Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          8QuY3/PXhmlWx62wyrTruYVTHwLLnWGLHo5qBRIdPQ0=
Subject key identifier:   7F:CE:E2:C6:40:82:1F:47:0B:B6:6D:3A:72:8D:79:4A:96:AE:DC:12
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       019A725C6A76C6C98DED71C751616197BD39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          10D0
Signing time:             Tue 11 Nov 2025 10:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:50 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: yWj/B+rzuX1LXlQfLmtkSP9k3YIs9HbWKa26+Kl96Vw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:6a:76:c6:c9:8d:ed:71:c7:51:61:61:97:bd:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Nov 11 10:00:50 2025 GMT
            Not After : Nov 12 10:00:50 2025 GMT
        Subject: CN=7fcee2c640821f470bb66d3a728d794a96aedc12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:76:a8:25:33:ee:d8:ab:6c:5d:9c:32:2f:88:
                    97:35:b8:e3:bc:aa:06:f1:1a:1c:3a:2e:c9:e6:04:
                    b6:3f:bc:7b:04:55:2e:76:54:0e:14:64:3c:62:1f:
                    54:c1:d6:c0:8c:1f:ac:77:42:95:51:ac:35:9d:63:
                    f6:0a:50:a1:6c:5e:6d:4e:6d:f5:7d:fd:67:ad:98:
                    bc:09:dd:dc:8c:82:e0:5d:bf:59:67:80:3c:95:4e:
                    5f:96:e5:dc:b6:f7:b7:0c:f3:9c:36:39:c2:35:be:
                    98:a9:fc:26:92:53:f4:ee:a2:19:a8:67:37:0d:f6:
                    e6:fa:76:a8:86:2e:ab:91:92:bf:8d:5a:3c:6d:8f:
                    c8:ff:2c:14:04:8a:bf:20:bf:66:1e:b3:e4:40:89:
                    18:31:91:fe:1f:b4:f4:ba:e9:ee:63:78:17:85:bf:
                    77:93:76:f4:9a:16:92:c2:80:f4:97:aa:80:3c:8e:
                    32:8a:26:6e:4f:8d:ed:0d:3c:27:99:f5:a9:36:37:
                    10:1b:f7:5f:c4:aa:58:cd:0a:94:f1:2f:a4:d9:04:
                    4f:0a:18:6d:46:4c:8f:91:2e:f6:23:8d:1c:71:68:
                    ca:7e:7c:6a:c7:01:31:ba:71:70:cb:e9:61:7f:0a:
                    3b:00:c7:cb:a3:18:60:5c:06:5a:b5:62:99:e1:64:
                    9f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:CE:E2:C6:40:82:1F:47:0B:B6:6D:3A:72:8D:79:4A:96:AE:DC:12
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ee:7c:55:d5:52:63:7f:f4:88:35:51:94:7c:2c:ea:91:af:
         80:63:a4:93:73:4b:92:16:08:c3:7d:dc:f9:43:20:13:f5:92:
         85:0f:f6:07:37:5a:9d:6a:8c:b4:ee:b4:16:55:2b:81:1e:7b:
         0e:f7:c1:f7:ac:a6:49:85:b8:85:93:9b:e7:97:b6:d7:38:ac:
         3c:af:17:d3:c2:e8:53:64:10:51:15:4a:97:9b:7d:97:12:46:
         7b:94:33:b2:4a:31:66:88:97:e5:22:aa:42:ce:5a:15:dc:55:
         2e:cf:e9:c0:0a:fc:f8:c2:a9:52:22:69:41:e6:9c:af:b6:28:
         75:39:9e:01:ef:98:26:d6:34:6b:15:4f:c2:39:1d:54:84:77:
         d3:73:7f:ea:c4:00:a4:32:11:1d:90:39:04:ff:24:a5:ea:23:
         83:71:ed:83:f2:23:ad:0f:47:91:d0:72:4f:c1:bb:01:8a:3a:
         b1:e3:c3:a0:d3:88:d5:9e:2f:d2:14:92:4b:61:fa:3a:2a:7c:
         c6:05:2a:62:9b:70:37:55:5e:c2:ce:ec:fd:4a:1e:8b:fb:93:
         a3:a3:89:b9:56:5d:99:7e:69:ee:c7:86:e9:d6:ed:9e:d8:19:
         07:29:fc:71:41:b6:26:c6:78:83:d3:44:eb:04:ec:ff:b8:b0:
         e8:16:3d:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGp2xsmN7XHHUWFhl705MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjUxMTExMTAwMDUwWhcNMjUxMTEyMTAwMDUwWjAzMTEwLwYDVQQD
Eyg3ZmNlZTJjNjQwODIxZjQ3MGJiNjZkM2E3MjhkNzk0YTk2YWVkYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3aoJTPu2KtsXZwyL4iXNbjjvKoG
8RocOi7J5gS2P7x7BFUudlQOFGQ8Yh9UwdbAjB+sd0KVUaw1nWP2ClChbF5tTm31
ff1nrZi8Cd3cjILgXb9ZZ4A8lU5fluXctve3DPOcNjnCNb6YqfwmklP07qIZqGc3
Dfbm+naohi6rkZK/jVo8bY/I/ywUBIq/IL9mHrPkQIkYMZH+H7T0uunuY3gXhb93
k3b0mhaSwoD0l6qAPI4yiiZuT43tDTwnmfWpNjcQG/dfxKpYzQqU8S+k2QRPChht
RkyPkS72I40ccWjKfnxqxwExunFwy+lhfwo7AMfLoxhgXAZatWKZ4WSfZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/O4sZAgh9HC7ZtOnKNeUqWrtwSMB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADu58VdVS
Y3/0iDVRlHws6pGvgGOkk3NLkhYIw33c+UMgE/WShQ/2BzdanWqMtO60FlUrgR57
DvfB96ymSYW4hZOb55e21zisPK8X08LoU2QQURVKl5t9lxJGe5QzskoxZoiX5SKq
Qs5aFdxVLs/pwAr8+MKpUiJpQeacr7YodTmeAe+YJtY0axVPwjkdVIR303N/6sQA
pDIRHZA5BP8kpeojg3Htg/IjrQ9HkdByT8G7AYo6sePDoNOI1Z4v0hSSS2H6Oip8
xgUqYptwN1Vews7s/Uoei/uTo6OJuVZdmX5p7seG6dbtntgZByn8cUG2JsZ4g9NE
6wTs/7iw6BY9nA==
-----END CERTIFICATE-----