Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          iRutuus7LypjtCsF6bj8npOu6i9Tw7R3PwvSgwFUbQA=
Subject key identifier:   2B:9F:67:45:87:C3:EA:5E:FF:E4:38:4B:D9:38:13:98:BC:D1:41:5C
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       019A71B923D9A703BBE9D721E55EFA8320DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0C8C
Signing time:             Tue 11 Nov 2025 07:02:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:29 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: 5EeKFPsd5erVjDyZTkjStIABcsW5hlKWkhYhfa1S4d4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:23:d9:a7:03:bb:e9:d7:21:e5:5e:fa:83:20:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Nov 11 07:02:29 2025 GMT
            Not After : Nov 12 07:02:29 2025 GMT
        Subject: CN=2b9f674587c3ea5effe4384bd9381398bcd1415c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2a:3e:32:33:f3:e5:b0:0f:40:4f:64:29:ee:
                    3b:4e:c3:1e:4a:06:2a:87:2e:67:fd:71:b7:ee:5b:
                    a7:dc:30:3d:63:42:fa:10:45:b2:d9:88:4e:55:fa:
                    43:67:b5:e7:84:92:17:d7:67:52:45:91:92:b7:f3:
                    8d:d4:67:00:62:f3:ab:09:b7:d9:b3:c0:89:7b:00:
                    d2:5f:b1:9d:e2:f2:11:ef:c7:65:db:73:fb:e4:e0:
                    e9:43:6c:83:20:a6:28:28:26:70:cb:d5:0b:8e:58:
                    f4:1f:06:1b:57:fe:5e:e6:c6:66:a3:a1:1d:5e:1f:
                    e9:bd:45:3d:64:9d:a8:78:99:91:8e:c1:ea:f1:bd:
                    0f:ee:a7:94:61:1e:ee:3e:86:c0:24:ec:1b:fe:1f:
                    1c:52:83:df:82:c2:76:eb:1e:d8:4b:79:8b:15:fb:
                    d7:de:50:3b:92:5a:d7:f8:4c:d4:9a:fb:ad:3d:e6:
                    15:17:aa:c7:29:00:6a:19:f6:dc:0e:3a:08:60:1a:
                    87:92:83:0f:c5:b0:3e:b9:08:9e:d4:43:d8:f7:b1:
                    f1:90:50:a2:52:79:70:97:de:e0:f3:b4:2a:00:f0:
                    05:a5:b1:5c:81:98:98:c4:d8:bc:6b:58:ce:8f:a5:
                    cd:3c:07:0f:c6:8a:0e:bf:39:2c:ef:91:10:36:e8:
                    24:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:9F:67:45:87:C3:EA:5E:FF:E4:38:4B:D9:38:13:98:BC:D1:41:5C
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:12:c4:82:48:db:d3:03:35:2b:05:df:66:38:af:02:2a:65:
         5d:28:43:be:6b:47:69:06:f7:b9:8e:d4:b1:62:df:c6:eb:f1:
         96:28:cb:31:72:90:60:44:38:0d:f2:da:63:2c:f8:90:4f:bb:
         d9:e0:9e:a4:8b:ca:13:cb:85:22:67:ec:ed:c2:40:cf:25:91:
         c3:10:8d:82:11:6a:01:26:35:1d:27:56:7b:82:db:1d:d8:6b:
         36:a7:87:6f:7e:57:d9:5e:7e:09:ed:ad:ef:6c:3c:b9:06:49:
         5a:a5:50:1d:ea:d9:49:b0:8f:79:e6:d4:81:35:6b:d0:16:e4:
         02:e7:38:b5:91:15:08:68:11:f6:9a:34:09:08:da:aa:de:3a:
         8d:9d:1f:64:cd:3d:94:9a:45:5e:56:62:ca:7f:0f:3e:af:43:
         91:75:44:2f:a6:60:0e:78:6a:2f:5d:84:fd:d6:6f:17:5b:79:
         50:14:67:d4:10:dd:22:48:85:8b:e6:35:f1:08:79:a5:24:72:
         42:f9:92:fd:66:81:2a:7b:de:fc:17:7a:81:69:a0:6f:91:76:
         56:23:bf:c8:97:29:d6:62:89:d6:a3:96:3b:f2:b0:73:18:42:
         6a:b2:c0:83:56:a4:40:b7:cd:04:51:06:ef:18:fc:69:52:43:
         64:9a:94:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSPZpwO76dch5V76gyDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjUxMTExMDcwMjI5WhcNMjUxMTEyMDcwMjI5WjAzMTEwLwYDVQQD
EygyYjlmNjc0NTg3YzNlYTVlZmZlNDM4NGJkOTM4MTM5OGJjZDE0MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCo+MjPz5bAPQE9kKe47TsMeSgYq
hy5n/XG37lun3DA9Y0L6EEWy2YhOVfpDZ7XnhJIX12dSRZGSt/ON1GcAYvOrCbfZ
s8CJewDSX7Gd4vIR78dl23P75ODpQ2yDIKYoKCZwy9ULjlj0HwYbV/5e5sZmo6Ed
Xh/pvUU9ZJ2oeJmRjsHq8b0P7qeUYR7uPobAJOwb/h8cUoPfgsJ26x7YS3mLFfvX
3lA7klrX+EzUmvutPeYVF6rHKQBqGfbcDjoIYBqHkoMPxbA+uQie1EPY97HxkFCi
Unlwl97g87QqAPAFpbFcgZiYxNi8a1jOj6XNPAcPxooOvzks75EQNugkJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCufZ0WHw+pe/+Q4S9k4E5i80UFcMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBLEgkjb
0wM1KwXfZjivAiplXShDvmtHaQb3uY7UsWLfxuvxlijLMXKQYEQ4DfLaYyz4kE+7
2eCepIvKE8uFImfs7cJAzyWRwxCNghFqASY1HSdWe4LbHdhrNqeHb35X2V5+Ce2t
72w8uQZJWqVQHerZSbCPeebUgTVr0BbkAuc4tZEVCGgR9po0CQjaqt46jZ0fZM09
lJpFXlZiyn8PPq9DkXVEL6ZgDnhqL12E/dZvF1t5UBRn1BDdIkiFi+Y18Qh5pSRy
QvmS/WaBKnve/Bd6gWmgb5F2ViO/yJcp1mKJ1qOWO/KwcxhCarLAg1akQLfNBFEG
7xj8aVJDZJqUWw==
-----END CERTIFICATE-----