Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          1jyf0IC55LKmgfsscxi/WZTfXO+cxBIir7yGcMXfPPU=
Subject key identifier:   17:C7:2F:AA:90:A5:A7:52:5F:D3:1D:B5:03:04:4F:96:81:64:93:A5
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       019A71B8B74E7A383DC4FB426E7DCB3649D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          121C
Signing time:             Tue 11 Nov 2025 07:02:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:02 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: nIcMirpOyN74yWNgmbTeQdUOZKKP7fTiZmTKmmBsjlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b7:4e:7a:38:3d:c4:fb:42:6e:7d:cb:36:49:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Nov 11 07:02:02 2025 GMT
            Not After : Nov 12 07:02:02 2025 GMT
        Subject: CN=17c72faa90a5a7525fd31db503044f96816493a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f4:ab:1a:3a:c0:66:75:e4:c2:b3:d7:11:c8:
                    50:e3:9d:b8:7d:06:11:20:67:0b:81:53:5b:c4:09:
                    ef:61:fa:8f:b6:1f:47:57:bf:8f:59:4b:37:fb:8b:
                    53:aa:00:44:df:50:d4:ed:5a:e1:b6:ce:40:12:c3:
                    ab:e6:68:5e:ee:04:59:d8:60:4f:3f:d1:ab:33:35:
                    2d:04:14:38:84:d2:5f:f9:7b:64:de:68:a1:8c:40:
                    52:04:ce:f8:45:56:df:a3:d2:ec:20:ba:43:da:95:
                    4a:94:da:f3:93:a0:a9:10:80:ce:9f:4d:60:0a:b9:
                    ba:17:20:d6:07:71:4e:e5:3d:7b:a2:3f:e5:d9:31:
                    5e:2c:55:ff:2f:be:70:d0:e5:f5:e7:36:f8:f7:ef:
                    33:17:08:56:d5:9f:ea:22:b7:33:af:28:84:d9:13:
                    0f:a4:75:bf:13:0d:5e:28:6c:bf:b2:63:33:b8:50:
                    10:14:9f:a9:c1:c7:c7:3f:b1:1f:32:aa:12:9e:d0:
                    5e:ad:9b:84:dd:2e:da:17:f0:6e:cb:87:a8:3b:ea:
                    aa:ac:d6:19:69:d6:bd:69:d9:c2:3d:4e:65:47:4a:
                    a3:35:6b:a5:14:85:6c:f8:75:b8:c6:2e:97:07:a9:
                    5c:6a:80:9f:89:9c:1e:e8:dc:ca:b6:78:cc:67:14:
                    ef:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C7:2F:AA:90:A5:A7:52:5F:D3:1D:B5:03:04:4F:96:81:64:93:A5
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:0e:19:29:04:9c:a8:e5:b4:6c:df:eb:e9:f2:ce:fc:8f:1b:
         0b:ff:36:dd:da:ce:7d:48:f7:8a:34:bd:f4:15:44:c9:63:e7:
         0a:3e:6d:d4:87:44:f2:d6:14:fc:d1:75:88:58:97:35:73:bf:
         17:37:a7:68:d0:67:c9:81:0e:99:fb:28:56:e7:b5:44:c4:16:
         dd:ad:d9:33:5f:ed:48:78:0e:22:1b:1c:36:e0:a2:dc:1c:cd:
         e2:d0:d9:07:ab:f8:c8:76:20:9f:46:f9:6f:56:30:bf:21:ec:
         b6:0b:9c:71:36:70:ae:0f:e3:ad:7a:f5:b0:fc:d3:b5:ed:39:
         54:09:1e:39:e0:2a:de:1b:50:ae:2a:f5:7c:bd:e9:8b:45:c2:
         05:26:51:1a:e3:f1:3d:0d:b3:19:59:bd:dc:67:19:cb:33:42:
         ff:c0:3e:9f:81:26:a7:2e:e5:63:11:6d:a4:1b:ce:09:c8:6d:
         73:18:2c:a0:d1:d8:27:fb:22:d4:b5:dd:33:32:68:1e:e2:24:
         a6:3e:c0:35:e8:05:fd:1f:f5:a0:c2:92:85:33:e6:2d:77:c4:
         d6:1d:02:a0:a4:18:13:7b:72:58:1c:72:5a:ce:f1:75:a1:68:
         f1:e2:ae:1b:d4:4d:fa:54:54:00:ca:53:57:28:f2:e8:55:d7:
         41:c0:22:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLdOejg9xPtCbn3LNknWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUxMTExMDcwMjAyWhcNMjUxMTEyMDcwMjAyWjAzMTEwLwYDVQQD
EygxN2M3MmZhYTkwYTVhNzUyNWZkMzFkYjUwMzA0NGY5NjgxNjQ5M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPSrGjrAZnXkwrPXEchQ4524fQYR
IGcLgVNbxAnvYfqPth9HV7+PWUs3+4tTqgBE31DU7Vrhts5AEsOr5mhe7gRZ2GBP
P9GrMzUtBBQ4hNJf+Xtk3mihjEBSBM74RVbfo9LsILpD2pVKlNrzk6CpEIDOn01g
Crm6FyDWB3FO5T17oj/l2TFeLFX/L75w0OX15zb49+8zFwhW1Z/qIrczryiE2RMP
pHW/Ew1eKGy/smMzuFAQFJ+pwcfHP7EfMqoSntBerZuE3S7aF/Buy4eoO+qqrNYZ
ada9adnCPU5lR0qjNWulFIVs+HW4xi6XB6lcaoCfiZwe6NzKtnjMZxTvNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfHL6qQpadSX9MdtQMET5aBZJOlMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQ4ZKQSc
qOW0bN/r6fLO/I8bC/823drOfUj3ijS99BVEyWPnCj5t1IdE8tYU/NF1iFiXNXO/
FzenaNBnyYEOmfsoVue1RMQW3a3ZM1/tSHgOIhscNuCi3BzN4tDZB6v4yHYgn0b5
b1YwvyHstguccTZwrg/jrXr1sPzTte05VAkeOeAq3htQrir1fL3pi0XCBSZRGuPx
PQ2zGVm93GcZyzNC/8A+n4Empy7lYxFtpBvOCchtcxgsoNHYJ/si1LXdMzJoHuIk
pj7ANegF/R/1oMKShTPmLXfE1h0CoKQYE3tyWBxyWs7xdaFo8eKuG9RN+lRUAMpT
Vyjy6FXXQcAiUA==
-----END CERTIFICATE-----