Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          Qu96rK8LqVW9rszI4GA5ZnkFWHksdzKT1ktmhU/BOc0=
Subject key identifier:   5F:9B:76:BE:22:5A:AA:DF:D8:9B:67:42:B7:72:8A:06:70:DA:77:4A
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019A70A52E4B3289F473A36763797863EE40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 02:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:04 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: noHbijrtwWyl9mqibMvt+vQ5S8B7nWCsaMFcmL2rM9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:2e:4b:32:89:f4:73:a3:67:63:79:78:63:ee:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Nov 11 02:01:04 2025 GMT
            Not After : Nov 12 02:01:04 2025 GMT
        Subject: CN=5f9b76be225aaadfd89b6742b7728a0670da774a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:24:4a:32:92:71:a7:a9:9c:91:a6:02:59:f2:
                    07:75:d4:af:4c:58:71:71:c3:0c:bb:7c:a6:fd:28:
                    c4:77:d5:5d:87:21:0e:1a:46:43:02:ce:b1:f2:6e:
                    f4:16:a0:56:02:f4:f5:15:71:c1:c0:4a:91:56:c4:
                    c6:4f:60:61:6a:15:7c:ac:36:96:f9:ad:4b:b5:b2:
                    d7:5b:e9:cd:64:a1:9c:d1:42:73:d1:e2:26:53:e6:
                    0e:47:9e:60:c3:4b:4a:b1:5d:1b:b3:c5:6e:b8:89:
                    90:1f:15:1e:1a:b1:43:7f:a7:c1:a8:8c:90:ce:d6:
                    dc:41:7e:16:eb:d1:7c:74:e6:13:61:de:04:b6:a8:
                    73:a0:9f:12:9c:2d:a0:ad:32:81:3f:eb:b8:9e:7d:
                    27:0c:2d:0c:ac:d1:0b:da:62:27:15:d8:1f:0a:a0:
                    e3:91:80:1c:01:ad:7d:8d:a6:57:5e:93:29:6b:fe:
                    c4:d3:7c:05:cb:3b:8c:b5:c1:c7:0c:1d:46:d2:c4:
                    bb:9e:ce:93:7d:de:d7:5e:54:55:14:7c:2e:05:32:
                    85:30:09:b8:3b:9b:60:b6:20:b6:bf:b2:93:76:4c:
                    c6:e7:db:c0:f3:b2:10:e1:48:02:5b:9c:08:74:e8:
                    b6:3d:2d:c2:17:6a:93:54:d2:eb:8b:08:b5:3f:b6:
                    d3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:9B:76:BE:22:5A:AA:DF:D8:9B:67:42:B7:72:8A:06:70:DA:77:4A
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:09:38:98:9f:4b:4f:58:79:b7:66:c8:43:b1:5c:f0:25:51:
         62:c8:4c:65:07:17:8e:45:70:8d:f8:ad:63:82:b3:25:37:a0:
         99:fc:9e:61:61:75:bb:7c:f3:70:4a:cf:09:c6:9f:63:61:53:
         ce:eb:35:e2:4e:21:fb:81:8d:42:87:b2:93:34:b4:52:69:60:
         b7:e3:8e:81:8e:ed:6f:5f:27:70:97:67:87:5b:e2:db:c8:b8:
         e2:4d:b3:21:b6:90:23:80:0a:eb:82:1a:12:0f:fd:2f:57:43:
         09:ad:d7:95:51:d9:00:57:d0:2f:83:13:5a:6a:26:56:7f:45:
         81:5e:ad:e9:35:39:f8:d3:58:e6:98:3c:4c:3c:e7:9f:19:36:
         ef:01:16:d9:b4:90:c8:1e:36:66:8e:09:da:7f:59:5b:1f:f6:
         7f:35:88:9e:bd:ac:34:91:79:63:e3:f6:95:be:3c:20:ec:5d:
         ed:90:11:07:72:36:10:2f:91:02:4f:c0:ac:85:a1:25:5e:c9:
         dc:c0:c8:54:a3:be:fc:30:0f:97:a4:d3:41:23:60:44:4c:b4:
         bc:ea:c2:0c:65:26:08:51:23:69:a5:fb:ce:92:b7:58:42:6e:
         54:5b:53:ee:cf:55:48:1b:6f:e7:9a:2c:69:11:f0:9c:37:80:
         1e:f7:04:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpS5LMon0c6NnY3l4Y+5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUxMTExMDIwMTA0WhcNMjUxMTEyMDIwMTA0WjAzMTEwLwYDVQQD
Eyg1ZjliNzZiZTIyNWFhYWRmZDg5YjY3NDJiNzcyOGEwNjcwZGE3NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSRKMpJxp6mckaYCWfIHddSvTFhx
ccMMu3ym/SjEd9VdhyEOGkZDAs6x8m70FqBWAvT1FXHBwEqRVsTGT2BhahV8rDaW
+a1LtbLXW+nNZKGc0UJz0eImU+YOR55gw0tKsV0bs8VuuImQHxUeGrFDf6fBqIyQ
ztbcQX4W69F8dOYTYd4EtqhzoJ8SnC2grTKBP+u4nn0nDC0MrNEL2mInFdgfCqDj
kYAcAa19jaZXXpMpa/7E03wFyzuMtcHHDB1G0sS7ns6Tfd7XXlRVFHwuBTKFMAm4
O5tgtiC2v7KTdkzG59vA87IQ4UgCW5wIdOi2PS3CF2qTVNLriwi1P7bTlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+bdr4iWqrf2JtnQrdyigZw2ndKMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAk4mJ9L
T1h5t2bIQ7Fc8CVRYshMZQcXjkVwjfitY4KzJTegmfyeYWF1u3zzcErPCcafY2FT
zus14k4h+4GNQoeykzS0Umlgt+OOgY7tb18ncJdnh1vi28i44k2zIbaQI4AK64Ia
Eg/9L1dDCa3XlVHZAFfQL4MTWmomVn9FgV6t6TU5+NNY5pg8TDznnxk27wEW2bSQ
yB42Zo4J2n9ZWx/2fzWInr2sNJF5Y+P2lb48IOxd7ZARB3I2EC+RAk/ArIWhJV7J
3MDIVKO+/DAPl6TTQSNgREy0vOrCDGUmCFEjaaX7zpK3WEJuVFtT7s9VSBtv55os
aRHwnDeAHvcE+A==
-----END CERTIFICATE-----