Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
File:                     Yefv0ZrydUeUJswZJcW8Ls7ums4.mft (raw, json)
Hash identifier:          ND1vyrV9kvS08IXWB4n9kSCE3Ir3KvuPsjLekJlz3CM=
Subject key identifier:   2D:3E:3F:60:19:50:B9:E3:93:41:D9:04:B6:3B:EA:0F:4E:B7:DB:5B
Authority key identifier: 61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE
Certificate issuer:       /CN=61e7efd19af275479426cc1925c5bc2eceee9ace
Certificate serial:       019A7112F006C08BC92CC7FC4F83497AF1F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
Manifest number:          1630
Signing time:             Tue 11 Nov 2025 04:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:57 +0000
Files and hashes:         1: Yefv0ZrydUeUJswZJcW8Ls7ums4.crl (hash: +/Bt7Uje1NhmkIOoW3Eu55p1PcqEGeRS0QI0c1j9nlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:f0:06:c0:8b:c9:2c:c7:fc:4f:83:49:7a:f1:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61e7efd19af275479426cc1925c5bc2eceee9ace
        Validity
            Not Before: Nov 11 04:00:57 2025 GMT
            Not After : Nov 12 04:00:57 2025 GMT
        Subject: CN=2d3e3f601950b9e39341d904b63bea0f4eb7db5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f1:6f:29:85:e5:26:34:d4:7c:4e:dc:57:0a:
                    25:30:30:e8:c5:5c:82:fa:6d:60:11:c2:87:2e:76:
                    03:e7:ee:a3:cd:0b:b7:c5:c2:58:60:ff:5a:7c:ad:
                    48:04:9a:4d:f1:c7:a8:21:f7:95:12:78:8b:8e:ae:
                    f3:94:c1:09:8a:4a:c1:18:14:8a:dd:88:ab:86:45:
                    22:d6:b8:97:91:50:bf:9c:42:66:ae:ce:5d:b7:92:
                    41:71:e8:0b:c1:39:5c:21:37:fa:01:90:9c:89:0f:
                    5d:f3:c9:42:20:db:30:cd:7e:06:b2:50:09:c1:d9:
                    fc:6b:ec:e7:f8:15:fd:8e:f9:b5:46:8d:1c:f3:11:
                    d3:eb:f1:e2:7f:58:f0:80:8f:b4:ba:fa:2a:cd:3d:
                    1e:46:8e:33:24:50:87:78:ad:2c:35:17:8b:17:3c:
                    7b:55:bd:30:a6:d3:42:dd:31:22:a3:0a:cf:c4:38:
                    c9:10:58:cd:c9:92:1b:e0:de:a8:8c:7a:4e:16:76:
                    be:6c:78:2f:86:36:4f:a3:64:2b:e2:92:a4:92:39:
                    2d:e2:75:53:ca:a8:31:af:16:f3:6d:1f:7d:f9:d7:
                    38:ae:d3:9d:0f:6a:27:2d:de:d4:6a:1f:a6:8e:88:
                    12:b3:0d:c3:df:28:a4:31:42:92:17:40:81:db:6d:
                    a3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:3E:3F:60:19:50:B9:E3:93:41:D9:04:B6:3B:EA:0F:4E:B7:DB:5B
            X509v3 Authority Key Identifier:
                keyid:61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:2d:f9:16:80:fd:58:75:9c:6d:bb:b9:9d:4c:46:b9:fc:57:
         11:f9:88:48:9e:ca:41:ce:c2:74:70:f1:09:b0:4f:0d:b2:9a:
         38:3a:2a:14:74:70:f4:16:04:cc:f0:9d:ab:db:87:6e:81:4b:
         4a:cd:24:61:a2:27:63:08:1d:e4:5d:48:90:fb:79:c8:73:de:
         bb:7c:aa:ca:e9:ae:aa:de:6f:39:72:2d:6d:ec:3a:f8:f7:34:
         7a:6b:0a:21:23:e6:10:b6:6d:f2:69:01:a5:6a:57:71:d0:ac:
         2d:32:76:49:bc:93:e1:ee:10:ce:a6:75:93:40:92:57:46:b5:
         cc:10:22:4f:40:3b:88:6d:cf:e8:dd:ed:c0:76:39:7f:17:69:
         c5:63:33:db:f2:52:0e:9e:35:8f:c6:14:85:a6:fe:32:e7:30:
         82:b5:d2:78:b3:6e:09:d9:3d:66:25:ad:e5:2b:7f:3f:02:73:
         b0:0c:81:8b:2c:3c:b6:a6:37:62:a1:67:84:ec:63:e8:3a:ff:
         99:06:31:92:76:0e:b0:2d:bf:99:bb:58:69:ce:f7:7d:51:d9:
         c9:f6:0f:e5:aa:41:9a:c6:eb:f7:bb:fa:9e:88:82:3e:06:40:
         01:f6:f8:02:f5:6f:42:fe:b2:e2:69:5e:78:31:2f:df:83:e9:
         30:b2:3a:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvAGwIvJLMf8T4NJevHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTdlZmQxOWFmMjc1NDc5NDI2Y2MxOTI1YzViYzJlY2Vl
ZTlhY2UwHhcNMjUxMTExMDQwMDU3WhcNMjUxMTEyMDQwMDU3WjAzMTEwLwYDVQQD
EygyZDNlM2Y2MDE5NTBiOWUzOTM0MWQ5MDRiNjNiZWEwZjRlYjdkYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/FvKYXlJjTUfE7cVwolMDDoxVyC
+m1gEcKHLnYD5+6jzQu3xcJYYP9afK1IBJpN8ceoIfeVEniLjq7zlMEJikrBGBSK
3YirhkUi1riXkVC/nEJmrs5dt5JBcegLwTlcITf6AZCciQ9d88lCINswzX4GslAJ
wdn8a+zn+BX9jvm1Ro0c8xHT6/Hif1jwgI+0uvoqzT0eRo4zJFCHeK0sNReLFzx7
Vb0wptNC3TEiowrPxDjJEFjNyZIb4N6ojHpOFna+bHgvhjZPo2Qr4pKkkjkt4nVT
yqgxrxbzbR99+dc4rtOdD2onLd7Uah+mjogSsw3D3yikMUKSF0CB222jWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0+P2AZULnjk0HZBLY76g9Ot9tbMB8GA1UdIwQY
MBaAFGHn79Ga8nVHlCbMGSXFvC7O7prOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2Yt
MDg3NDBkZjg3MTA2LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2YtMDg3NDBkZjg3MTA2
LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOy35FoD9
WHWcbbu5nUxGufxXEfmISJ7KQc7CdHDxCbBPDbKaODoqFHRw9BYEzPCdq9uHboFL
Ss0kYaInYwgd5F1IkPt5yHPeu3yqyumuqt5vOXItbew6+Pc0emsKISPmELZt8mkB
pWpXcdCsLTJ2SbyT4e4QzqZ1k0CSV0a1zBAiT0A7iG3P6N3twHY5fxdpxWMz2/JS
Dp41j8YUhab+MucwgrXSeLNuCdk9ZiWt5St/PwJzsAyBiyw8tqY3YqFnhOxj6Dr/
mQYxknYOsC2/mbtYac73fVHZyfYP5apBmsbr97v6noiCPgZAAfb4AvVvQv6y4mle
eDEv34PpMLI6gw==
-----END CERTIFICATE-----