Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
File:                     yPGA3UiWddR5NSX-5s__Rpcv8zw.mft (raw, json)
Hash identifier:          n/vNcoiPP1ZIE3Z7cOHky3/7Af6HDVeKxath4B82/7I=
Subject key identifier:   18:85:A2:EE:12:1D:4D:F9:35:38:F6:73:42:67:2E:9A:7E:59:1A:AC
Authority key identifier: C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C
Certificate issuer:       /CN=c8f180dd489675d4793525fee6cfff46972ff33c
Certificate serial:       019A21089BED6A125607F9E8F0D6C02A81B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
Manifest number:          16F2
Signing time:             Sun 26 Oct 2025 15:00:03 +0000
Manifest this update:     Sun 26 Oct 2025 15:00:03 +0000
Manifest next update:     Mon 27 Oct 2025 15:00:03 +0000
Files and hashes:         1: yPGA3UiWddR5NSX-5s__Rpcv8zw.crl (hash: oJp6pcxFp1zQseXaqjG6rcxiGYCP34cAHeLKZ+faNgg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:21:08:9b:ed:6a:12:56:07:f9:e8:f0:d6:c0:2a:81:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8f180dd489675d4793525fee6cfff46972ff33c
        Validity
            Not Before: Oct 26 15:00:03 2025 GMT
            Not After : Oct 27 15:00:03 2025 GMT
        Subject: CN=1885a2ee121d4df93538f67342672e9a7e591aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5e:f0:a8:b0:36:6c:d2:87:56:cf:05:58:96:
                    5a:bc:e2:fa:43:bb:fc:f9:02:95:ac:5e:a6:1d:20:
                    62:a5:7b:8e:40:ed:98:fc:53:23:2d:00:f4:89:6d:
                    5d:a8:08:54:ec:1b:82:40:27:d2:c1:0b:0b:95:e1:
                    9a:dd:6c:50:98:c5:99:38:9b:a8:05:2f:12:9a:80:
                    cb:ab:60:ce:40:c4:28:3b:d8:6b:27:4b:7a:94:c9:
                    07:de:ac:25:f2:a8:22:a5:12:a9:a3:5c:2a:ef:10:
                    12:36:b4:72:c1:98:65:21:e4:5b:25:e1:19:d0:17:
                    4c:3d:7f:fe:34:89:86:da:53:97:ae:45:7a:aa:a1:
                    cb:77:05:5d:45:27:0d:ef:62:9a:d9:8d:8e:f0:96:
                    7e:8e:c6:c4:1d:d7:04:21:9c:8d:75:b4:eb:ad:3d:
                    0e:8c:af:12:a3:e3:d2:01:da:14:dc:c0:7f:0e:a4:
                    2f:92:bf:4c:96:e6:24:78:07:dc:8a:3c:41:bf:f0:
                    c8:b2:f0:ad:6d:89:9e:86:2b:06:c4:94:e3:70:13:
                    40:d8:74:1b:bd:15:1c:9e:30:c9:63:98:e5:2a:46:
                    21:90:98:46:ea:a8:20:70:bd:da:aa:47:ea:e2:ab:
                    58:f0:f2:0c:09:d1:f0:da:13:f2:8a:df:dd:84:90:
                    68:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:85:A2:EE:12:1D:4D:F9:35:38:F6:73:42:67:2E:9A:7E:59:1A:AC
            X509v3 Authority Key Identifier:
                keyid:C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:41:40:23:93:f6:80:14:69:de:03:79:58:37:48:52:f2:02:
         0a:d6:b5:c0:69:43:7f:d8:ea:fa:06:6a:11:71:bf:24:68:ee:
         54:76:1e:d1:5f:a3:ff:cb:09:71:13:7c:27:1a:c4:e4:f4:77:
         47:e5:a1:66:25:d6:65:e1:f3:c6:c6:cd:15:2a:3c:d5:1c:72:
         6f:16:b4:6f:75:93:01:31:84:e8:d2:44:d5:69:39:ad:58:19:
         a0:ec:01:60:eb:46:cd:2e:6a:9f:65:c0:50:e8:3c:50:e7:85:
         49:5f:79:50:50:32:53:16:5d:b6:b9:78:f0:5c:79:87:f2:5c:
         7d:63:90:cb:1e:d9:cd:d5:56:1b:a8:f1:a0:51:1b:9d:39:9d:
         d0:55:36:4c:b5:70:4a:04:9a:c0:ad:29:98:89:bb:bd:bd:cb:
         16:e2:1b:b9:d1:fc:79:06:94:66:b2:9e:f7:88:3b:25:16:3e:
         33:a4:9d:78:26:2e:58:5f:5b:0a:92:3e:9e:d2:83:30:fb:21:
         4e:9c:cf:cc:95:5c:90:20:44:ac:dc:e9:1d:26:94:32:b1:9b:
         ac:08:e7:53:58:42:d5:61:38:23:2c:98:57:f4:49:2c:55:6e:
         b2:77:94:66:19:b0:6f:4a:a9:72:d3:d0:13:3f:b3:17:fc:90:
         e0:f4:67:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohCJvtahJWB/no8NbAKoG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjE4MGRkNDg5Njc1ZDQ3OTM1MjVmZWU2Y2ZmZjQ2OTcy
ZmYzM2MwHhcNMjUxMDI2MTUwMDAzWhcNMjUxMDI3MTUwMDAzWjAzMTEwLwYDVQQD
EygxODg1YTJlZTEyMWQ0ZGY5MzUzOGY2NzM0MjY3MmU5YTdlNTkxYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs17wqLA2bNKHVs8FWJZavOL6Q7v8
+QKVrF6mHSBipXuOQO2Y/FMjLQD0iW1dqAhU7BuCQCfSwQsLleGa3WxQmMWZOJuo
BS8SmoDLq2DOQMQoO9hrJ0t6lMkH3qwl8qgipRKpo1wq7xASNrRywZhlIeRbJeEZ
0BdMPX/+NImG2lOXrkV6qqHLdwVdRScN72Ka2Y2O8JZ+jsbEHdcEIZyNdbTrrT0O
jK8So+PSAdoU3MB/DqQvkr9MluYkeAfcijxBv/DIsvCtbYmehisGxJTjcBNA2HQb
vRUcnjDJY5jlKkYhkJhG6qggcL3aqkfq4qtY8PIMCdHw2hPyit/dhJBoeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiFou4SHU35NTj2c0JnLpp+WRqsMB8GA1UdIwQY
MBaAFMjxgN1IlnXUeTUl/ubP/0aXL/M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEt
ZGJkNzYwMDQ1ZWI3LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEtZGJkNzYwMDQ1ZWI3
LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkFAI5P2
gBRp3gN5WDdIUvICCta1wGlDf9jq+gZqEXG/JGjuVHYe0V+j/8sJcRN8JxrE5PR3
R+WhZiXWZeHzxsbNFSo81Rxybxa0b3WTATGE6NJE1Wk5rVgZoOwBYOtGzS5qn2XA
UOg8UOeFSV95UFAyUxZdtrl48Fx5h/JcfWOQyx7ZzdVWG6jxoFEbnTmd0FU2TLVw
SgSawK0pmIm7vb3LFuIbudH8eQaUZrKe94g7JRY+M6SdeCYuWF9bCpI+ntKDMPsh
TpzPzJVckCBErNzpHSaUMrGbrAjnU1hC1WE4IyyYV/RJLFVusneUZhmwb0qpctPQ
Ez+zF/yQ4PRncg==
-----END CERTIFICATE-----