Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          YlpNKx0mNfCOTmktKz/D5ibdvhqP9kXPVfNu+/hHsD8=
Subject key identifier:   C9:D0:3F:89:BA:DA:5F:47:8E:B8:B3:DD:B7:7C:16:A1:4B:2A:E1:66
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       019A72CA898257867C99D45E802EDB9E366B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          037C
Signing time:             Tue 11 Nov 2025 12:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:07 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: NTW9zqENCAoUeDGvuqwaiCF3C7Lzc2RDJg/Vs0JLkys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:89:82:57:86:7c:99:d4:5e:80:2e:db:9e:36:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Nov 11 12:01:07 2025 GMT
            Not After : Nov 12 12:01:07 2025 GMT
        Subject: CN=c9d03f89bada5f478eb8b3ddb77c16a14b2ae166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:62:be:21:78:84:dd:25:e7:c2:29:2b:2f:4d:
                    c4:3c:ae:be:b0:c6:18:51:2e:b3:ae:1a:57:e2:5f:
                    38:6c:82:eb:48:e7:18:bd:79:1e:c5:85:5a:21:3c:
                    0f:94:d0:80:0c:a8:c5:03:33:74:90:a4:cc:cf:c5:
                    0d:19:f1:71:d3:7e:72:19:e9:c3:c3:7d:4e:77:48:
                    d3:d9:df:c2:47:cc:3d:b3:a0:c8:66:46:6d:a2:3f:
                    5f:53:28:aa:27:a1:98:09:de:42:63:49:3f:7a:31:
                    1f:ec:3c:97:9c:f2:68:66:4e:9a:f5:49:39:98:cc:
                    fd:9f:35:cf:9f:5f:5c:e8:b8:c3:bc:41:6a:ba:14:
                    f9:cd:3d:7d:11:6e:99:96:47:2f:7f:61:6a:6c:b5:
                    43:b5:b9:92:30:7d:aa:ea:73:8d:5f:22:41:f9:3c:
                    ba:74:13:86:cb:50:4a:45:2b:b4:ba:be:14:49:55:
                    c1:b0:b1:65:5c:dd:0d:d3:a8:44:cd:aa:b5:6d:66:
                    0d:17:58:32:14:ea:60:79:e8:65:06:6b:16:50:d9:
                    67:16:59:29:ff:3f:59:ff:8a:73:f9:82:bb:23:2a:
                    95:43:45:ba:2a:9a:30:89:fe:ec:f2:c1:ce:ff:49:
                    2d:48:db:1b:74:90:46:71:6f:49:cb:73:f3:12:e4:
                    42:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D0:3F:89:BA:DA:5F:47:8E:B8:B3:DD:B7:7C:16:A1:4B:2A:E1:66
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:b9:ac:9a:c9:84:39:31:9f:1e:26:18:02:d2:f1:da:4c:91:
         e5:50:24:af:c3:93:e9:1d:d9:5b:d6:b3:7d:fc:78:9a:8e:0e:
         1d:0e:b5:22:85:3e:96:dc:db:eb:1b:da:a9:fc:a9:af:aa:a5:
         c8:e4:58:55:bc:74:2e:c9:54:05:32:7c:1e:b7:1d:7a:ca:d6:
         e2:30:a2:6d:fe:1a:e2:3c:a9:cb:07:95:39:dd:47:00:d5:6c:
         dc:dd:5a:70:74:35:5a:f3:d4:03:8e:46:3d:95:48:fa:1e:b2:
         0d:78:a8:90:c5:88:a9:97:b9:80:ea:9c:df:95:fa:02:c5:82:
         bf:b8:71:c3:9f:e1:b6:95:1e:29:d0:b6:31:5a:0b:da:4d:81:
         12:06:56:3d:40:0d:45:c0:cd:6f:e6:b4:04:ac:f7:3e:39:e3:
         2e:7d:e1:80:59:87:d3:aa:f7:ce:79:66:0d:a4:a8:c0:34:db:
         c5:e4:32:1a:35:67:fd:c7:a2:bd:60:5b:84:25:9a:c5:7b:9b:
         cf:31:34:59:77:13:67:3b:1b:91:8d:e7:bd:5c:b7:1f:70:57:
         77:b4:e0:c0:c0:e9:81:3d:f6:07:ea:60:b8:01:a4:ee:63:3c:
         cd:9f:56:a1:65:54:e3:50:42:61:eb:01:16:b5:e8:7f:0c:b4:
         27:dd:76:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyomCV4Z8mdRegC7bnjZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjUxMTExMTIwMTA3WhcNMjUxMTEyMTIwMTA3WjAzMTEwLwYDVQQD
EyhjOWQwM2Y4OWJhZGE1ZjQ3OGViOGIzZGRiNzdjMTZhMTRiMmFlMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWK+IXiE3SXnwikrL03EPK6+sMYY
US6zrhpX4l84bILrSOcYvXkexYVaITwPlNCADKjFAzN0kKTMz8UNGfFx035yGenD
w31Od0jT2d/CR8w9s6DIZkZtoj9fUyiqJ6GYCd5CY0k/ejEf7DyXnPJoZk6a9Uk5
mMz9nzXPn19c6LjDvEFquhT5zT19EW6Zlkcvf2FqbLVDtbmSMH2q6nONXyJB+Ty6
dBOGy1BKRSu0ur4USVXBsLFlXN0N06hEzaq1bWYNF1gyFOpgeehlBmsWUNlnFlkp
/z9Z/4pz+YK7IyqVQ0W6Kpowif7s8sHO/0ktSNsbdJBGcW9Jy3PzEuRCiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnQP4m62l9Hjriz3bd8FqFLKuFmMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYrmsmsmE
OTGfHiYYAtLx2kyR5VAkr8OT6R3ZW9azffx4mo4OHQ61IoU+ltzb6xvaqfypr6ql
yORYVbx0LslUBTJ8HrcdesrW4jCibf4a4jypyweVOd1HANVs3N1acHQ1WvPUA45G
PZVI+h6yDXiokMWIqZe5gOqc35X6AsWCv7hxw5/htpUeKdC2MVoL2k2BEgZWPUAN
RcDNb+a0BKz3PjnjLn3hgFmH06r3znlmDaSowDTbxeQyGjVn/ceivWBbhCWaxXub
zzE0WXcTZzsbkY3nvVy3H3BXd7TgwMDpgT32B+pguAGk7mM8zZ9WoWVU41BCYesB
FrXofwy0J912wA==
-----END CERTIFICATE-----