Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          UJMaDDK2mv7c0bXLtHY23H+05inWb1mnZu2fjUz3vkM=
Subject key identifier:   E2:95:93:65:83:20:C9:A2:8A:64:14:CF:A8:9A:94:53:3E:69:CC:3B
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       019A71B7F2D33C756C598869C2BD2ECA9E6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          066C
Signing time:             Tue 11 Nov 2025 07:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:11 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: hsM9g88YXq4iseQAUEEEGCYuA24tTySJilbUBpyPGWw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:f2:d3:3c:75:6c:59:88:69:c2:bd:2e:ca:9e:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Nov 11 07:01:11 2025 GMT
            Not After : Nov 12 07:01:11 2025 GMT
        Subject: CN=e29593658320c9a28a6414cfa89a94533e69cc3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ce:56:1f:ac:96:b5:76:c9:d8:61:9d:1f:21:
                    4a:32:71:6e:f3:22:6f:d0:1f:4a:1c:98:14:d2:e1:
                    9b:7a:e3:f2:e7:99:b8:1e:f0:94:73:3d:62:68:d5:
                    e6:bd:d4:d8:56:50:31:ae:50:25:c3:51:cb:1d:e6:
                    34:b0:24:ae:32:eb:7b:a2:1e:22:2c:8c:2f:8e:35:
                    de:0e:65:a0:d3:53:c2:87:09:15:88:aa:a9:97:17:
                    95:e1:b6:5f:fd:e5:35:7a:8a:3a:ec:29:1a:19:33:
                    21:f6:c5:50:7a:08:34:09:df:e8:1f:3e:34:27:e4:
                    c3:7a:66:a0:98:ea:89:6f:98:59:a9:93:6b:96:c7:
                    af:41:91:67:9f:5e:d3:cc:d3:bf:5c:7f:e3:3d:29:
                    4e:8c:2d:c0:00:78:e2:53:af:f0:7b:c2:b6:7f:cd:
                    c8:65:cc:6d:e5:00:83:40:a9:5e:3b:46:0a:73:b6:
                    bd:a5:9d:d0:f2:b6:31:e2:25:5b:b0:6f:c1:9f:15:
                    a4:7a:d3:cc:da:52:39:b2:9f:b9:43:3b:da:d5:2a:
                    60:d1:4d:ce:7e:16:b9:52:d1:a1:76:a6:b4:9d:54:
                    a8:d2:05:55:d7:98:6a:93:35:b5:89:c9:0a:af:1f:
                    97:4d:fd:d2:db:f7:54:ed:0a:c5:b6:f1:01:3a:f9:
                    ec:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:95:93:65:83:20:C9:A2:8A:64:14:CF:A8:9A:94:53:3E:69:CC:3B
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:e1:ae:45:9e:f8:3c:10:79:03:a6:cd:d6:13:af:37:22:f2:
         65:fc:6f:75:15:e8:ab:e9:80:e3:44:b6:e2:0b:b2:0f:7d:73:
         02:88:70:bc:ba:ce:de:b4:49:06:2d:ab:c6:42:d4:26:c0:84:
         fe:b3:dc:16:0d:d1:4d:d5:37:c3:74:a3:a3:cb:19:fb:f2:8c:
         99:b5:69:b4:cd:83:8b:a0:20:cb:03:4f:34:ab:1e:22:a9:b6:
         32:bf:ca:e0:de:48:a7:cf:76:3e:e0:b0:c6:fe:44:92:bf:d3:
         2a:cb:91:b9:f0:ce:26:21:a9:60:bd:6d:c2:82:1e:4a:f9:14:
         2a:2b:59:3f:14:6c:c7:d0:8e:6c:61:6d:5d:ef:be:8c:f2:d8:
         bd:35:93:28:c8:f8:4f:5e:5e:9f:a9:3e:39:c5:d9:b7:9f:58:
         fd:fd:f6:a9:00:8b:cf:ff:ef:a0:01:62:70:ab:b0:f3:3c:74:
         93:7b:9d:56:61:c7:09:80:e1:83:40:f9:40:e8:c4:af:52:05:
         11:ae:5c:12:44:4f:03:f3:31:b2:60:10:de:b5:98:89:8d:f4:
         0c:20:81:dc:c6:51:74:5d:4d:74:0d:f2:0a:d9:41:f7:fb:cb:
         db:0a:98:6a:e5:c7:52:9c:6d:f5:2d:10:28:14:a4:87:cb:d9:
         2b:c4:c4:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/LTPHVsWYhpwr0uyp5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUxMTExMDcwMTExWhcNMjUxMTEyMDcwMTExWjAzMTEwLwYDVQQD
EyhlMjk1OTM2NTgzMjBjOWEyOGE2NDE0Y2ZhODlhOTQ1MzNlNjljYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs85WH6yWtXbJ2GGdHyFKMnFu8yJv
0B9KHJgU0uGbeuPy55m4HvCUcz1iaNXmvdTYVlAxrlAlw1HLHeY0sCSuMut7oh4i
LIwvjjXeDmWg01PChwkViKqplxeV4bZf/eU1eoo67CkaGTMh9sVQegg0Cd/oHz40
J+TDemagmOqJb5hZqZNrlsevQZFnn17TzNO/XH/jPSlOjC3AAHjiU6/we8K2f83I
Zcxt5QCDQKleO0YKc7a9pZ3Q8rYx4iVbsG/BnxWketPM2lI5sp+5Qzva1Spg0U3O
fha5UtGhdqa0nVSo0gVV15hqkzW1ickKrx+XTf3S2/dU7QrFtvEBOvnsswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKVk2WDIMmiimQUz6ialFM+acw7MB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOGuRZ74
PBB5A6bN1hOvNyLyZfxvdRXoq+mA40S24guyD31zAohwvLrO3rRJBi2rxkLUJsCE
/rPcFg3RTdU3w3Sjo8sZ+/KMmbVptM2Di6AgywNPNKseIqm2Mr/K4N5Ip892PuCw
xv5Ekr/TKsuRufDOJiGpYL1twoIeSvkUKitZPxRsx9CObGFtXe++jPLYvTWTKMj4
T15en6k+OcXZt59Y/f32qQCLz//voAFicKuw8zx0k3udVmHHCYDhg0D5QOjEr1IF
Ea5cEkRPA/MxsmAQ3rWYiY30DCCB3MZRdF1NdA3yCtlB9/vL2wqYauXHUpxt9S0Q
KBSkh8vZK8TE0w==
-----END CERTIFICATE-----