Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          A3qp16qYTp1hgVDDZatBFWBfkRcT543IiHJZj7dkD3Q=
Subject key identifier:   69:65:85:B4:1D:24:EE:77:8E:2C:79:FF:57:AF:1A:69:93:6F:F8:15
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       019A7112F0F37DF960814A3495941F8C0BCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          0B7D
Signing time:             Tue 11 Nov 2025 04:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:57 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: +M6LGo1V5DE1+20JhKZDBk2V92gzFPkbs61YFNvdAbg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:f0:f3:7d:f9:60:81:4a:34:95:94:1f:8c:0b:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Nov 11 04:00:57 2025 GMT
            Not After : Nov 12 04:00:57 2025 GMT
        Subject: CN=696585b41d24ee778e2c79ff57af1a69936ff815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b2:6d:ca:52:c6:5e:89:25:d4:87:35:98:4a:
                    82:c9:00:2a:c4:40:2f:af:cc:27:c9:1d:ce:e2:6c:
                    12:00:78:c1:ec:7e:f0:77:34:35:a0:75:ce:bb:dd:
                    d0:8f:f6:b6:ad:d6:00:d2:ec:89:dc:35:af:62:9a:
                    dc:b8:50:6c:ba:1a:a3:16:3e:0c:8e:1a:30:53:1c:
                    99:dd:1b:15:d9:98:68:8a:9f:1b:17:f7:2c:95:e7:
                    49:90:23:3d:b6:ea:f2:d7:cd:2d:f6:46:61:ef:ea:
                    48:f2:18:72:2e:88:30:87:de:d8:cf:a3:06:20:cb:
                    72:e7:9a:2f:3f:38:d6:fa:07:21:e9:7b:91:4c:c6:
                    f8:64:ee:80:00:92:8e:6d:42:ed:82:8a:da:3a:d6:
                    96:a1:73:79:ce:e2:35:72:16:f8:e6:4e:1f:69:b8:
                    09:44:f1:f0:c7:01:4e:5c:33:69:a0:ed:07:4c:f1:
                    6f:b4:b6:c5:7b:01:39:b6:0e:d2:4b:95:e6:6d:d5:
                    10:18:da:79:af:5c:de:72:13:05:30:82:f8:e7:20:
                    2d:d0:da:cf:c7:50:50:c3:06:e3:36:bf:71:ef:7a:
                    de:d1:ca:ad:2d:7d:20:d8:71:de:ba:7a:3d:39:e1:
                    e7:7f:33:98:54:b6:7d:c9:ab:04:5e:0c:12:f2:39:
                    48:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:65:85:B4:1D:24:EE:77:8E:2C:79:FF:57:AF:1A:69:93:6F:F8:15
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:f1:dd:51:52:84:72:bf:26:df:84:22:ca:f4:6c:d4:b9:4c:
         c9:bf:5d:e7:d7:52:43:85:63:6b:5c:ed:81:59:46:24:ac:bf:
         b9:e3:80:f1:02:b9:13:8e:86:55:1c:e4:b7:31:99:77:c3:cf:
         be:22:22:25:ba:6f:fc:cb:ef:40:51:a2:75:af:6e:42:ad:6b:
         a7:57:58:f4:98:0b:df:48:d0:7c:85:1f:0d:aa:d9:97:7b:60:
         29:a5:2a:51:b0:b5:09:53:de:ec:24:68:3f:af:e2:b0:c7:94:
         a0:c8:31:1c:67:5e:b4:11:b7:90:b6:5c:66:8d:6e:78:3c:ee:
         86:4e:ea:ae:62:5b:4d:19:25:fc:0b:43:33:75:01:fe:a2:71:
         f5:50:f7:11:83:ce:d4:91:bb:48:3b:61:b1:64:af:e0:67:bd:
         a3:54:b3:a6:b0:31:f6:2f:b6:8a:f0:1c:ea:2e:24:e2:be:51:
         8d:82:c2:2f:d5:46:06:2c:f4:0f:3e:09:c3:47:d5:94:11:ff:
         25:39:9a:ff:67:04:d6:11:7a:8a:e2:b5:30:20:28:e4:1b:f5:
         10:c5:ca:32:2d:ba:dd:cf:e7:db:93:7d:d0:9e:77:ba:98:99:
         02:4f:27:a1:7d:5d:7e:f5:10:0d:9b:11:05:c8:7c:a9:02:5a:
         46:a4:6f:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvDzfflggUo0lZQfjAvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUxMTExMDQwMDU3WhcNMjUxMTEyMDQwMDU3WjAzMTEwLwYDVQQD
Eyg2OTY1ODViNDFkMjRlZTc3OGUyYzc5ZmY1N2FmMWE2OTkzNmZmODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLJtylLGXokl1Ic1mEqCyQAqxEAv
r8wnyR3O4mwSAHjB7H7wdzQ1oHXOu93Qj/a2rdYA0uyJ3DWvYprcuFBsuhqjFj4M
jhowUxyZ3RsV2Zhoip8bF/csledJkCM9tury180t9kZh7+pI8hhyLogwh97Yz6MG
IMty55ovPzjW+gch6XuRTMb4ZO6AAJKObULtgoraOtaWoXN5zuI1chb45k4fabgJ
RPHwxwFOXDNpoO0HTPFvtLbFewE5tg7SS5XmbdUQGNp5r1zechMFMIL45yAt0NrP
x1BQwwbjNr9x73re0cqtLX0g2HHeuno9OeHnfzOYVLZ9yasEXgwS8jlI9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGllhbQdJO53jix5/1evGmmTb/gVMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVvHdUVKE
cr8m34QiyvRs1LlMyb9d59dSQ4Vja1ztgVlGJKy/ueOA8QK5E46GVRzktzGZd8PP
viIiJbpv/MvvQFGida9uQq1rp1dY9JgL30jQfIUfDarZl3tgKaUqUbC1CVPe7CRo
P6/isMeUoMgxHGdetBG3kLZcZo1ueDzuhk7qrmJbTRkl/AtDM3UB/qJx9VD3EYPO
1JG7SDthsWSv4Ge9o1SzprAx9i+2ivAc6i4k4r5RjYLCL9VGBiz0Dz4Jw0fVlBH/
JTma/2cE1hF6iuK1MCAo5Bv1EMXKMi263c/n25N90J53upiZAk8noX1dfvUQDZsR
Bch8qQJaRqRvRA==
-----END CERTIFICATE-----