Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          jt/gTjZ7tB97f7zGf/TDcajWaXFOt/xyIF38w5+EzrU=
Subject key identifier:   A2:2D:04:81:1D:E3:D1:29:4D:95:AF:AB:A8:C8:26:96:3D:8D:F8:1D
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019A71B79A4B2AD362A26D2425308D22F667
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:49 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: CSSBHa4ka8PTelFgLPX2GcKtWprTY9YzcUPwT5rxLwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:9a:4b:2a:d3:62:a2:6d:24:25:30:8d:22:f6:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Nov 11 07:00:49 2025 GMT
            Not After : Nov 12 07:00:49 2025 GMT
        Subject: CN=a22d04811de3d1294d95afaba8c826963d8df81d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:05:cb:ea:de:3b:76:87:33:9a:81:8c:7f:4c:
                    9b:92:39:8a:07:e4:7d:2f:0b:6b:02:9b:df:e9:5a:
                    98:f5:67:8d:18:81:ee:0d:0b:f3:20:7e:55:72:b1:
                    40:2b:d1:89:35:1e:eb:4f:61:cc:40:36:2b:cb:02:
                    01:d2:0b:95:17:2b:6b:f3:9e:10:db:c4:3d:67:35:
                    80:60:ac:53:25:6a:c4:1c:07:61:16:56:fe:a4:cc:
                    20:90:9b:e9:9b:3a:17:94:50:45:3a:19:86:0e:ad:
                    d8:c2:72:63:76:ce:88:9c:be:fe:d5:d9:73:6d:d3:
                    47:24:8a:5e:c8:2b:65:ca:18:78:13:74:00:ba:45:
                    58:80:82:5a:77:41:2c:72:78:c3:3c:6c:b2:2c:59:
                    00:67:9c:67:2b:95:e4:a0:b5:d6:04:f7:e9:20:5b:
                    89:21:e0:11:f3:6f:ce:fd:ae:15:04:3c:d6:cb:e6:
                    ab:a9:25:18:f5:a2:33:ba:c7:ba:59:ca:66:00:21:
                    a5:a5:b6:08:82:22:8f:94:71:0f:5c:37:65:e3:da:
                    fd:c8:45:96:1e:3b:ab:9f:b8:db:fa:61:44:16:f5:
                    be:25:25:82:92:9d:96:f7:85:76:1c:c2:aa:20:4a:
                    84:17:7f:6e:99:b0:21:79:42:8e:da:ed:92:7a:76:
                    89:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:2D:04:81:1D:E3:D1:29:4D:95:AF:AB:A8:C8:26:96:3D:8D:F8:1D
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:5a:d1:72:1f:78:70:4e:8c:27:bf:b9:8c:f2:3e:51:93:95:
         0c:64:6c:91:fa:be:0a:e0:fd:6e:bf:fa:bb:f6:8d:41:ae:fd:
         9b:e2:dd:6b:2f:a9:b7:f4:ff:e4:7c:bf:49:27:ed:2e:9d:7e:
         01:69:ea:16:f5:8f:fa:f9:72:96:ee:e4:f6:fd:7a:3e:5b:65:
         16:9b:78:72:1b:0d:17:20:d0:cc:40:16:f7:20:36:3d:4c:34:
         1e:21:37:8e:75:6c:d4:a9:91:25:df:bc:07:5b:22:ec:9b:5e:
         5a:aa:d2:74:84:33:90:ab:b6:71:9a:61:43:cc:48:d1:17:d0:
         6e:3b:67:57:11:89:f4:e1:40:3c:df:27:11:fe:ae:3a:98:a4:
         d9:fc:5f:d1:0b:85:45:a9:17:07:d3:c7:65:03:14:d7:8c:9e:
         a0:bd:2f:1a:93:fd:2d:d7:0e:72:d5:b8:40:36:3e:1c:6a:2f:
         73:d0:a0:c3:62:ab:ca:57:99:82:ff:a0:99:4c:28:a5:00:de:
         0c:a4:ba:b5:1d:71:35:b5:fe:1a:0d:4c:c3:5b:5a:23:51:4f:
         e6:d4:ae:e7:11:8c:62:71:0d:11:2d:eb:45:7a:1a:9e:ad:63:
         e1:ee:2c:23:87:4c:6e:10:ab:0e:10:d1:46:69:a8:a6:db:74:
         04:60:f6:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5pLKtNiom0kJTCNIvZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUxMTExMDcwMDQ5WhcNMjUxMTEyMDcwMDQ5WjAzMTEwLwYDVQQD
EyhhMjJkMDQ4MTFkZTNkMTI5NGQ5NWFmYWJhOGM4MjY5NjNkOGRmODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAXL6t47doczmoGMf0ybkjmKB+R9
LwtrApvf6VqY9WeNGIHuDQvzIH5VcrFAK9GJNR7rT2HMQDYrywIB0guVFytr854Q
28Q9ZzWAYKxTJWrEHAdhFlb+pMwgkJvpmzoXlFBFOhmGDq3YwnJjds6InL7+1dlz
bdNHJIpeyCtlyhh4E3QAukVYgIJad0EscnjDPGyyLFkAZ5xnK5XkoLXWBPfpIFuJ
IeAR82/O/a4VBDzWy+arqSUY9aIzuse6WcpmACGlpbYIgiKPlHEPXDdl49r9yEWW
Hjurn7jb+mFEFvW+JSWCkp2W94V2HMKqIEqEF39umbAheUKO2u2SenaJAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKItBIEd49EpTZWvq6jIJpY9jfgdMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1rRch94
cE6MJ7+5jPI+UZOVDGRskfq+CuD9br/6u/aNQa79m+Lday+pt/T/5Hy/SSftLp1+
AWnqFvWP+vlylu7k9v16PltlFpt4chsNFyDQzEAW9yA2PUw0HiE3jnVs1KmRJd+8
B1si7JteWqrSdIQzkKu2cZphQ8xI0RfQbjtnVxGJ9OFAPN8nEf6uOpik2fxf0QuF
RakXB9PHZQMU14yeoL0vGpP9LdcOctW4QDY+HGovc9Cgw2KryleZgv+gmUwopQDe
DKS6tR1xNbX+Gg1Mw1taI1FP5tSu5xGMYnENES3rRXoanq1j4e4sI4dMbhCrDhDR
Rmmoptt0BGD2Sw==
-----END CERTIFICATE-----