Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          ukcUtcs+04gE79lb2VLyNSwytCL90OHhZ/UhttzUk/Y=
Subject key identifier:   C4:7A:95:36:2A:7C:E9:CC:E9:F4:E7:08:58:EB:1E:88:87:EE:84:3C
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019A4E4FCB49D48E9D0CDFAB704CAD8FBBA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0DEC
Signing time:             Tue 04 Nov 2025 10:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:43 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: 1qIsDLbar5mW7g2w55Ln0vAGu2QlNWICIMuB8Yp6kck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:cb:49:d4:8e:9d:0c:df:ab:70:4c:ad:8f:bb:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Nov  4 10:00:43 2025 GMT
            Not After : Nov  5 10:00:43 2025 GMT
        Subject: CN=c47a95362a7ce9cce9f4e70858eb1e8887ee843c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e5:d8:10:48:ac:47:b6:81:e1:43:10:b6:66:
                    aa:9e:33:d5:5a:3e:4a:34:ef:7c:3b:c4:c6:2d:68:
                    b4:ee:6c:fc:41:75:c3:6a:a6:29:67:3a:37:06:cf:
                    5f:b6:7d:41:81:dc:f4:a0:80:9c:7d:a3:95:51:6a:
                    b5:c0:e2:32:c0:77:f8:e3:15:d1:4c:c5:aa:10:b8:
                    30:10:09:51:fa:d6:78:0a:2e:fd:ef:87:ca:1f:91:
                    ad:a3:2b:95:75:08:41:5e:0b:f2:ca:ea:40:11:36:
                    2b:05:7b:f9:9c:28:6c:39:ec:5b:41:37:d3:02:f7:
                    7f:5c:68:ca:42:d8:1c:16:c1:4d:9c:f2:74:f5:39:
                    e5:91:d2:d6:83:77:42:4d:6b:ec:69:f7:16:05:de:
                    9f:4a:58:aa:02:28:56:e4:58:a2:d1:f3:01:08:3b:
                    60:89:07:d6:f4:25:4b:a2:a8:55:7f:da:0c:fe:88:
                    ce:c3:32:cc:83:2a:23:e2:83:e0:69:9f:32:e8:af:
                    c9:ce:ad:ff:5c:4e:3a:28:89:9a:a6:f9:db:61:1d:
                    91:59:47:77:1e:ec:ac:35:4d:f9:21:d9:17:7d:e4:
                    a2:5e:06:4d:c7:74:64:d6:ec:b3:2f:72:81:07:46:
                    65:ae:d5:81:37:85:0c:c5:4c:28:a4:58:20:9d:d1:
                    9e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:7A:95:36:2A:7C:E9:CC:E9:F4:E7:08:58:EB:1E:88:87:EE:84:3C
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:62:a3:13:73:d7:02:bc:17:d4:8d:9f:f7:a5:1c:f3:a3:d0:
         13:ce:70:18:9c:bd:cd:71:97:10:a2:49:bf:28:ad:b5:02:c2:
         ae:b3:c1:24:e8:82:fa:f2:34:d8:07:a2:84:5a:c8:62:2f:f8:
         09:da:75:10:a7:70:ac:35:a6:58:18:46:f0:35:fd:0f:ed:bf:
         09:88:f0:4b:79:08:ab:e1:36:67:ae:18:d1:fa:52:9f:16:3b:
         ee:0d:9d:df:e2:9d:64:69:25:53:78:fa:8c:3a:1d:c8:c9:bc:
         b5:da:05:05:d6:87:ca:98:19:e4:80:c2:fd:52:15:cb:54:0d:
         b1:7c:97:f5:45:c5:8f:5d:91:62:87:de:44:52:16:01:55:80:
         91:2a:93:34:67:bc:32:cf:2d:98:75:ec:d1:d6:3a:85:14:f1:
         21:77:fc:3f:eb:8f:c0:d5:78:1a:84:22:e4:89:4f:34:ad:ad:
         76:25:ff:ad:5e:80:a5:22:05:b5:12:52:3a:11:58:b2:5f:87:
         0c:69:51:80:ad:75:01:d5:1d:a2:8e:44:c4:64:e6:62:1d:a7:
         8f:d2:e9:a6:10:28:15:a8:a9:d2:e4:4c:22:85:cf:2f:7d:00:
         82:83:af:dd:1f:a0:88:c1:f7:34:19:0b:81:0f:14:df:9f:af:
         ae:75:a6:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT8tJ1I6dDN+rcEytj7ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjUxMTA0MTAwMDQzWhcNMjUxMTA1MTAwMDQzWjAzMTEwLwYDVQQD
EyhjNDdhOTUzNjJhN2NlOWNjZTlmNGU3MDg1OGViMWU4ODg3ZWU4NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreXYEEisR7aB4UMQtmaqnjPVWj5K
NO98O8TGLWi07mz8QXXDaqYpZzo3Bs9ftn1Bgdz0oICcfaOVUWq1wOIywHf44xXR
TMWqELgwEAlR+tZ4Ci7974fKH5GtoyuVdQhBXgvyyupAETYrBXv5nChsOexbQTfT
Avd/XGjKQtgcFsFNnPJ09TnlkdLWg3dCTWvsafcWBd6fSliqAihW5Fii0fMBCDtg
iQfW9CVLoqhVf9oM/ojOwzLMgyoj4oPgaZ8y6K/Jzq3/XE46KImapvnbYR2RWUd3
HuysNU35IdkXfeSiXgZNx3Rk1uyzL3KBB0ZlrtWBN4UMxUwopFggndGeuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMR6lTYqfOnM6fTnCFjrHoiH7oQ8MB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2KjE3PX
ArwX1I2f96Uc86PQE85wGJy9zXGXEKJJvyittQLCrrPBJOiC+vI02AeihFrIYi/4
Cdp1EKdwrDWmWBhG8DX9D+2/CYjwS3kIq+E2Z64Y0fpSnxY77g2d3+KdZGklU3j6
jDodyMm8tdoFBdaHypgZ5IDC/VIVy1QNsXyX9UXFj12RYofeRFIWAVWAkSqTNGe8
Ms8tmHXs0dY6hRTxIXf8P+uPwNV4GoQi5IlPNK2tdiX/rV6ApSIFtRJSOhFYsl+H
DGlRgK11AdUdoo5ExGTmYh2nj9LpphAoFaip0uRMIoXPL30AgoOv3R+giMH3NBkL
gQ8U35+vrnWmYg==
-----END CERTIFICATE-----