Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
File:                     y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft (raw, json)
Hash identifier:          CFVJWmmCRD9QI/u/oqpNcLjbou1jFP6SzQ4e2coJeaU=
Subject key identifier:   32:BB:C1:92:18:5A:F2:80:33:98:FB:DC:F3:97:1E:91:73:75:61:02
Authority key identifier: CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D
Certificate issuer:       /CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
Certificate serial:       019A71B83458E57DEFE4737CCE8126F11FBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 07:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:28 +0000
Files and hashes:         1: y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl (hash: SJ3rC17vWGA/obbmCQqJMjJaRA6FBEZYf4gH05S4pKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:34:58:e5:7d:ef:e4:73:7c:ce:81:26:f1:1f:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
        Validity
            Not Before: Nov 11 07:01:28 2025 GMT
            Not After : Nov 12 07:01:28 2025 GMT
        Subject: CN=32bbc192185af2803398fbdcf3971e9173756102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f3:4c:44:56:d0:ab:4d:31:c0:b5:48:17:8e:
                    eb:d5:3c:9f:0d:b3:e2:93:9f:2c:37:55:5e:a3:8f:
                    69:7c:a6:15:ab:c3:b7:25:c5:84:13:62:a3:44:0d:
                    35:5e:90:97:5c:53:42:85:fc:0f:0f:8c:d0:f8:b5:
                    98:e8:7a:47:60:5f:91:85:e2:af:2f:7f:d0:d0:e8:
                    78:77:df:66:99:80:0d:0b:55:bb:be:78:18:79:6a:
                    45:28:cd:89:13:71:bb:ff:b6:1e:84:d4:e1:c0:c9:
                    b1:5e:e8:25:7d:76:e0:1e:10:73:bc:40:73:d3:67:
                    35:94:da:eb:00:e4:bf:c2:75:96:64:1a:3a:38:c6:
                    f4:1b:6b:13:cc:79:93:f4:0c:11:3d:b7:00:ed:94:
                    ef:ee:38:56:34:78:2c:81:3b:8d:ae:dc:a7:d0:5d:
                    f4:ac:46:e6:7b:1c:2d:0b:3a:c6:9e:31:e3:1f:49:
                    bc:75:02:52:47:62:bd:54:49:00:de:20:b9:44:87:
                    3f:47:57:b6:12:79:d2:9e:9d:25:4a:77:60:bd:fb:
                    92:ec:ae:89:e2:ef:74:b1:5f:13:20:c6:9d:e1:86:
                    0f:d9:80:30:f0:87:33:86:15:a9:db:2e:f9:35:d2:
                    69:28:f6:45:0d:d9:d4:1b:cd:38:ae:3e:fc:24:04:
                    18:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:BB:C1:92:18:5A:F2:80:33:98:FB:DC:F3:97:1E:91:73:75:61:02
            X509v3 Authority Key Identifier:
                keyid:CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:7a:b2:fa:cf:21:a4:7b:91:89:cb:67:f0:99:c1:90:7f:37:
         f8:89:ee:f3:22:a7:d3:6a:56:85:9a:ca:48:00:76:ca:62:10:
         18:1c:09:e8:a3:5f:09:86:bf:66:d5:80:a0:ac:58:41:85:1a:
         6b:bc:e7:63:7d:15:47:40:2a:92:59:4c:b7:1c:fd:74:1b:e8:
         83:52:22:04:bd:9f:34:9b:67:5f:f4:ac:83:1f:1f:c6:ba:e5:
         ed:93:72:55:c1:fc:59:70:9d:47:f2:eb:34:0c:77:9f:79:c8:
         4a:02:c3:4c:bf:36:3c:71:c9:dd:02:6d:44:4a:30:cf:ad:d4:
         79:b0:d0:56:df:12:d3:f3:b1:3f:48:b0:44:77:ff:b5:2b:3b:
         6e:10:ea:53:6c:3f:e6:ba:b0:e0:ed:90:10:8f:1a:4a:80:5f:
         67:58:33:f1:14:6f:cd:2d:55:00:c6:d0:56:0e:7a:a6:cd:f6:
         79:50:c4:9c:fd:57:60:16:7f:eb:5e:3c:48:f9:ac:37:c7:f7:
         0d:36:b8:a3:56:f3:69:6a:7d:b6:06:38:d0:4a:1e:c7:fc:b3:
         14:51:11:05:43:e3:95:a5:ab:1e:7e:b0:45:94:93:05:14:ae:
         58:a6:07:4b:65:ca:43:d8:f3:f8:56:2d:88:b9:99:d3:88:a5:
         59:b2:de:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDRY5X3v5HN8zoEm8R+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODNmYmZjMTc2Y2Q0OGViZTJmMmNkZTlmNGMwMWVkMjUz
YmJiMmQwHhcNMjUxMTExMDcwMTI4WhcNMjUxMTEyMDcwMTI4WjAzMTEwLwYDVQQD
EygzMmJiYzE5MjE4NWFmMjgwMzM5OGZiZGNmMzk3MWU5MTczNzU2MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovNMRFbQq00xwLVIF47r1TyfDbPi
k58sN1Veo49pfKYVq8O3JcWEE2KjRA01XpCXXFNChfwPD4zQ+LWY6HpHYF+RheKv
L3/Q0Oh4d99mmYANC1W7vngYeWpFKM2JE3G7/7YehNThwMmxXuglfXbgHhBzvEBz
02c1lNrrAOS/wnWWZBo6OMb0G2sTzHmT9AwRPbcA7ZTv7jhWNHgsgTuNrtyn0F30
rEbmexwtCzrGnjHjH0m8dQJSR2K9VEkA3iC5RIc/R1e2EnnSnp0lSndgvfuS7K6J
4u90sV8TIMad4YYP2YAw8IczhhWp2y75NdJpKPZFDdnUG804rj78JAQY8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDK7wZIYWvKAM5j73POXHpFzdWECMB8GA1UdIwQY
MBaAFMuD+/wXbNSOvi8s3p9MAe0lO7stMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYt
NDQxMmRlZmVkZTczLzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYtNDQxMmRlZmVkZTcz
LzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3qy+s8h
pHuRictn8JnBkH83+Inu8yKn02pWhZrKSAB2ymIQGBwJ6KNfCYa/ZtWAoKxYQYUa
a7znY30VR0AqkllMtxz9dBvog1IiBL2fNJtnX/Ssgx8fxrrl7ZNyVcH8WXCdR/Lr
NAx3n3nISgLDTL82PHHJ3QJtREowz63UebDQVt8S0/OxP0iwRHf/tSs7bhDqU2w/
5rqw4O2QEI8aSoBfZ1gz8RRvzS1VAMbQVg56ps32eVDEnP1XYBZ/6148SPmsN8f3
DTa4o1bzaWp9tgY40Eoex/yzFFERBUPjlaWrHn6wRZSTBRSuWKYHS2XKQ9jz+FYt
iLmZ04ilWbLedQ==
-----END CERTIFICATE-----