Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          pUrd2DnTVrXi0BRf5GVikEJZZSReAchrhx1WCH4BbgQ=
Subject key identifier:   8A:8A:36:F0:81:EE:EA:65:CF:D7:B5:8F:09:B9:C0:DE:1A:5A:E5:E2
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       019A73A726B98B89C54C3A81EEE3F2D85315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 16:02:05 +0000
Manifest this update:     Tue 11 Nov 2025 16:02:05 +0000
Manifest next update:     Wed 12 Nov 2025 16:02:05 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: WNZQd0Ry1Z017DgJyQJNZqXy6kQfRJlYBsDh2xmMaKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a7:26:b9:8b:89:c5:4c:3a:81:ee:e3:f2:d8:53:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Nov 11 16:02:05 2025 GMT
            Not After : Nov 12 16:02:05 2025 GMT
        Subject: CN=8a8a36f081eeea65cfd7b58f09b9c0de1a5ae5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:83:e3:be:9f:d2:e8:45:8a:d6:e1:b1:fb:49:
                    ac:93:d9:af:cc:f2:d3:04:c5:ef:86:cf:2b:71:0e:
                    56:69:95:f4:91:6d:f7:44:4d:34:ad:24:55:7d:a1:
                    7a:a0:5a:53:53:9f:25:1a:7c:ed:98:11:11:a7:ff:
                    50:35:4a:2d:97:61:4e:e7:4a:74:49:e4:9c:4d:06:
                    25:d9:c6:0c:7d:63:f8:c5:e0:ae:a8:f1:c8:b0:70:
                    d3:0e:82:52:e0:32:08:07:92:a6:a9:90:32:af:4b:
                    d9:02:6a:a3:45:4a:5e:5d:b9:24:f6:4b:f0:07:42:
                    75:52:7a:20:f8:12:12:e6:68:71:c2:40:5e:02:3f:
                    d4:7d:1b:4c:82:bc:8f:52:05:b0:40:88:c1:4f:b5:
                    15:c2:1d:d0:9b:68:b3:36:f7:ea:b8:5b:f5:4b:d2:
                    fa:cf:19:c4:dc:c2:e4:aa:c9:45:5f:da:66:11:6b:
                    e7:49:a9:87:72:58:2c:26:aa:e7:4c:36:cc:6e:8c:
                    cf:3a:9e:f2:17:01:1c:fe:d0:b3:b6:72:57:88:11:
                    d8:b8:e8:17:66:19:37:a9:27:70:25:22:fe:a4:89:
                    35:4b:ec:17:7b:b5:6d:b5:bc:bb:37:6a:5f:f6:82:
                    97:98:f1:56:9e:ec:b0:27:68:96:00:50:b0:d6:f0:
                    a4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:8A:36:F0:81:EE:EA:65:CF:D7:B5:8F:09:B9:C0:DE:1A:5A:E5:E2
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:47:6b:f3:14:8d:5d:2b:67:62:46:3f:b1:05:4b:e4:f7:51:
         1b:76:8a:4b:24:2f:52:bc:3f:06:ca:41:09:d0:89:9e:88:3f:
         c8:70:e4:fb:73:45:ee:9b:43:b6:8b:91:32:f1:f2:eb:8b:e8:
         c7:13:67:40:fd:5e:8c:0c:ed:fc:1f:51:07:76:d7:7c:1e:9b:
         19:05:ea:2b:db:af:44:d1:24:9a:dc:61:d1:45:f8:0b:3e:0e:
         3a:c3:22:e2:fe:51:1f:4f:5b:7b:17:a2:96:03:6a:b2:86:23:
         7c:00:92:e6:91:44:1a:2b:0c:34:6d:b8:87:77:3a:ab:e0:f5:
         ad:14:e8:a8:b3:52:c3:3d:10:65:4f:cc:8c:f6:ea:75:92:13:
         af:81:d7:93:c5:0d:b5:b1:76:c4:f2:ca:8e:f6:c3:2d:c8:b3:
         2c:b2:c7:b1:e7:9e:78:30:d7:ca:e8:12:af:e0:13:bd:c5:a0:
         2f:5f:8a:64:dc:1a:6f:6b:59:2d:e7:97:23:8f:03:4c:fd:f6:
         0c:6d:d4:dd:8e:3e:36:ec:97:dd:91:71:80:0c:97:88:34:0b:
         26:1a:01:fb:9c:7e:9f:0e:3b:7f:07:78:cc:99:b4:a2:a2:ec:
         df:25:31:ef:29:0a:59:a9:0f:af:7c:0f:ad:ec:39:a2:c1:30:
         93:29:e7:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpya5i4nFTDqB7uPy2FMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjUxMTExMTYwMjA1WhcNMjUxMTEyMTYwMjA1WjAzMTEwLwYDVQQD
Eyg4YThhMzZmMDgxZWVlYTY1Y2ZkN2I1OGYwOWI5YzBkZTFhNWFlNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4Pjvp/S6EWK1uGx+0msk9mvzPLT
BMXvhs8rcQ5WaZX0kW33RE00rSRVfaF6oFpTU58lGnztmBERp/9QNUotl2FO50p0
SeScTQYl2cYMfWP4xeCuqPHIsHDTDoJS4DIIB5KmqZAyr0vZAmqjRUpeXbkk9kvw
B0J1Unog+BIS5mhxwkBeAj/UfRtMgryPUgWwQIjBT7UVwh3Qm2izNvfquFv1S9L6
zxnE3MLkqslFX9pmEWvnSamHclgsJqrnTDbMbozPOp7yFwEc/tCztnJXiBHYuOgX
Zhk3qSdwJSL+pIk1S+wXe7Vttby7N2pf9oKXmPFWnuywJ2iWAFCw1vCkqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqKNvCB7uplz9e1jwm5wN4aWuXiMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdkdr8xSN
XStnYkY/sQVL5PdRG3aKSyQvUrw/BspBCdCJnog/yHDk+3NF7ptDtouRMvHy64vo
xxNnQP1ejAzt/B9RB3bXfB6bGQXqK9uvRNEkmtxh0UX4Cz4OOsMi4v5RH09bexei
lgNqsoYjfACS5pFEGisMNG24h3c6q+D1rRToqLNSwz0QZU/MjPbqdZITr4HXk8UN
tbF2xPLKjvbDLcizLLLHseeeeDDXyugSr+ATvcWgL1+KZNwab2tZLeeXI48DTP32
DG3U3Y4+NuyX3ZFxgAyXiDQLJhoB+5x+nw47fwd4zJm0oqLs3yUx7ykKWakPr3wP
rew5osEwkynn7Q==
-----END CERTIFICATE-----