Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
File:                     YE1FsSrOCsIjA-08d5S4MGpqtbA.mft (raw, json)
Hash identifier:          niPg58YRlJj3gc/H4qQxwqqnRBcblYlSCwTmtjnKJXo=
Subject key identifier:   7A:ED:51:0A:A6:4F:12:A7:E2:00:07:86:F4:CB:93:2E:87:F1:C5:4B
Authority key identifier: 60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0
Certificate issuer:       /CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
Certificate serial:       019A4D078F63700BCDF5DACE6A59D361EFEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
Manifest number:          169C
Signing time:             Tue 04 Nov 2025 04:02:12 +0000
Manifest this update:     Tue 04 Nov 2025 04:02:12 +0000
Manifest next update:     Wed 05 Nov 2025 04:02:12 +0000
Files and hashes:         1: YE1FsSrOCsIjA-08d5S4MGpqtbA.crl (hash: 7gNvrv6jW8XengTPcea+lfs9AttD5wzKeV29kZupsPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:8f:63:70:0b:cd:f5:da:ce:6a:59:d3:61:ef:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
        Validity
            Not Before: Nov  4 04:02:12 2025 GMT
            Not After : Nov  5 04:02:12 2025 GMT
        Subject: CN=7aed510aa64f12a7e2000786f4cb932e87f1c54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f5:08:f9:f1:bc:3b:c6:28:3a:3f:50:3c:8e:
                    76:40:ff:65:50:ed:be:5c:e5:33:9d:6d:6f:76:50:
                    17:92:41:62:3f:12:1d:30:9d:24:8e:e4:8f:b2:26:
                    aa:28:29:a4:0d:7e:de:2d:d3:b9:d3:a2:af:30:84:
                    8a:a1:7a:f3:9e:0c:03:83:91:36:f4:c6:82:6e:af:
                    5e:4b:3f:5b:a3:d6:47:41:40:d7:54:7f:64:60:3c:
                    3e:d8:7a:04:d5:67:e0:dc:bd:51:e1:f0:e5:6c:88:
                    74:4b:1f:f6:7c:4e:30:7f:aa:44:69:36:69:ed:05:
                    69:ed:67:6d:33:0b:bc:18:7c:cc:ae:5b:6d:44:73:
                    8f:f3:e9:b3:99:b6:ad:80:a4:b6:a7:f4:cf:3f:45:
                    0d:cb:21:c6:7a:d6:6a:56:16:d7:63:27:92:23:4a:
                    c5:ed:19:39:0f:dc:17:8f:d4:ea:04:97:f0:f3:61:
                    ae:79:ab:0c:78:7b:1c:76:ba:38:39:ff:e8:2e:df:
                    43:b6:55:58:87:fa:9c:15:58:fb:a1:00:fb:76:c6:
                    72:67:64:25:82:5e:e9:f1:21:d9:f3:a5:02:f3:06:
                    2d:a3:91:b5:53:4a:6b:4d:cc:0a:76:97:1f:34:b7:
                    3f:33:19:f2:df:c8:d1:1a:1b:a3:6d:c2:76:1e:7f:
                    62:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:ED:51:0A:A6:4F:12:A7:E2:00:07:86:F4:CB:93:2E:87:F1:C5:4B
            X509v3 Authority Key Identifier:
                keyid:60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:96:16:fb:f2:9d:6b:e1:57:b4:90:27:2e:dc:8f:04:1c:fd:
         bc:df:5c:40:8e:76:9b:3a:e3:f8:fc:67:f0:0a:53:5a:fa:6e:
         21:98:78:a6:6e:4a:82:c2:84:fb:6a:ce:81:8e:dd:4c:76:97:
         ce:21:9b:c0:01:a9:ac:59:bb:8b:37:f6:2f:b3:74:63:a9:a7:
         32:e4:1f:73:d4:03:62:1b:32:5a:fb:26:de:eb:90:08:37:37:
         40:64:13:60:47:3f:08:9e:2f:d2:b8:4e:8b:df:ea:e8:bc:6e:
         5a:5d:c7:64:4e:4a:90:74:a6:39:c6:4a:41:70:63:a3:0d:fd:
         c8:ad:55:e7:02:8b:41:54:f1:6c:ed:20:d8:03:9f:64:a1:e8:
         74:b1:27:a6:7a:bf:6b:7b:29:27:b9:da:94:dd:07:4c:c5:aa:
         0c:f5:19:af:e2:57:28:13:ed:75:cc:b2:ae:2b:e7:d0:3d:05:
         e5:6a:74:b9:21:a6:69:2f:40:81:ca:2a:cc:20:75:80:e9:01:
         b2:3f:ae:21:27:72:5b:fb:b5:48:2f:6a:f9:c7:3b:9b:56:57:
         d8:35:ee:5f:6b:67:99:85:1c:79:d7:8f:d2:93:5a:cd:c2:3c:
         54:25:84:6e:b3:1e:36:84:0d:96:c5:9c:cd:25:d7:cb:83:fd:
         d0:ca:d7:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNB49jcAvN9drOalnTYe/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNGQ0NWIxMmFjZTBhYzIyMzAzZWQzYzc3OTRiODMwNmE2
YWI1YjAwHhcNMjUxMTA0MDQwMjEyWhcNMjUxMTA1MDQwMjEyWjAzMTEwLwYDVQQD
Eyg3YWVkNTEwYWE2NGYxMmE3ZTIwMDA3ODZmNGNiOTMyZTg3ZjFjNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfUI+fG8O8YoOj9QPI52QP9lUO2+
XOUznW1vdlAXkkFiPxIdMJ0kjuSPsiaqKCmkDX7eLdO506KvMISKoXrzngwDg5E2
9MaCbq9eSz9bo9ZHQUDXVH9kYDw+2HoE1Wfg3L1R4fDlbIh0Sx/2fE4wf6pEaTZp
7QVp7WdtMwu8GHzMrlttRHOP8+mzmbatgKS2p/TPP0UNyyHGetZqVhbXYyeSI0rF
7Rk5D9wXj9TqBJfw82GueasMeHscdro4Of/oLt9DtlVYh/qcFVj7oQD7dsZyZ2Ql
gl7p8SHZ86UC8wYto5G1U0prTcwKdpcfNLc/Mxny38jRGhujbcJ2Hn9igwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrtUQqmTxKn4gAHhvTLky6H8cVLMB8GA1UdIwQY
MBaAFGBNRbEqzgrCIwPtPHeUuDBqarWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWIt
Mzc1N2Y5MzA4YWNjLzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWItMzc1N2Y5MzA4YWNj
LzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5YW+/Kd
a+FXtJAnLtyPBBz9vN9cQI52mzrj+Pxn8ApTWvpuIZh4pm5KgsKE+2rOgY7dTHaX
ziGbwAGprFm7izf2L7N0Y6mnMuQfc9QDYhsyWvsm3uuQCDc3QGQTYEc/CJ4v0rhO
i9/q6LxuWl3HZE5KkHSmOcZKQXBjow39yK1V5wKLQVTxbO0g2AOfZKHodLEnpnq/
a3spJ7nalN0HTMWqDPUZr+JXKBPtdcyyrivn0D0F5Wp0uSGmaS9AgcoqzCB1gOkB
sj+uISdyW/u1SC9q+cc7m1ZX2DXuX2tnmYUcedeP0pNazcI8VCWEbrMeNoQNlsWc
zSXXy4P90MrX3A==
-----END CERTIFICATE-----