Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          KinWYafRZKqlxTPBOkghSIMHEUl8zsABDkspTvSzbVc=
Subject key identifier:   FE:67:3D:C4:6E:74:E8:26:C8:86:79:18:D9:8F:75:B9:2E:03:8F:E2
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       019A71B88AEE9D0D3C925DE45574EEC8A786
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:01:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:50 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: 38K/dW0uheTuPd4QiR8SnPHkM43MDZSgi4+MfSWGFcI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8a:ee:9d:0d:3c:92:5d:e4:55:74:ee:c8:a7:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Nov 11 07:01:50 2025 GMT
            Not After : Nov 12 07:01:50 2025 GMT
        Subject: CN=fe673dc46e74e826c8867918d98f75b92e038fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e1:1b:57:20:f5:96:75:01:b6:fc:07:39:6f:
                    4d:a4:9b:16:30:9c:d8:ae:e3:44:e4:62:7f:a8:23:
                    4a:22:5a:85:51:97:44:e5:96:70:c1:90:48:e1:d2:
                    7a:44:e2:d7:25:0f:fc:d8:e7:04:8a:ae:3a:9f:91:
                    cc:3d:69:c7:7c:cf:4b:30:a0:d4:9e:6e:3e:c0:ac:
                    24:27:49:c6:79:7c:ee:1b:a1:58:96:5c:85:80:3f:
                    69:57:02:cb:86:a2:b1:3d:c3:40:24:b4:b2:fa:e3:
                    6b:a5:4d:5e:8c:e4:bf:96:96:61:3d:00:89:f5:0e:
                    2e:f0:2e:36:be:bc:a5:0a:64:dc:91:28:4d:7f:d0:
                    12:09:f2:2b:d5:f9:c7:74:9a:6a:7f:c9:7c:d4:2c:
                    df:59:f0:48:80:fb:33:8b:02:58:b4:f4:89:11:79:
                    5d:f8:73:43:5d:cf:83:79:54:19:d5:1a:a0:34:03:
                    89:49:1a:c9:a3:de:93:6b:a9:ec:a3:d4:15:f5:40:
                    34:64:6a:47:8e:93:d8:5f:f2:81:f2:77:cf:a3:b6:
                    2f:9b:53:1d:41:f0:fd:39:5c:3a:bb:62:85:83:33:
                    34:e6:08:aa:2b:fc:cf:aa:ff:39:8a:73:04:e0:b3:
                    31:08:56:5c:bd:6b:b5:04:66:a8:f0:d6:c8:60:c2:
                    60:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:67:3D:C4:6E:74:E8:26:C8:86:79:18:D9:8F:75:B9:2E:03:8F:E2
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:70:0b:f2:e0:16:8b:49:d1:48:18:17:5d:6d:eb:c5:e0:7a:
         65:51:36:e2:61:38:50:d3:42:dd:72:20:75:78:89:83:c5:c4:
         50:b1:ce:46:d0:39:3f:be:6e:2c:ef:e6:a7:46:03:2d:68:90:
         6d:54:dd:1e:c4:db:73:73:57:86:31:9d:10:2a:94:76:03:59:
         3f:be:01:fd:e5:0a:b8:60:ba:38:df:d2:f3:a1:ed:bc:c9:58:
         85:bf:df:7a:af:ed:39:a5:1c:85:f5:80:c9:1e:c4:99:f1:cb:
         48:91:8d:03:22:45:e0:97:1e:50:3b:85:d7:dd:1d:19:9f:27:
         89:b5:44:07:00:0e:6e:ba:90:57:c5:f9:1c:16:a1:67:bb:c1:
         fa:22:ef:c1:fa:18:8e:0d:fa:ff:72:eb:27:b5:29:3c:23:d6:
         56:89:60:9d:07:c8:0f:55:0f:85:0a:00:c6:37:81:9b:ff:26:
         06:5a:cd:a9:ca:d6:75:b5:48:eb:11:7f:e1:15:7e:a0:44:fc:
         78:73:05:90:0c:2d:27:a5:42:21:ba:63:31:03:47:23:79:fb:
         9e:2e:b1:90:f6:71:89:36:8a:c4:f3:2a:5d:f9:c4:2d:56:c5:
         6c:e5:02:91:fd:eb:ed:c6:c0:fe:38:5a:fc:c3:a9:4f:0c:f2:
         2c:aa:9a:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIrunQ08kl3kVXTuyKeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUxMTExMDcwMTUwWhcNMjUxMTEyMDcwMTUwWjAzMTEwLwYDVQQD
EyhmZTY3M2RjNDZlNzRlODI2Yzg4Njc5MThkOThmNzViOTJlMDM4ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneEbVyD1lnUBtvwHOW9NpJsWMJzY
ruNE5GJ/qCNKIlqFUZdE5ZZwwZBI4dJ6ROLXJQ/82OcEiq46n5HMPWnHfM9LMKDU
nm4+wKwkJ0nGeXzuG6FYllyFgD9pVwLLhqKxPcNAJLSy+uNrpU1ejOS/lpZhPQCJ
9Q4u8C42vrylCmTckShNf9ASCfIr1fnHdJpqf8l81CzfWfBIgPsziwJYtPSJEXld
+HNDXc+DeVQZ1RqgNAOJSRrJo96Ta6nso9QV9UA0ZGpHjpPYX/KB8nfPo7Yvm1Md
QfD9OVw6u2KFgzM05giqK/zPqv85inME4LMxCFZcvWu1BGao8NbIYMJgQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5nPcRudOgmyIZ5GNmPdbkuA4/iMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHAL8uAW
i0nRSBgXXW3rxeB6ZVE24mE4UNNC3XIgdXiJg8XEULHORtA5P75uLO/mp0YDLWiQ
bVTdHsTbc3NXhjGdECqUdgNZP74B/eUKuGC6ON/S86HtvMlYhb/feq/tOaUchfWA
yR7EmfHLSJGNAyJF4JceUDuF190dGZ8nibVEBwAObrqQV8X5HBahZ7vB+iLvwfoY
jg36/3LrJ7UpPCPWVolgnQfID1UPhQoAxjeBm/8mBlrNqcrWdbVI6xF/4RV+oET8
eHMFkAwtJ6VCIbpjMQNHI3n7ni6xkPZxiTaKxPMqXfnELVbFbOUCkf3r7cbA/jha
/MOpTwzyLKqaQw==
-----END CERTIFICATE-----