8:de:a1:4f:44:86:a9:d8:f5:33:
         f4:b5:c9:02:ca:88:03:d5:00:1a:89:7a:6f:c3:67:23:f5:58:
         7a:4d:84:e7:9d:fe:b9:4e:e3:4e:01:30:73:6c:63:9a:21:46:
         eb:cd:c4:9c:b5:a4:f0:ff:c3:08:b6:04:bf:1f:24:00:29:50:
         82:6b:7d:17:12:bd:bc:4d:74:a4:4c:78:61:6c:4b:f3:7a:d0:
         09:f7:ad:f3:6c:86:d7:74:cc:51:b4:64:a6:b7:b7:98:50:75:
         cd:ab:96:a9:db:9e:9e:2e:e7:64:0c:0b:d7:25:83:a7:b5:70:
         13:88:b3:84:a4:a6:bf:36:df:1a:78:7e:2f:bf:ac:67:ce:57:
         88:12:48:c2:5c:57:a6:04:cc:eb:26:64:4c:0f:fd:e7:b8:3c:
         0c:95:b1:5b:69:0c:ab:6e:0b:80:4c:1c:32:4b:07:44:27:39:
         60:39:2a:8b:b5:b6:df:60:d2:d5:0d:1a:ae:c3:0e:76:4e:4f:
         65:90:92:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TgHfKnotMN731JgcDtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjUxMTA0MTMwMTI0WhcNMjUxMTA1MTMwMTI0WjAzMTEwLwYDVQQD
Eyg0ZDYxYWEzMmM0ZmQzNTViODUyYzMyZTE2Y2M2NmEzZTFlYTg1MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDZJ9u/4gSD2KtlqFY7inQHmcSaE
3I6zqBzSQD83UvOA662cLx7w72wMyGN8FDrJvyLVzhs/5Cgc4X/0911E3QVyqHL1
4P13v0UnIM5Z1pEybGX57YynDtmIq3HZMqq8Zqwy1LSVeEaYRQzhWhH3DJcjwL6u
cN2uEO0Px+l3289C9SMBxS/ORscDJTzcAncsmlGhWZAndebUVDkJD2BtHSU7Jk/M
EdE0GAOpXQWOKMkSSo+LRuAL5Z7Mcj0StP3yYEsBuQJzrgxFZ2GXAk7Dl/UFVh/3
F2KdmCwrW2fpAXeGW+ZYxZ622knoOqJBa+2nYLNrOwHfaBfXMww4X4xYjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1hqjLE/TVbhSwy4WzGaj4eqFAjMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZLwOmKF
caG/oN0lgqcUGfwp90KbGZYFh9qGGT4bszXeH+BGxpN1gbjBtYbFZiA5CtM2LOTt
VYrQWQewxSq43qFPRIap2PUz9LXJAsqIA9UAGol6b8NnI/VYek2E553+uU7jTgEw
c2xjmiFG683EnLWk8P/DCLYEvx8kAClQgmt9FxK9vE10pEx4YWxL83rQCfet82yG
13TMUbRkpre3mFB1zauWqdueni7nZAwL1yWDp7VwE4izhKSmvzbfGnh+L7+sZ85X
iBJIwlxXpgTM6yZkTA/957g8DJWxW2kMq24LgEwcMksHRCc5YDkqi7W232DS1Q0a
rsMOdk5PZZCShg==
-----END CERTIFICATE-----