Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
File:                     Mya5UKRaLGusFQX80E2UDMCWj5Y.mft (raw, json)
Hash identifier:          Iq2ZaJELM66SujD7C15L23kplyyG2mxZcMP/Mj0ALPc=
Subject key identifier:   69:7B:75:D5:24:59:89:3D:C2:F4:AD:59:C7:26:77:60:44:A0:70:E8
Authority key identifier: 33:26:B9:50:A4:5A:2C:6B:AC:15:05:FC:D0:4D:94:0C:C0:96:8F:96
Certificate issuer:       /CN=3326b950a45a2c6bac1505fcd04d940cc0968f96
Certificate serial:       019A7225C8BC0E2D94F75AB25363ED53F11D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
Manifest number:          0608
Signing time:             Tue 11 Nov 2025 09:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:10 +0000
Files and hashes:         1: Mya5UKRaLGusFQX80E2UDMCWj5Y.crl (hash: 2rxADAW8cEmPn7nmiE2ki7dEbW8YvrbPBfPbLV48hU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:c8:bc:0e:2d:94:f7:5a:b2:53:63:ed:53:f1:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3326b950a45a2c6bac1505fcd04d940cc0968f96
        Validity
            Not Before: Nov 11 09:01:10 2025 GMT
            Not After : Nov 12 09:01:10 2025 GMT
        Subject: CN=697b75d52459893dc2f4ad59c726776044a070e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a1:44:ec:a4:76:73:b9:df:b0:63:87:87:42:
                    fe:6f:09:14:8c:53:03:fb:95:44:ed:78:5e:33:9a:
                    39:5f:af:ee:3d:9a:12:5c:37:5d:87:5f:52:38:09:
                    2d:ae:37:9d:88:c2:81:a5:a3:e3:c4:1e:a5:bb:79:
                    44:a9:6c:15:f8:8a:c0:f4:2c:39:52:13:6d:f2:72:
                    2a:c2:6a:25:b7:99:0a:ea:d2:11:ec:6c:e6:83:a1:
                    c8:3c:a7:16:42:dd:42:df:a4:ee:f8:a3:68:cc:d6:
                    48:93:8d:c9:42:48:d3:b5:3f:43:c9:82:4e:e7:ff:
                    21:97:26:64:4b:78:61:54:4d:e5:58:00:1e:a7:62:
                    28:f7:e2:5d:6f:f6:07:bd:3c:54:8f:ee:23:ce:85:
                    99:e9:00:b1:fc:e4:90:dd:3f:81:31:23:8e:8b:9f:
                    5e:23:60:52:a1:1f:2b:55:30:b8:bb:4a:65:a1:26:
                    2f:e1:2a:38:a2:cc:d2:6a:26:57:8b:fc:4b:9d:9d:
                    6d:95:3b:1b:9c:39:a1:6b:89:1a:61:eb:af:22:3b:
                    f6:97:91:ea:12:69:96:2b:03:36:5d:13:0b:5c:ad:
                    1b:a7:71:9a:4c:57:a3:b4:d4:54:32:c8:24:50:9f:
                    4b:59:ed:2e:91:f3:78:df:79:57:45:9c:05:e4:82:
                    a4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7B:75:D5:24:59:89:3D:C2:F4:AD:59:C7:26:77:60:44:A0:70:E8
            X509v3 Authority Key Identifier:
                keyid:33:26:B9:50:A4:5A:2C:6B:AC:15:05:FC:D0:4D:94:0C:C0:96:8F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:ef:cb:0f:25:0f:25:d9:6a:55:a3:98:90:12:c2:66:d0:85:
         8b:83:d5:16:c7:9e:ac:a3:aa:27:20:4e:ff:1d:ef:12:9e:f2:
         8d:84:a4:52:b1:c5:df:a1:36:8b:96:1b:d8:92:34:c6:61:0a:
         d5:a7:d9:7f:d4:59:83:75:8a:70:a7:8f:14:5e:ed:42:6f:9c:
         47:83:7d:df:63:64:45:e3:1f:aa:64:d4:c3:ae:30:fb:e0:cb:
         12:92:75:ce:51:b4:a8:fd:dc:b4:fc:88:9c:65:f5:65:27:03:
         a1:50:0f:7a:2c:f0:0d:d6:53:d7:36:13:93:10:cc:da:0f:15:
         90:41:08:ba:db:e9:9c:29:05:93:14:aa:4d:78:17:9e:5a:42:
         de:bd:6b:d7:65:ba:97:43:72:0c:06:96:32:78:d6:e1:08:36:
         57:8f:16:fd:bb:4a:89:af:ae:d1:e7:d3:59:2b:d8:3e:ee:fe:
         3b:16:b4:0f:f0:65:c5:2e:b6:62:35:5e:bf:56:12:af:bc:08:
         1c:6e:19:d0:dc:b0:21:5c:0c:ff:6e:b0:c1:9a:f1:4e:57:b7:
         fc:46:71:93:ba:ef:05:d9:04:bd:13:fe:91:ec:32:04:fe:b3:
         7a:3e:48:f1:00:43:c1:9c:02:bf:a1:42:95:4b:8f:bb:6d:75:
         df:06:6a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJci8Di2U91qyU2PtU/EdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMjZiOTUwYTQ1YTJjNmJhYzE1MDVmY2QwNGQ5NDBjYzA5
NjhmOTYwHhcNMjUxMTExMDkwMTEwWhcNMjUxMTEyMDkwMTEwWjAzMTEwLwYDVQQD
Eyg2OTdiNzVkNTI0NTk4OTNkYzJmNGFkNTljNzI2Nzc2MDQ0YTA3MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqFE7KR2c7nfsGOHh0L+bwkUjFMD
+5VE7XheM5o5X6/uPZoSXDddh19SOAktrjediMKBpaPjxB6lu3lEqWwV+IrA9Cw5
UhNt8nIqwmolt5kK6tIR7Gzmg6HIPKcWQt1C36Tu+KNozNZIk43JQkjTtT9DyYJO
5/8hlyZkS3hhVE3lWAAep2Io9+Jdb/YHvTxUj+4jzoWZ6QCx/OSQ3T+BMSOOi59e
I2BSoR8rVTC4u0ploSYv4So4oszSaiZXi/xLnZ1tlTsbnDmha4kaYeuvIjv2l5Hq
EmmWKwM2XRMLXK0bp3GaTFejtNRUMsgkUJ9LWe0ukfN433lXRZwF5IKkWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGl7ddUkWYk9wvStWccmd2BEoHDoMB8GA1UdIwQY
MBaAFDMmuVCkWixrrBUF/NBNlAzAlo+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOGI3MzAtZjViYi00NjA2LTgzNjUt
MDhlMTA2MzgyMjVlLzEvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOGI3MzAtZjViYi00NjA2LTgzNjUtMDhlMTA2MzgyMjVl
LzEvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAle/LDyUP
JdlqVaOYkBLCZtCFi4PVFseerKOqJyBO/x3vEp7yjYSkUrHF36E2i5Yb2JI0xmEK
1afZf9RZg3WKcKePFF7tQm+cR4N932NkReMfqmTUw64w++DLEpJ1zlG0qP3ctPyI
nGX1ZScDoVAPeizwDdZT1zYTkxDM2g8VkEEIutvpnCkFkxSqTXgXnlpC3r1r12W6
l0NyDAaWMnjW4Qg2V48W/btKia+u0efTWSvYPu7+Oxa0D/BlxS62YjVev1YSr7wI
HG4Z0NywIVwM/26wwZrxTle3/EZxk7rvBdkEvRP+kewyBP6zej5I8QBDwZwCv6FC
lUuPu2113wZq0Q==
-----END CERTIFICATE-----