Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          9w+FeKcwbCwGKETpyoz3NTksMsuJ+51rcdqpLz7fmT0=
Subject key identifier:   26:94:FF:85:BA:05:23:BC:98:8E:41:A3:58:C0:45:01:3E:DF:E4:CB
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       019A725CC5428B98450719C7D31753509B37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 10:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:13 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: 2v8sDVyxuhv81hB5QRSqBnp4/5JNNotz+NdQXMvuvIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:c5:42:8b:98:45:07:19:c7:d3:17:53:50:9b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Nov 11 10:01:13 2025 GMT
            Not After : Nov 12 10:01:13 2025 GMT
        Subject: CN=2694ff85ba0523bc988e41a358c045013edfe4cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:cc:c1:80:ac:69:0b:ef:bf:fc:42:18:9a:e4:
                    a3:f8:14:96:5e:82:d4:8b:8f:b3:ae:42:10:da:47:
                    e7:ec:6d:9b:de:fe:00:af:2f:4e:ec:5e:2e:3f:6b:
                    6e:52:57:3b:b6:80:e6:01:6e:78:4e:74:b2:74:02:
                    6b:04:fb:5e:2d:77:6c:cf:a2:1d:74:91:ca:ae:43:
                    b2:4d:33:d4:1c:80:0e:cf:08:9a:a2:07:2f:e9:ef:
                    7e:4c:65:2f:04:b9:d6:22:d9:46:e1:e7:52:f5:d5:
                    86:f8:d2:9c:49:76:29:bb:a1:6a:4e:49:ee:a3:ee:
                    ea:d8:da:16:47:ab:c3:4a:b2:b8:62:a8:8a:2b:40:
                    b4:6c:b9:41:bb:01:30:ae:4a:66:cc:a6:f9:18:08:
                    13:5a:65:b9:9f:43:da:79:2d:f7:51:ab:81:bc:ca:
                    2b:9f:18:cd:d8:2d:59:58:c0:7e:76:dd:37:45:d8:
                    cd:7d:60:ed:2f:00:6c:0c:36:d8:78:f6:b8:e1:39:
                    20:8b:c5:bc:eb:ef:81:d5:a7:b1:4b:18:87:38:c3:
                    16:91:6e:5f:9e:46:94:f4:1e:5c:11:c2:6e:c7:b0:
                    01:8d:9a:3d:cc:cd:2f:a2:49:f4:f6:d1:91:5e:a0:
                    e6:7b:ec:0f:70:69:77:e8:0b:2c:f2:1c:ef:48:eb:
                    28:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:94:FF:85:BA:05:23:BC:98:8E:41:A3:58:C0:45:01:3E:DF:E4:CB
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:b5:38:17:60:dd:e9:b9:2e:cd:b4:4e:59:e5:ca:53:6f:b7:
         5b:54:fe:68:32:89:0e:15:bc:15:f4:63:fd:11:9f:19:82:a6:
         cc:75:e7:cb:e9:93:60:9f:65:23:92:5a:66:49:55:6a:1b:1b:
         7e:41:c3:56:43:7c:89:f7:b0:0c:f9:3b:ca:ec:ad:13:21:90:
         63:d6:0b:60:9b:be:3b:91:c8:f7:1c:a6:12:ea:96:69:c4:15:
         75:10:09:75:20:b6:88:f4:67:e1:c2:cc:a8:30:75:3d:fd:e7:
         d7:ef:a6:ca:09:30:03:28:88:aa:80:13:59:9c:4e:e4:6d:60:
         4e:98:9b:be:b4:58:54:c7:13:a2:1c:28:ca:c0:a9:15:f6:e8:
         cd:03:81:db:e5:6e:a8:8c:90:37:a6:e8:d0:d3:bd:a4:86:4c:
         2c:0c:b9:93:e4:ce:c0:98:b5:9a:2d:aa:00:b5:f1:d2:03:9c:
         96:c8:b7:37:ff:5d:09:04:20:32:7b:78:8e:8c:e6:2b:e8:8d:
         a1:a1:b1:73:f0:34:56:f9:71:8e:b6:b1:8b:c2:e4:55:ee:89:
         64:bd:32:66:14:d4:ba:64:70:09:13:04:80:de:cf:6b:4d:07:
         ab:ed:91:be:d9:33:2a:46:ef:bd:1e:db:cd:0c:3a:16:db:3d:
         18:b0:d9:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMVCi5hFBxnH0xdTUJs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUxMTExMTAwMTEzWhcNMjUxMTEyMTAwMTEzWjAzMTEwLwYDVQQD
EygyNjk0ZmY4NWJhMDUyM2JjOTg4ZTQxYTM1OGMwNDUwMTNlZGZlNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyczBgKxpC++//EIYmuSj+BSWXoLU
i4+zrkIQ2kfn7G2b3v4Ary9O7F4uP2tuUlc7toDmAW54TnSydAJrBPteLXdsz6Id
dJHKrkOyTTPUHIAOzwiaogcv6e9+TGUvBLnWItlG4edS9dWG+NKcSXYpu6FqTknu
o+7q2NoWR6vDSrK4YqiKK0C0bLlBuwEwrkpmzKb5GAgTWmW5n0PaeS33UauBvMor
nxjN2C1ZWMB+dt03RdjNfWDtLwBsDDbYePa44Tkgi8W86++B1aexSxiHOMMWkW5f
nkaU9B5cEcJux7ABjZo9zM0vokn09tGRXqDme+wPcGl36Ass8hzvSOsoyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCaU/4W6BSO8mI5Bo1jARQE+3+TLMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7U4F2Dd
6bkuzbROWeXKU2+3W1T+aDKJDhW8FfRj/RGfGYKmzHXny+mTYJ9lI5JaZklVahsb
fkHDVkN8ifewDPk7yuytEyGQY9YLYJu+O5HI9xymEuqWacQVdRAJdSC2iPRn4cLM
qDB1Pf3n1++mygkwAyiIqoATWZxO5G1gTpibvrRYVMcTohwoysCpFfbozQOB2+Vu
qIyQN6bo0NO9pIZMLAy5k+TOwJi1mi2qALXx0gOclsi3N/9dCQQgMnt4jozmK+iN
oaGxc/A0Vvlxjraxi8LkVe6JZL0yZhTUumRwCRMEgN7Pa00Hq+2RvtkzKkbvvR7b
zQw6Fts9GLDZPA==
-----END CERTIFICATE-----