Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          DnuyJBJhx6bOewCt6VxNRlu+trqB1kC3ipUeYBbwrQ8=
Subject key identifier:   19:95:B8:ED:D2:BB:1A:97:56:BD:2E:87:AD:53:35:26:91:EB:83:12
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019A5451B001417EF53444F014B410440D53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          05A9
Signing time:             Wed 05 Nov 2025 14:00:30 +0000
Manifest this update:     Wed 05 Nov 2025 14:00:30 +0000
Manifest next update:     Thu 06 Nov 2025 14:00:30 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: E7srlFq12T04XkHcVCCwrWTg4/f9KrV/eHQcA9T3xN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:51:b0:01:41:7e:f5:34:44:f0:14:b4:10:44:0d:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Nov  5 14:00:30 2025 GMT
            Not After : Nov  6 14:00:30 2025 GMT
        Subject: CN=1995b8edd2bb1a9756bd2e87ad53352691eb8312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:98:8a:97:10:ad:c9:8a:38:0c:95:0b:a1:67:
                    3c:47:2e:9e:a2:45:ad:37:a0:8e:1a:e2:18:dd:aa:
                    a1:6e:39:3a:2f:ea:44:9f:8c:2a:17:b6:5a:b6:88:
                    bf:d0:95:b3:8b:31:53:46:d1:e2:6c:5b:32:b6:dd:
                    5c:bb:a4:82:cf:8a:1f:45:69:74:68:0e:ad:2b:81:
                    d0:42:0a:b7:86:0c:b2:91:b9:e5:05:6c:64:e2:2c:
                    3a:ed:cd:34:bc:95:a7:af:71:0b:58:bb:a3:34:15:
                    9c:cf:d3:da:9c:0d:9a:55:cd:4e:cf:09:a3:2f:ee:
                    ea:27:43:8f:c3:5e:cb:2f:bc:f7:9c:38:d7:ca:5c:
                    b0:94:9a:09:2d:d7:39:01:d2:fc:a4:38:0a:ff:f9:
                    5e:56:15:f3:14:15:4d:32:03:16:7a:0a:17:3a:9f:
                    7e:8d:d9:7f:89:03:da:dc:b9:69:42:f2:74:90:8b:
                    e6:52:ad:45:35:fe:85:8d:84:55:d7:4d:5e:6d:49:
                    0c:4d:99:14:cf:51:09:9a:b7:c8:86:eb:50:fc:96:
                    54:73:a5:a6:7e:21:3c:63:ca:8c:fc:05:47:47:a8:
                    3c:3a:5a:29:9a:7b:0c:5a:49:82:8e:01:fd:a9:0f:
                    07:29:e0:26:4b:19:08:e8:b2:a8:21:18:a8:88:19:
                    68:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:95:B8:ED:D2:BB:1A:97:56:BD:2E:87:AD:53:35:26:91:EB:83:12
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:c7:f0:91:5c:a8:c1:5c:1e:5d:93:21:a8:6d:f7:3e:48:63:
         85:1c:e8:38:21:69:ef:04:22:f5:35:bd:e4:68:cc:43:1f:38:
         c9:7b:b4:b7:13:be:30:88:3d:66:d6:20:eb:1f:45:50:08:5d:
         90:ca:dc:57:05:2f:0d:26:88:f0:88:44:22:46:5d:7e:ce:77:
         80:e6:61:87:f8:74:d4:99:00:17:36:8d:c4:fd:d0:aa:00:c0:
         d5:f0:33:eb:f7:b1:22:9e:d2:8c:04:b6:e8:ee:af:17:31:04:
         b1:3c:a7:d2:f5:b1:89:6a:40:0c:0a:d1:1d:26:12:3a:70:b1:
         0b:31:28:ed:05:31:88:17:8d:9e:84:e3:d7:80:84:b1:d4:69:
         61:d3:db:90:11:a6:89:e0:fb:f6:a4:48:2c:b1:9a:cd:31:20:
         5e:0a:7f:9e:0a:41:e0:59:14:a2:2b:3e:29:68:14:67:26:4a:
         46:7d:1e:3b:10:5d:58:75:81:40:1c:14:16:52:b5:3b:e0:1e:
         d4:1a:cd:57:42:6e:47:0b:56:ef:c6:ea:9e:d4:95:fb:fe:9d:
         ce:72:f1:98:cd:b5:4a:f0:83:62:83:f6:84:20:54:07:50:d9:
         67:fe:5e:68:3f:b6:69:a0:f4:4a:d3:4d:6c:1f:04:77:8f:d4:
         19:67:0b:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUUbABQX71NETwFLQQRA1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUxMTA1MTQwMDMwWhcNMjUxMTA2MTQwMDMwWjAzMTEwLwYDVQQD
EygxOTk1YjhlZGQyYmIxYTk3NTZiZDJlODdhZDUzMzUyNjkxZWI4MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJiKlxCtyYo4DJULoWc8Ry6eokWt
N6COGuIY3aqhbjk6L+pEn4wqF7Zatoi/0JWzizFTRtHibFsytt1cu6SCz4ofRWl0
aA6tK4HQQgq3hgyykbnlBWxk4iw67c00vJWnr3ELWLujNBWcz9PanA2aVc1Ozwmj
L+7qJ0OPw17LL7z3nDjXylywlJoJLdc5AdL8pDgK//leVhXzFBVNMgMWegoXOp9+
jdl/iQPa3LlpQvJ0kIvmUq1FNf6FjYRV101ebUkMTZkUz1EJmrfIhutQ/JZUc6Wm
fiE8Y8qM/AVHR6g8OlopmnsMWkmCjgH9qQ8HKeAmSxkI6LKoIRioiBloHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmVuO3SuxqXVr0uh61TNSaR64MSMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArMfwkVyo
wVweXZMhqG33PkhjhRzoOCFp7wQi9TW95GjMQx84yXu0txO+MIg9ZtYg6x9FUAhd
kMrcVwUvDSaI8IhEIkZdfs53gOZhh/h01JkAFzaNxP3QqgDA1fAz6/exIp7SjAS2
6O6vFzEEsTyn0vWxiWpADArRHSYSOnCxCzEo7QUxiBeNnoTj14CEsdRpYdPbkBGm
ieD79qRILLGazTEgXgp/ngpB4FkUois+KWgUZyZKRn0eOxBdWHWBQBwUFlK1O+Ae
1BrNV0JuRwtW78bqntSV+/6dznLxmM21SvCDYoP2hCBUB1DZZ/5eaD+2aaD0StNN
bB8Ed4/UGWcLmg==
-----END CERTIFICATE-----