Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          AS0UKB0nrw0iUgL/U0wdjGCatD+3UhEeux48lxyFA2w=
Subject key identifier:   68:66:8B:71:0A:E2:ED:03:EC:CF:1D:FD:34:D7:D7:BB:F1:30:EB:77
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019A4EF52734CF08E79F396329BE7FEC5FC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0A4E
Signing time:             Tue 04 Nov 2025 13:01:20 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:20 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:20 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: pda4TvhnjxV3b1JyGVy5uYLnWpz9VI8ndYi0sksA86g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:27:34:cf:08:e7:9f:39:63:29:be:7f:ec:5f:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Nov  4 13:01:20 2025 GMT
            Not After : Nov  5 13:01:20 2025 GMT
        Subject: CN=68668b710ae2ed03eccf1dfd34d7d7bbf130eb77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7b:f5:6c:25:ef:42:87:7c:0a:8b:3a:1e:a8:
                    f7:24:fe:81:cd:25:a8:9d:68:d0:1d:7f:d5:7a:91:
                    5a:f4:8f:d0:e4:90:b5:73:18:bc:79:38:29:22:8d:
                    c2:51:01:0f:f8:05:b3:f5:da:a7:86:58:1b:42:83:
                    1d:3f:c9:66:81:86:a5:49:9b:ca:9e:f4:45:5f:16:
                    70:70:a2:77:e6:3c:bc:d7:8c:77:20:86:e5:d1:fe:
                    8b:65:a6:0c:2e:df:48:0e:de:5a:60:cf:8d:13:6a:
                    8e:b3:dc:e1:ef:82:9b:ee:65:16:6e:38:b8:79:58:
                    89:7a:70:01:0f:e8:2c:3d:13:1f:2a:37:73:28:ab:
                    ac:ce:ac:5e:f7:54:c8:df:d1:4c:3c:28:c3:26:89:
                    aa:4a:f0:47:be:0e:63:9c:1e:b2:fa:97:fb:d3:22:
                    25:07:96:c4:85:9b:56:57:0e:f8:0d:a5:c5:6d:b8:
                    35:d6:20:2e:98:1f:41:68:96:f2:98:fd:0b:35:bf:
                    e9:23:51:1c:c6:f9:a5:23:70:59:74:48:1a:90:f5:
                    7e:87:04:27:3e:e4:bb:fb:b2:a1:b0:44:f3:15:14:
                    35:1f:d7:fc:f5:7b:3b:87:a0:bd:ed:87:ce:82:d4:
                    9a:0d:50:4a:c1:ef:d5:3b:62:42:9d:66:5f:3f:1c:
                    95:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:66:8B:71:0A:E2:ED:03:EC:CF:1D:FD:34:D7:D7:BB:F1:30:EB:77
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:23:ae:21:47:77:68:f7:6c:c5:ae:23:c9:31:5e:0e:55:81:
         58:72:3b:f5:e2:73:18:9c:07:7c:83:38:c0:8f:5a:c8:8f:db:
         d1:6c:a8:ef:4f:a8:91:54:5b:0e:b1:11:41:26:f6:3c:7b:24:
         31:29:ec:02:e6:dc:1a:5b:54:89:ea:f6:f1:6c:ed:1a:7a:c8:
         eb:32:83:95:86:03:34:3f:34:90:89:24:1f:12:d7:91:75:e3:
         ea:26:2c:bb:40:32:1e:38:54:fb:02:8d:5f:82:2b:f5:1d:f5:
         ba:57:a9:29:bc:6f:27:81:6a:d0:e0:c8:f8:99:79:21:5c:24:
         64:46:4b:27:74:43:91:a2:ae:48:ba:a6:08:67:66:22:18:4a:
         54:0c:a4:55:cb:ac:7d:01:9f:57:7d:d1:4e:d4:9d:e5:59:b0:
         65:af:28:7f:05:13:09:7f:e9:c4:2c:29:69:38:6e:0b:20:ce:
         db:79:94:9e:e4:68:0c:da:e8:f1:74:63:d6:ce:aa:81:d4:b0:
         8c:be:66:54:98:86:08:b8:7b:ba:09:98:35:0e:c3:01:0d:93:
         f2:4b:7f:11:e9:0d:1b:81:8c:d6:b1:85:53:e5:7c:fb:bd:5d:
         d9:bc:87:0c:de:99:8f:ad:bd:80:4a:07:f4:82:a8:14:da:52:
         09:54:26:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Sc0zwjnnzljKb5/7F/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjUxMTA0MTMwMTIwWhcNMjUxMTA1MTMwMTIwWjAzMTEwLwYDVQQD
Eyg2ODY2OGI3MTBhZTJlZDAzZWNjZjFkZmQzNGQ3ZDdiYmYxMzBlYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnv1bCXvQod8Cos6Hqj3JP6BzSWo
nWjQHX/VepFa9I/Q5JC1cxi8eTgpIo3CUQEP+AWz9dqnhlgbQoMdP8lmgYalSZvK
nvRFXxZwcKJ35jy814x3IIbl0f6LZaYMLt9IDt5aYM+NE2qOs9zh74Kb7mUWbji4
eViJenABD+gsPRMfKjdzKKuszqxe91TI39FMPCjDJomqSvBHvg5jnB6y+pf70yIl
B5bEhZtWVw74DaXFbbg11iAumB9BaJbymP0LNb/pI1EcxvmlI3BZdEgakPV+hwQn
PuS7+7KhsETzFRQ1H9f89Xs7h6C97YfOgtSaDVBKwe/VO2JCnWZfPxyVtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhmi3EK4u0D7M8d/TTX17vxMOt3MB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtiOuIUd3
aPdsxa4jyTFeDlWBWHI79eJzGJwHfIM4wI9ayI/b0Wyo70+okVRbDrERQSb2PHsk
MSnsAubcGltUier28WztGnrI6zKDlYYDND80kIkkHxLXkXXj6iYsu0AyHjhU+wKN
X4Ir9R31ulepKbxvJ4Fq0ODI+Jl5IVwkZEZLJ3RDkaKuSLqmCGdmIhhKVAykVcus
fQGfV33RTtSd5VmwZa8ofwUTCX/pxCwpaThuCyDO23mUnuRoDNro8XRj1s6qgdSw
jL5mVJiGCLh7ugmYNQ7DAQ2T8kt/EekNG4GM1rGFU+V8+71d2byHDN6Zj629gEoH
9IKoFNpSCVQmPQ==
-----END CERTIFICATE-----