Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
File:                     YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json)
Hash identifier:          e4Ss0iS4bDy8uRtu+T8TqsxrSp5WNk9/vJyxBdBcjGA=
Subject key identifier:   A5:E4:17:EA:EF:4C:30:FE:6E:7B:11:98:EC:58:C3:11:DE:A5:8F:5F
Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3
Certificate issuer:       /CN=633333d71526f533b1c1cf0be9fc321b623396d3
Certificate serial:       019A706DF9FD1D2621E06F402BFB8AC60654
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
Manifest number:          07B3
Signing time:             Tue 11 Nov 2025 01:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:46 +0000
Files and hashes:         1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: 91vON4zht5OOew16PA1TDATlCIQrjBgs1LwC0KHc+30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6d:f9:fd:1d:26:21:e0:6f:40:2b:fb:8a:c6:06:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3
        Validity
            Not Before: Nov 11 01:00:46 2025 GMT
            Not After : Nov 12 01:00:46 2025 GMT
        Subject: CN=a5e417eaef4c30fe6e7b1198ec58c311dea58f5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:63:00:4f:97:ea:8a:27:db:e3:8d:a5:72:5c:
                    33:a1:c6:dd:2e:9d:ce:f0:ee:a7:48:80:bf:a1:39:
                    a8:a2:10:fc:e5:ad:bf:b6:51:e2:3a:2a:8e:31:d5:
                    2e:da:a5:b4:6c:bc:a7:27:29:74:af:98:f3:93:31:
                    ca:27:fe:79:53:9c:55:1b:8e:58:9f:67:26:14:a0:
                    b6:22:7c:1e:6b:2d:be:f0:92:36:96:7a:b8:1c:c7:
                    a0:63:a7:a1:58:25:45:0c:2c:1d:51:a4:a2:65:65:
                    b7:0c:e2:73:82:92:de:35:45:3c:d4:7d:8f:e6:61:
                    5d:ca:3c:ef:e6:d2:e5:39:65:d5:dc:db:54:e3:8c:
                    95:d0:fc:9b:86:d3:0c:e3:a0:6f:71:e9:a4:b6:24:
                    fa:63:74:16:a0:7b:0d:7d:7b:d3:21:a8:15:87:ef:
                    20:7d:95:1a:28:f1:f0:48:df:98:c4:7a:35:8a:4e:
                    4f:c0:d6:d6:bb:15:4d:63:98:67:63:b8:3c:dd:13:
                    03:03:6a:81:f8:88:02:82:56:6a:ac:69:15:ec:76:
                    1f:3f:7e:4c:02:85:f3:ba:b3:58:58:1e:16:be:60:
                    0a:ec:03:e3:12:16:6e:0f:f0:16:b2:b7:e2:dd:4a:
                    f5:c0:40:66:3f:5f:7c:58:51:19:5d:fc:6f:4f:9c:
                    a2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:E4:17:EA:EF:4C:30:FE:6E:7B:11:98:EC:58:C3:11:DE:A5:8F:5F
            X509v3 Authority Key Identifier:
                keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:bf:55:4a:bd:2f:00:82:d2:68:33:f6:fa:a1:b3:3f:60:7c:
         a2:00:9c:4c:da:56:a2:34:eb:fd:92:bc:3e:ec:ef:fc:0f:0b:
         53:c5:ca:42:36:07:0e:6b:08:6d:df:f7:bc:63:4e:13:56:ed:
         8e:03:74:57:96:6b:9a:25:b1:df:2c:6d:eb:70:15:98:24:c8:
         19:aa:0f:15:9b:d5:2a:b2:ca:19:e3:3a:26:e0:97:10:d0:08:
         b3:4a:e9:5a:a9:12:fe:6c:8c:33:94:5e:33:07:fd:1c:2c:72:
         05:3e:02:02:f3:b4:e0:18:95:52:d4:86:74:f9:2e:8e:3d:2f:
         43:18:d8:f9:f7:cc:bb:b3:3a:15:b7:28:97:1f:37:54:f3:7c:
         63:8f:86:4f:58:b6:ac:9e:96:3e:5f:86:8d:dd:f3:c1:06:37:
         ce:dc:2f:10:82:ea:c6:05:71:d2:80:8e:a6:01:49:45:63:cc:
         72:88:80:e1:01:db:9e:58:dd:97:c6:63:c7:9d:47:03:f0:de:
         1a:38:df:23:a4:33:2b:84:78:a2:3c:51:62:ac:0a:20:aa:ad:
         3a:db:fa:be:fa:62:b3:ad:f4:bd:19:e3:51:cc:2e:1f:dc:fb:
         57:d9:cf:ed:bf:62:8b:c3:3b:5f:f0:6a:c9:a5:7c:cf:e2:f9:
         92:b1:0b:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbfn9HSYh4G9AK/uKxgZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz
Mzk2ZDMwHhcNMjUxMTExMDEwMDQ2WhcNMjUxMTEyMDEwMDQ2WjAzMTEwLwYDVQQD
EyhhNWU0MTdlYWVmNGMzMGZlNmU3YjExOThlYzU4YzMxMWRlYTU4ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmMAT5fqiifb442lclwzocbdLp3O
8O6nSIC/oTmoohD85a2/tlHiOiqOMdUu2qW0bLynJyl0r5jzkzHKJ/55U5xVG45Y
n2cmFKC2Inweay2+8JI2lnq4HMegY6ehWCVFDCwdUaSiZWW3DOJzgpLeNUU81H2P
5mFdyjzv5tLlOWXV3NtU44yV0PybhtMM46BvcemktiT6Y3QWoHsNfXvTIagVh+8g
fZUaKPHwSN+YxHo1ik5PwNbWuxVNY5hnY7g83RMDA2qB+IgCglZqrGkV7HYfP35M
AoXzurNYWB4WvmAK7APjEhZuD/AWsrfi3Ur1wEBmP198WFEZXfxvT5yiZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXkF+rvTDD+bnsRmOxYwxHepY9fMB8GA1UdIwQY
MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt
OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj
LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKL9VSr0v
AILSaDP2+qGzP2B8ogCcTNpWojTr/ZK8Puzv/A8LU8XKQjYHDmsIbd/3vGNOE1bt
jgN0V5ZrmiWx3yxt63AVmCTIGaoPFZvVKrLKGeM6JuCXENAIs0rpWqkS/myMM5Re
Mwf9HCxyBT4CAvO04BiVUtSGdPkujj0vQxjY+ffMu7M6Fbcolx83VPN8Y4+GT1i2
rJ6WPl+Gjd3zwQY3ztwvEILqxgVx0oCOpgFJRWPMcoiA4QHbnljdl8Zjx51HA/De
GjjfI6QzK4R4ojxRYqwKIKqtOtv6vvpis630vRnjUcwuH9z7V9nP7b9ii8M7X/Bq
yaV8z+L5krEL/Q==
-----END CERTIFICATE-----