Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File:                     YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier:          GEzsqETr4m0ObiVcc/L4vErGvHIh+9oj2MBfzkeXJMc=
Subject key identifier:   6E:8A:03:6E:A0:38:D0:D6:A8:1B:95:27:11:E5:2D:8A:2A:7C:33:2E
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer:       /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial:       019A71B881B007F8EB911C42FF6A6E2DC21A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number:          11AD
Signing time:             Tue 11 Nov 2025 07:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:48 +0000
Files and hashes:         1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: hjsBucuV+wC1Sr7PXi48SxQRS/ZguuZXrxBESFq5IWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:81:b0:07:f8:eb:91:1c:42:ff:6a:6e:2d:c2:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
        Validity
            Not Before: Nov 11 07:01:48 2025 GMT
            Not After : Nov 12 07:01:48 2025 GMT
        Subject: CN=6e8a036ea038d0d6a81b952711e52d8a2a7c332e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:45:80:85:71:18:8a:ea:2a:6c:1c:f4:78:ff:
                    25:8e:d1:8a:4f:f3:04:a8:6b:13:28:eb:35:a2:87:
                    b4:aa:4f:bb:05:c8:72:ad:dd:4e:68:fa:86:cc:9e:
                    b9:a1:22:db:d4:1f:0b:74:86:e0:f1:21:80:db:45:
                    f1:19:b8:1a:db:ec:1d:1f:38:79:2f:06:2a:64:21:
                    21:51:9f:1a:1b:d7:d7:6c:fa:e9:39:ab:f5:b3:aa:
                    ba:b8:a7:77:e6:8d:04:f7:9c:ab:30:a8:d4:22:cc:
                    8a:67:fa:da:25:51:03:a1:b6:00:c1:0b:cb:01:f8:
                    cb:c3:f2:6b:54:ca:64:5f:61:eb:d6:14:13:3e:18:
                    95:21:1c:0c:4a:20:93:00:1a:21:f1:e6:16:d7:2d:
                    09:86:c5:b5:a3:57:3f:d6:12:d3:32:d1:2a:81:da:
                    05:c9:f2:3b:bf:03:2d:0b:91:f6:d9:25:c5:55:a6:
                    93:4a:55:6f:7b:84:b3:dc:51:f0:f1:37:14:be:4f:
                    00:f2:36:4f:d8:66:e2:62:5b:14:3f:53:92:d9:e3:
                    0c:8a:6c:55:85:5b:9f:cf:13:02:34:be:2a:30:7c:
                    ef:2c:cc:aa:3e:37:50:ae:88:40:70:52:96:38:d5:
                    f8:73:55:b6:16:7d:a4:10:93:c2:54:a2:c5:97:f2:
                    c1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:8A:03:6E:A0:38:D0:D6:A8:1B:95:27:11:E5:2D:8A:2A:7C:33:2E
            X509v3 Authority Key Identifier:
                keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:eb:98:ce:2c:7b:af:fc:c2:98:98:35:1c:f1:eb:94:e9:6a:
         1b:fd:78:97:d9:63:40:9c:f1:ca:db:0a:68:54:ba:20:eb:18:
         3c:27:0e:9a:3a:82:42:f2:7d:b3:a5:3d:8e:c9:53:6e:c9:85:
         c5:c1:66:ae:0c:77:b8:19:50:8d:a5:6c:c4:d7:5e:3e:65:82:
         7f:3d:b6:3e:8a:86:57:b7:2b:43:d3:a0:14:b7:dc:4b:a2:39:
         ce:0c:67:c5:f9:07:1f:ea:8d:e9:75:24:b6:46:2a:47:69:24:
         f0:20:5a:e5:79:d9:84:aa:82:c5:39:d5:11:5c:d3:a6:8b:86:
         03:6e:98:ce:c4:56:3e:b2:ba:44:34:c2:89:a9:8c:ce:7a:f7:
         f3:c4:c4:88:59:51:c4:a8:40:f9:8a:f3:f3:f8:1a:3b:fa:fe:
         b4:75:8a:08:2c:98:20:3f:5d:d3:fa:d1:17:f0:7e:1a:88:fc:
         17:18:15:e2:1e:7a:88:6e:e3:99:47:a8:75:75:7e:e3:f3:09:
         ac:22:57:30:df:70:67:1c:11:14:d4:84:ff:a6:a3:b2:a2:89:
         3d:05:5f:5b:99:ce:fc:31:22:27:d0:7d:d3:6b:95:9c:3a:13:
         7f:55:84:8e:e5:6f:f0:89:fe:be:78:62:1e:90:4e:2e:83:e7:
         e9:5f:d7:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIGwB/jrkRxC/2puLcIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjUxMTExMDcwMTQ4WhcNMjUxMTEyMDcwMTQ4WjAzMTEwLwYDVQQD
Eyg2ZThhMDM2ZWEwMzhkMGQ2YTgxYjk1MjcxMWU1MmQ4YTJhN2MzMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kWAhXEYiuoqbBz0eP8ljtGKT/ME
qGsTKOs1ooe0qk+7Bchyrd1OaPqGzJ65oSLb1B8LdIbg8SGA20XxGbga2+wdHzh5
LwYqZCEhUZ8aG9fXbPrpOav1s6q6uKd35o0E95yrMKjUIsyKZ/raJVEDobYAwQvL
AfjLw/JrVMpkX2Hr1hQTPhiVIRwMSiCTABoh8eYW1y0JhsW1o1c/1hLTMtEqgdoF
yfI7vwMtC5H22SXFVaaTSlVve4Sz3FHw8TcUvk8A8jZP2GbiYlsUP1OS2eMMimxV
hVufzxMCNL4qMHzvLMyqPjdQrohAcFKWONX4c1W2Fn2kEJPCVKLFl/LBqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6KA26gONDWqBuVJxHlLYoqfDMuMB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeuYzix7
r/zCmJg1HPHrlOlqG/14l9ljQJzxytsKaFS6IOsYPCcOmjqCQvJ9s6U9jslTbsmF
xcFmrgx3uBlQjaVsxNdePmWCfz22PoqGV7crQ9OgFLfcS6I5zgxnxfkHH+qN6XUk
tkYqR2kk8CBa5XnZhKqCxTnVEVzTpouGA26YzsRWPrK6RDTCiamMznr388TEiFlR
xKhA+Yrz8/gaO/r+tHWKCCyYID9d0/rRF/B+Goj8FxgV4h56iG7jmUeodXV+4/MJ
rCJXMN9wZxwRFNSE/6ajsqKJPQVfW5nO/DEiJ9B902uVnDoTf1WEjuVv8In+vnhi
HpBOLoPn6V/XYA==
-----END CERTIFICATE-----