Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          25NsZwoO7SgX7Cbt8KabDb7lapcs9Vyrd9zmchsR7Hs=
Subject key identifier:   78:49:FD:29:8F:4E:42:05:37:3B:57:9E:C8:53:C6:95:E0:C5:18:06
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019A71B82F30629944341A0AEA6B06AABEE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0E7F
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: th8POuKWU90sHlP99MoJpsvlwxcCWiPvv0Tv6dzQr20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2f:30:62:99:44:34:1a:0a:ea:6b:06:aa:be:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=7849fd298f4e4205373b579ec853c695e0c51806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2f:0e:34:9f:18:59:16:ea:18:f5:ca:d8:7c:
                    53:e3:fb:fb:34:70:fd:ff:69:34:c5:3b:2e:ac:70:
                    1c:65:b4:f2:d2:2c:7f:e0:22:68:af:f6:11:e8:b7:
                    8f:20:02:49:47:15:a2:7c:85:52:e3:23:ef:30:ed:
                    ee:ca:66:9c:c5:48:0c:69:e0:a5:6a:c9:17:f4:67:
                    94:0b:3a:05:80:a9:de:d2:8a:ac:c7:d4:81:19:3d:
                    fa:46:db:6d:89:4c:22:60:50:79:30:5b:13:0c:cb:
                    65:0e:bf:41:8b:6c:42:8d:fb:9c:b2:8c:49:d8:13:
                    a5:1b:09:90:e1:45:99:32:ba:7c:00:34:d6:b7:f4:
                    18:85:9f:4b:98:51:27:15:e9:cd:34:9b:03:fb:fc:
                    62:87:27:f0:6b:14:00:14:45:c9:cf:1f:3b:eb:f1:
                    51:6b:88:42:8d:83:d8:72:fe:7d:fe:63:fd:b8:9e:
                    84:20:71:df:a3:6a:c7:1b:75:a2:fa:29:a7:aa:b5:
                    d6:5c:61:aa:5b:9d:65:7f:5a:4d:79:c4:6d:ba:39:
                    91:3a:b8:1d:a6:a7:fb:56:5d:86:ae:c3:23:18:d3:
                    c5:06:11:59:5c:96:c7:36:30:e6:e3:4a:6d:0c:c6:
                    11:ab:36:0b:b0:c7:f8:08:7a:80:d5:a2:11:a3:74:
                    46:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:49:FD:29:8F:4E:42:05:37:3B:57:9E:C8:53:C6:95:E0:C5:18:06
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:68:79:0f:fb:92:f0:a6:49:1b:7e:14:73:f6:e7:87:6e:9f:
         22:bc:fc:c4:46:d0:79:f3:9b:a1:9a:be:6f:01:25:a8:f4:5b:
         16:c8:ec:45:b1:23:75:51:13:91:fb:14:37:ac:ab:c3:0c:f2:
         a9:92:49:99:2d:32:58:7e:1d:8b:8f:d8:ff:33:ca:75:c1:45:
         88:d9:de:ea:1b:03:e1:5f:f3:0f:b0:c9:aa:c2:ad:62:85:64:
         a5:02:2d:c1:47:f3:d8:d8:f2:7e:c3:ae:2d:a0:5c:d2:2a:91:
         c2:d8:dd:9b:5d:83:b1:1e:b0:7c:0d:2c:c4:d9:c1:af:3f:0f:
         7d:70:31:61:17:58:b7:f6:6d:59:b5:06:c9:bc:b8:43:47:de:
         2e:15:66:87:04:17:10:4f:4f:4b:be:5d:de:07:f6:09:52:c9:
         5f:fa:5a:a9:cc:7f:e8:99:ec:aa:fb:f7:be:6d:3a:ad:83:5f:
         d9:b2:7a:ab:e1:09:2a:7d:43:3f:35:37:52:0e:e3:d8:d9:a1:
         c5:6a:38:37:20:ea:aa:21:d8:92:24:12:91:67:1f:72:7f:bd:
         ce:c4:02:99:4b:e3:42:44:74:9d:f9:97:cb:ea:b4:77:5c:40:
         88:fb:6e:d9:28:90:4b:9d:6d:30:76:82:c8:37:c5:ca:c2:9b:
         53:bc:79:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuC8wYplENBoK6msGqr7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg3ODQ5ZmQyOThmNGU0MjA1MzczYjU3OWVjODUzYzY5NWUwYzUxODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS8ONJ8YWRbqGPXK2HxT4/v7NHD9
/2k0xTsurHAcZbTy0ix/4CJor/YR6LePIAJJRxWifIVS4yPvMO3uymacxUgMaeCl
askX9GeUCzoFgKne0oqsx9SBGT36RtttiUwiYFB5MFsTDMtlDr9Bi2xCjfucsoxJ
2BOlGwmQ4UWZMrp8ADTWt/QYhZ9LmFEnFenNNJsD+/xihyfwaxQAFEXJzx876/FR
a4hCjYPYcv59/mP9uJ6EIHHfo2rHG3Wi+imnqrXWXGGqW51lf1pNecRtujmROrgd
pqf7Vl2GrsMjGNPFBhFZXJbHNjDm40ptDMYRqzYLsMf4CHqA1aIRo3RGPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhJ/SmPTkIFNztXnshTxpXgxRgGMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2h5D/uS
8KZJG34Uc/bnh26fIrz8xEbQefOboZq+bwElqPRbFsjsRbEjdVETkfsUN6yrwwzy
qZJJmS0yWH4di4/Y/zPKdcFFiNne6hsD4V/zD7DJqsKtYoVkpQItwUfz2NjyfsOu
LaBc0iqRwtjdm12DsR6wfA0sxNnBrz8PfXAxYRdYt/ZtWbUGyby4Q0feLhVmhwQX
EE9PS75d3gf2CVLJX/paqcx/6Jnsqvv3vm06rYNf2bJ6q+EJKn1DPzU3Ug7j2Nmh
xWo4NyDqqiHYkiQSkWcfcn+9zsQCmUvjQkR0nfmXy+q0d1xAiPtu2SiQS51tMHaC
yDfFysKbU7x57g==
-----END CERTIFICATE-----