Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
File:                     YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft (raw, json)
Hash identifier:          o+NY/AZUbtUDRcCTzPiq3M0xnJ6IU9UbTFslu5sR0ZI=
Subject key identifier:   AA:42:37:B6:B5:BD:DE:C0:68:D0:7E:A1:02:8E:E8:B5:2B:DB:4F:7B
Authority key identifier: 60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60
Certificate issuer:       /CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
Certificate serial:       019A725CFEAB463968F59E78107ADF1FB818
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 10:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:28 +0000
Files and hashes:         1: YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl (hash: jDNIsKqKQSGjfm9sthRRUNKBPp/770JD6HV7dARb040=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:fe:ab:46:39:68:f5:9e:78:10:7a:df:1f:b8:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
        Validity
            Not Before: Nov 11 10:01:28 2025 GMT
            Not After : Nov 12 10:01:28 2025 GMT
        Subject: CN=aa4237b6b5bddec068d07ea1028ee8b52bdb4f7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5b:d0:8f:fd:f1:2f:1c:e2:2d:f6:83:2e:f9:
                    a8:4d:79:e4:a4:35:81:74:05:ea:00:6d:01:69:8b:
                    14:6c:54:7f:2f:b9:6b:09:33:ac:d1:c4:fc:9d:a8:
                    ec:e9:dc:6d:55:db:bd:19:e5:8c:c6:e6:2c:73:5f:
                    99:14:3a:9e:cf:db:26:29:d9:3f:9a:84:a4:4e:50:
                    a4:01:17:0d:6c:d1:a4:4d:3e:0f:94:6c:d8:a1:47:
                    37:79:73:58:ba:05:cf:5b:e0:47:3f:ae:ce:09:0b:
                    1e:56:8d:ee:cf:da:9f:60:79:84:b4:c1:82:5a:ea:
                    74:2f:32:e1:2f:6e:3d:12:e5:e6:fb:44:20:28:62:
                    c9:f6:fe:b9:eb:6c:4a:63:ca:de:b0:28:43:01:7c:
                    20:55:d7:0b:df:2a:f3:67:69:69:b9:fb:27:5d:22:
                    8f:72:7a:48:ba:39:1e:e8:fd:12:b6:6f:41:65:3f:
                    94:05:b8:2e:9f:b9:8e:ec:b3:d4:4c:04:ac:b4:79:
                    1b:34:8f:af:1e:57:bd:72:f4:d7:54:c8:31:2a:88:
                    96:d7:c8:d5:8b:e4:58:d1:5e:30:af:81:b0:c5:85:
                    ab:81:d0:21:93:85:b2:40:86:64:f9:68:f3:3b:48:
                    90:39:cb:3a:e5:6e:51:a4:49:ad:6b:b4:a9:8c:d1:
                    aa:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:42:37:B6:B5:BD:DE:C0:68:D0:7E:A1:02:8E:E8:B5:2B:DB:4F:7B
            X509v3 Authority Key Identifier:
                keyid:60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:7f:d2:46:62:63:5a:2a:cc:3a:82:9a:d5:d3:b1:e5:8e:d4:
         aa:bb:5d:2c:48:e2:cb:ad:a9:bd:ac:97:95:93:4a:93:fa:08:
         15:6e:14:80:5c:2c:d2:47:0d:cc:2d:3b:cb:81:c4:0e:b5:7d:
         98:eb:54:67:7a:aa:96:6e:22:33:9d:d3:ec:61:7e:66:a5:4d:
         db:bd:7e:af:d3:5d:08:da:f2:48:84:63:d3:52:8a:49:58:f7:
         89:3e:78:f1:70:a6:c9:32:85:f0:98:35:db:c9:91:c7:e6:eb:
         8f:0c:99:1d:b9:aa:0f:82:89:29:b1:a0:9d:88:8a:7f:4c:ab:
         24:c1:4d:86:9c:0a:78:67:6e:b3:f5:53:8f:92:22:f0:25:35:
         ca:b9:1e:ee:32:38:5c:e0:47:8e:b8:cb:40:24:15:7e:5a:2b:
         d1:cd:e9:e5:89:ea:8a:47:9e:bc:ea:84:11:17:f0:78:6d:40:
         41:5a:11:02:fe:90:81:ca:25:cb:f4:52:e7:ee:42:a8:a9:21:
         e9:74:a8:87:ef:44:56:7c:60:28:78:ac:b9:31:f2:c7:87:d1:
         43:41:8d:6b:cc:15:29:40:95:38:05:46:7d:61:c5:c6:e7:56:
         1a:9b:c0:b5:97:f1:13:83:64:2c:a4:9c:b1:e7:78:ce:c3:9b:
         5b:63:9d:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXP6rRjlo9Z54EHrfH7gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWUwYWFlOTNlYjA1ZmY1ZDQyZGQ3MDE2ZjVkZWEzODFm
Yjg2NjAwHhcNMjUxMTExMTAwMTI4WhcNMjUxMTEyMTAwMTI4WjAzMTEwLwYDVQQD
EyhhYTQyMzdiNmI1YmRkZWMwNjhkMDdlYTEwMjhlZThiNTJiZGI0ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlvQj/3xLxziLfaDLvmoTXnkpDWB
dAXqAG0BaYsUbFR/L7lrCTOs0cT8najs6dxtVdu9GeWMxuYsc1+ZFDqez9smKdk/
moSkTlCkARcNbNGkTT4PlGzYoUc3eXNYugXPW+BHP67OCQseVo3uz9qfYHmEtMGC
Wup0LzLhL249EuXm+0QgKGLJ9v6562xKY8resChDAXwgVdcL3yrzZ2lpufsnXSKP
cnpIujke6P0Stm9BZT+UBbgun7mO7LPUTASstHkbNI+vHle9cvTXVMgxKoiW18jV
i+RY0V4wr4GwxYWrgdAhk4WyQIZk+WjzO0iQOcs65W5RpEmta7SpjNGqVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpCN7a1vd7AaNB+oQKO6LUr2097MB8GA1UdIwQY
MBaAFGAeCq6T6wX/XULdcBb13qOB+4ZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQt
ZjlmNjAxYzA2ODZlLzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQtZjlmNjAxYzA2ODZl
LzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb3/SRmJj
WirMOoKa1dOx5Y7UqrtdLEjiy62pvayXlZNKk/oIFW4UgFws0kcNzC07y4HEDrV9
mOtUZ3qqlm4iM53T7GF+ZqVN271+r9NdCNrySIRj01KKSVj3iT548XCmyTKF8Jg1
28mRx+brjwyZHbmqD4KJKbGgnYiKf0yrJMFNhpwKeGdus/VTj5Ii8CU1yrke7jI4
XOBHjrjLQCQVflor0c3p5YnqikeevOqEERfweG1AQVoRAv6Qgcoly/RS5+5CqKkh
6XSoh+9EVnxgKHisuTHyx4fRQ0GNa8wVKUCVOAVGfWHFxudWGpvAtZfxE4NkLKSc
sed4zsObW2OdEQ==
-----END CERTIFICATE-----