Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File:                     YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier:          iVlxzZkNBiPcShKQMt3vDO4KDU7Zpyb70WX2aYGifyc=
Subject key identifier:   E8:5F:21:65:27:03:17:FF:57:EB:F8:7B:DC:91:DD:12:FF:1B:BD:D2
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer:       /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial:       019A71B97C2B1F783B777870E3556473C205
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:52 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:52 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:52 +0000
Files and hashes:         1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: cFHswjI7iPMDETgejRIrBEcWTE3rdckucoaQKpWEDdg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:7c:2b:1f:78:3b:77:78:70:e3:55:64:73:c2:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
        Validity
            Not Before: Nov 11 07:02:52 2025 GMT
            Not After : Nov 12 07:02:52 2025 GMT
        Subject: CN=e85f2165270317ff57ebf87bdc91dd12ff1bbdd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5d:22:ff:b9:07:e5:c4:b4:7d:a0:16:75:02:
                    30:27:b8:83:35:1e:f9:a7:64:81:5c:d3:14:0a:96:
                    72:b8:4d:47:e4:53:ea:29:0a:8c:51:a9:e6:c6:cd:
                    a4:a6:97:e2:4b:1a:6d:11:ca:b1:52:4d:93:c1:b2:
                    e1:64:2c:bd:73:50:35:8d:66:04:17:18:15:64:ef:
                    46:f4:6e:a1:cf:96:f4:75:32:95:a8:bf:4c:da:10:
                    16:cc:87:3e:ef:ff:0e:59:96:15:20:8b:80:f6:81:
                    d2:51:95:5f:10:d2:fa:26:d1:e9:dc:65:e2:6f:c8:
                    0d:c4:66:e8:d7:6f:08:9d:b0:57:fd:a6:d9:d6:2b:
                    3d:5b:27:45:cf:e7:4d:58:b6:7f:2c:46:ae:f2:13:
                    cc:8d:a9:7f:b8:78:d7:4a:6d:9e:d7:12:a6:60:da:
                    0b:ec:69:d8:ef:37:05:35:9d:55:8b:49:fa:ce:da:
                    da:e0:81:83:1f:51:a6:d1:e3:64:11:54:ca:af:2d:
                    47:f0:58:4f:9a:11:d2:8d:3c:d9:6b:26:8f:c1:fc:
                    61:6c:34:8c:9c:6f:96:61:e7:f1:3d:ea:b4:95:9f:
                    87:e3:d8:62:d2:26:15:0d:f6:61:73:a1:29:c9:22:
                    dc:99:39:83:3f:66:c9:f9:d4:df:0b:20:b8:f3:f4:
                    e5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:5F:21:65:27:03:17:FF:57:EB:F8:7B:DC:91:DD:12:FF:1B:BD:D2
            X509v3 Authority Key Identifier:
                keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:00:27:2e:40:1f:95:37:16:f6:c3:69:4f:2d:b8:40:58:2b:
         7c:d2:f2:4a:fd:3b:3b:c7:76:a6:a2:e4:cd:72:11:62:2a:cc:
         f1:43:27:f1:13:67:8f:d7:a0:95:0b:53:54:4f:38:ce:11:53:
         dc:82:b6:2f:f0:f2:fb:b3:5b:7b:c2:22:80:4a:8d:53:d0:22:
         4e:7e:08:51:29:a1:20:47:eb:ba:36:53:ec:50:73:15:9f:ad:
         54:a0:90:14:f0:2f:0e:74:9b:d8:4d:e5:e3:04:4d:c9:04:2d:
         5e:56:73:36:a6:a7:5d:88:35:92:77:4b:ce:6f:53:93:13:49:
         49:02:78:d3:4c:2f:d2:79:7b:4f:30:81:37:bf:c2:5b:d4:d0:
         33:4a:4c:b4:16:cc:c1:4c:c0:f8:86:e7:dd:6c:21:0e:01:9e:
         de:f2:67:47:cc:bc:31:39:d4:cb:a9:7f:a7:be:03:61:85:ea:
         e8:da:e2:41:e0:6f:9d:b6:09:29:b3:fc:89:89:b9:69:2e:d9:
         21:fe:2b:6f:f3:db:16:33:52:80:c9:ca:35:68:3d:02:36:27:
         ee:eb:64:0c:60:7e:8f:f0:3a:3a:46:50:25:42:c0:32:90:0e:
         f7:5c:0d:ba:14:f3:7a:20:73:75:15:f7:ed:ed:9b:26:f8:b3:
         0f:3b:09:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuXwrH3g7d3hw41Vkc8IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjUxMTExMDcwMjUyWhcNMjUxMTEyMDcwMjUyWjAzMTEwLwYDVQQD
EyhlODVmMjE2NTI3MDMxN2ZmNTdlYmY4N2JkYzkxZGQxMmZmMWJiZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF0i/7kH5cS0faAWdQIwJ7iDNR75
p2SBXNMUCpZyuE1H5FPqKQqMUanmxs2kppfiSxptEcqxUk2TwbLhZCy9c1A1jWYE
FxgVZO9G9G6hz5b0dTKVqL9M2hAWzIc+7/8OWZYVIIuA9oHSUZVfENL6JtHp3GXi
b8gNxGbo128InbBX/abZ1is9WydFz+dNWLZ/LEau8hPMjal/uHjXSm2e1xKmYNoL
7GnY7zcFNZ1Vi0n6ztra4IGDH1Gm0eNkEVTKry1H8FhPmhHSjTzZayaPwfxhbDSM
nG+WYefxPeq0lZ+H49hi0iYVDfZhc6EpySLcmTmDP2bJ+dTfCyC48/TlfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhfIWUnAxf/V+v4e9yR3RL/G73SMB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgAnLkAf
lTcW9sNpTy24QFgrfNLySv07O8d2pqLkzXIRYirM8UMn8RNnj9eglQtTVE84zhFT
3IK2L/Dy+7Nbe8IigEqNU9AiTn4IUSmhIEfrujZT7FBzFZ+tVKCQFPAvDnSb2E3l
4wRNyQQtXlZzNqanXYg1kndLzm9TkxNJSQJ400wv0nl7TzCBN7/CW9TQM0pMtBbM
wUzA+Ibn3WwhDgGe3vJnR8y8MTnUy6l/p74DYYXq6NriQeBvnbYJKbP8iYm5aS7Z
If4rb/PbFjNSgMnKNWg9AjYn7utkDGB+j/A6OkZQJULAMpAO91wNuhTzeiBzdRX3
7e2bJvizDzsJgQ==
-----END CERTIFICATE-----