Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          QcT6pJ4p6DSPs12rIzizG94obxMz0IywN0gadgsomVc=
Subject key identifier:   D0:CF:2B:EB:1D:3C:BF:1A:34:19:92:E1:FB:53:D7:48:BB:43:94:E4
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       019A70A5806FA5F7EE2CCDB13DFD6CAEF6A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          0A36
Signing time:             Tue 11 Nov 2025 02:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:25 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: H/78LT0L9UrWnpKK/5uDQq+izP1CEPqWxAeYReQAeKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:80:6f:a5:f7:ee:2c:cd:b1:3d:fd:6c:ae:f6:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Nov 11 02:01:25 2025 GMT
            Not After : Nov 12 02:01:25 2025 GMT
        Subject: CN=d0cf2beb1d3cbf1a341992e1fb53d748bb4394e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e6:b6:5b:5b:67:b6:0d:e0:bb:d8:96:fd:f8:
                    37:3e:ce:94:83:d0:2a:99:aa:03:06:fa:4b:32:03:
                    e0:c4:d8:1f:19:35:d2:ed:14:ed:08:24:f6:8b:7a:
                    02:19:08:c3:6f:d5:bb:4f:1b:e0:62:16:3a:1b:28:
                    a7:71:62:42:b0:35:77:97:11:b1:24:ef:e5:ef:d6:
                    f4:bd:2d:f1:70:b7:bb:04:38:33:27:fc:92:27:47:
                    b6:16:9c:f9:57:0e:a1:cd:22:99:f2:bf:be:b5:6c:
                    04:90:98:25:00:a3:c4:08:14:ba:bb:d6:0c:a0:25:
                    30:08:fc:fa:c6:53:67:7c:4d:90:07:ea:c3:df:a0:
                    18:fd:f0:e4:58:99:9b:6c:41:c0:a4:38:90:c0:9a:
                    08:22:fd:92:5b:ed:4a:ce:28:9b:70:3f:3c:92:d9:
                    67:2c:1d:28:fd:b8:d0:ec:14:6e:70:1e:3c:f8:25:
                    5d:c8:c7:ea:24:78:65:b7:cb:3d:f1:f5:8a:13:35:
                    a5:af:c5:db:de:5d:d8:e5:a5:47:82:7b:7a:f2:43:
                    48:b5:8c:59:13:a6:0f:85:c6:d5:fa:10:90:ad:43:
                    10:2f:55:fd:03:8f:8d:ea:a9:c6:d7:24:71:5e:88:
                    c2:42:2f:88:f1:77:03:9e:f1:cf:ee:1e:c0:5b:20:
                    16:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:CF:2B:EB:1D:3C:BF:1A:34:19:92:E1:FB:53:D7:48:BB:43:94:E4
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:c4:ef:7b:64:a4:8e:2c:3e:73:ba:0b:58:d5:98:51:3e:36:
         db:11:4a:fa:dc:35:3e:7c:04:ac:86:e9:17:87:f5:4a:a6:74:
         a7:5c:0c:06:c1:9c:07:22:2b:10:b0:a2:2b:51:c2:d4:5d:8c:
         1b:0f:6a:44:a0:13:a8:36:69:ef:23:86:05:66:a4:6f:98:18:
         b1:3d:b0:05:19:c2:35:1d:c1:16:c2:fd:5a:e1:6c:df:12:c7:
         a7:57:97:4a:e9:e1:9f:84:22:eb:93:86:55:d0:e4:01:bc:9f:
         bc:7b:20:e4:73:a0:9b:fa:8a:20:4e:c2:62:1e:fe:24:9e:b4:
         84:5d:af:f2:91:10:6e:af:aa:65:69:d1:49:87:a1:45:8b:a2:
         f6:25:78:e5:96:61:47:8b:ee:77:aa:dd:89:09:47:3f:58:1b:
         30:6b:38:da:b5:94:a7:09:b2:fb:6c:eb:b4:88:5e:9f:77:00:
         29:fc:83:ed:37:83:76:7b:c8:bf:b8:d8:94:06:f1:0f:e9:6a:
         79:96:d5:c9:7f:cf:ec:d0:f8:31:4f:5c:d2:cf:54:a5:e6:5c:
         c6:31:56:a3:29:e7:8f:4a:fe:77:3a:4d:5a:d3:69:92:4c:43:
         39:d3:a3:71:ec:cc:b9:1d:07:20:ea:04:5d:da:4a:86:bd:6a:
         45:68:24:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpYBvpffuLM2xPf1srvagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUxMTExMDIwMTI1WhcNMjUxMTEyMDIwMTI1WjAzMTEwLwYDVQQD
EyhkMGNmMmJlYjFkM2NiZjFhMzQxOTkyZTFmYjUzZDc0OGJiNDM5NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOa2W1tntg3gu9iW/fg3Ps6Ug9Aq
maoDBvpLMgPgxNgfGTXS7RTtCCT2i3oCGQjDb9W7TxvgYhY6GyincWJCsDV3lxGx
JO/l79b0vS3xcLe7BDgzJ/ySJ0e2Fpz5Vw6hzSKZ8r++tWwEkJglAKPECBS6u9YM
oCUwCPz6xlNnfE2QB+rD36AY/fDkWJmbbEHApDiQwJoIIv2SW+1KziibcD88ktln
LB0o/bjQ7BRucB48+CVdyMfqJHhlt8s98fWKEzWlr8Xb3l3Y5aVHgnt68kNItYxZ
E6YPhcbV+hCQrUMQL1X9A4+N6qnG1yRxXojCQi+I8XcDnvHP7h7AWyAWgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDPK+sdPL8aNBmS4ftT10i7Q5TkMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAcTve2Sk
jiw+c7oLWNWYUT422xFK+tw1PnwErIbpF4f1SqZ0p1wMBsGcByIrELCiK1HC1F2M
Gw9qRKATqDZp7yOGBWakb5gYsT2wBRnCNR3BFsL9WuFs3xLHp1eXSunhn4Qi65OG
VdDkAbyfvHsg5HOgm/qKIE7CYh7+JJ60hF2v8pEQbq+qZWnRSYehRYui9iV45ZZh
R4vud6rdiQlHP1gbMGs42rWUpwmy+2zrtIhen3cAKfyD7TeDdnvIv7jYlAbxD+lq
eZbVyX/P7ND4MU9c0s9UpeZcxjFWoynnj0r+dzpNWtNpkkxDOdOjcezMuR0HIOoE
XdpKhr1qRWgkyQ==
-----END CERTIFICATE-----