Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          6y1trknsNynflcIFdUZa3veS99+OWuwgNZTNomve89U=
Subject key identifier:   E4:D2:CA:F4:8D:22:58:3A:98:63:AA:A1:C8:14:E1:98:FA:3E:E7:C2
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       019A71B942FE424421A649AF5BBF9935DBCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          11A7
Signing time:             Tue 11 Nov 2025 07:02:37 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:37 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:37 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: RN24x6akAaZI8VF7gpxycrpHWMkoq0L/PNfa+vwij/c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:42:fe:42:44:21:a6:49:af:5b:bf:99:35:db:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Nov 11 07:02:37 2025 GMT
            Not After : Nov 12 07:02:37 2025 GMT
        Subject: CN=e4d2caf48d22583a9863aaa1c814e198fa3ee7c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:62:f4:30:9e:c6:11:0f:f4:26:e0:4c:90:0c:
                    ca:ed:8c:22:6b:cf:13:0d:c9:1e:e2:b5:8e:61:a9:
                    7a:9f:73:f2:3e:93:fe:d2:5a:e3:d1:01:05:d8:cb:
                    cc:d4:bc:4d:b1:52:2e:72:df:6f:cf:c1:3a:fc:d6:
                    9d:fd:53:06:7b:83:fc:03:ce:fd:16:98:27:e8:00:
                    c1:a1:32:14:15:64:7b:64:8d:7b:e8:29:5a:b8:20:
                    64:5c:98:fd:89:05:ba:3e:48:9c:48:28:11:d4:d7:
                    da:0a:b7:5a:4e:2b:fc:41:fa:76:05:44:50:a4:20:
                    4b:2b:ab:dd:22:78:08:6c:33:24:0c:9d:70:93:c7:
                    ae:68:db:34:32:64:f8:23:cd:cf:38:90:32:26:00:
                    8c:c3:26:c0:ce:f9:41:db:f7:db:08:de:e4:08:34:
                    3a:38:01:11:e4:44:89:3f:9e:c4:13:74:92:cd:84:
                    9b:c4:e1:06:f9:30:05:2b:88:63:74:4d:88:9f:20:
                    20:28:93:29:07:f6:b1:79:e7:f0:aa:c7:3c:6f:89:
                    c1:78:9b:32:7e:80:db:6a:d4:93:7e:85:dc:8c:3d:
                    f6:5b:dd:06:a5:76:c4:a3:dd:8d:e9:c3:c8:19:4b:
                    96:f1:84:98:40:fc:fd:27:85:b2:50:f3:a9:7b:48:
                    a2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D2:CA:F4:8D:22:58:3A:98:63:AA:A1:C8:14:E1:98:FA:3E:E7:C2
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:2e:a7:68:6a:f0:5f:ac:62:ed:09:b7:6c:91:48:99:3d:f1:
         e9:ee:4a:43:a4:d5:17:4b:2b:56:fd:9c:5b:2a:10:99:7f:b0:
         97:5f:3a:6e:31:94:d4:b2:75:c3:f4:b2:86:a4:a5:33:f5:ef:
         02:4c:68:0a:24:1d:aa:3c:18:73:d1:36:fd:fa:3f:e9:22:94:
         f8:4d:a9:21:c3:84:c8:39:6b:40:06:df:28:a0:1f:6a:fd:0a:
         65:3e:49:af:ce:f1:37:b9:7b:23:b8:aa:46:c1:6a:47:78:48:
         c3:7d:75:56:f8:fd:0d:48:3b:f5:c7:f0:59:db:dd:a3:f5:45:
         0d:62:be:94:da:b0:2f:0a:8b:7c:de:c5:0f:8e:d9:95:f1:33:
         6d:1a:5d:09:5e:b3:7e:25:53:03:22:dd:6b:54:ce:0d:db:9d:
         36:f9:71:d7:6c:3e:d6:3b:83:39:c8:23:45:54:50:e0:8c:3e:
         99:d0:bc:2d:42:2d:cf:cd:bf:2c:7f:85:bc:e6:5d:df:81:82:
         6b:6f:7a:b0:b6:5c:92:2e:2d:75:a0:6f:92:34:13:15:95:f4:
         95:11:76:f3:92:06:7e:f1:61:52:9c:14:9f:b8:49:84:0b:85:
         92:c7:99:b4:02:ba:eb:9d:00:10:41:22:98:83:36:44:96:01:
         6a:18:0a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuUL+QkQhpkmvW7+ZNdvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjUxMTExMDcwMjM3WhcNMjUxMTEyMDcwMjM3WjAzMTEwLwYDVQQD
EyhlNGQyY2FmNDhkMjI1ODNhOTg2M2FhYTFjODE0ZTE5OGZhM2VlN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WL0MJ7GEQ/0JuBMkAzK7Ywia88T
Dcke4rWOYal6n3PyPpP+0lrj0QEF2MvM1LxNsVIuct9vz8E6/Nad/VMGe4P8A879
Fpgn6ADBoTIUFWR7ZI176ClauCBkXJj9iQW6PkicSCgR1NfaCrdaTiv8Qfp2BURQ
pCBLK6vdIngIbDMkDJ1wk8euaNs0MmT4I83POJAyJgCMwybAzvlB2/fbCN7kCDQ6
OAER5ESJP57EE3SSzYSbxOEG+TAFK4hjdE2InyAgKJMpB/axeefwqsc8b4nBeJsy
foDbatSTfoXcjD32W90GpXbEo92N6cPIGUuW8YSYQPz9J4WyUPOpe0iiCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTSyvSNIlg6mGOqocgU4Zj6PufCMB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARS6naGrw
X6xi7Qm3bJFImT3x6e5KQ6TVF0srVv2cWyoQmX+wl186bjGU1LJ1w/SyhqSlM/Xv
AkxoCiQdqjwYc9E2/fo/6SKU+E2pIcOEyDlrQAbfKKAfav0KZT5Jr87xN7l7I7iq
RsFqR3hIw311Vvj9DUg79cfwWdvdo/VFDWK+lNqwLwqLfN7FD47ZlfEzbRpdCV6z
fiVTAyLda1TODdudNvlx12w+1juDOcgjRVRQ4Iw+mdC8LUItz82/LH+FvOZd34GC
a296sLZcki4tdaBvkjQTFZX0lRF285IGfvFhUpwUn7hJhAuFkseZtAK6650AEEEi
mIM2RJYBahgKcw==
-----END CERTIFICATE-----