Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          hVv6Z8QkuW/wy9Z3fNrREGTZHz2zA6JTU/R3z3geS7Q=
Subject key identifier:   F4:9A:B3:0E:3E:A8:99:20:43:E1:3F:84:19:92:5C:5E:DD:E5:49:F5
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       019A7225FC045630F38FC302178A0B4D0203
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          12BC
Signing time:             Tue 11 Nov 2025 09:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:23 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: EJiPf7z7KyWZBi/Vcfc2i0A0heDImpGnx0EWRWKy4Qg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:fc:04:56:30:f3:8f:c3:02:17:8a:0b:4d:02:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Nov 11 09:01:23 2025 GMT
            Not After : Nov 12 09:01:23 2025 GMT
        Subject: CN=f49ab30e3ea8992043e13f8419925c5edde549f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1d:84:de:d6:03:d4:03:9f:6b:12:4b:c0:5c:
                    7b:b9:b4:e7:a8:ef:fe:e1:c2:fc:2c:11:1c:41:70:
                    16:01:1c:be:fd:23:ca:f8:08:09:23:fd:d8:ed:d0:
                    3e:2a:be:07:26:c1:b9:11:a0:c2:3b:d1:2e:a7:a1:
                    f2:b0:8e:e4:7d:e8:10:09:92:a6:8a:77:92:17:34:
                    ae:d1:97:09:8d:1c:87:a4:52:d1:06:a3:41:8d:85:
                    49:e0:2b:8a:50:7d:5c:a1:8a:21:a0:1c:c0:95:7e:
                    75:02:40:66:d1:4b:1f:d5:b1:fd:98:c0:a6:e7:86:
                    82:e7:6c:fa:90:18:d9:53:ac:59:47:41:d0:ec:de:
                    53:cd:14:65:84:12:31:3b:ce:ab:aa:61:c2:8c:5e:
                    f4:aa:74:38:24:57:84:c8:bf:e7:38:a5:73:59:91:
                    16:b4:46:83:78:8c:30:de:4b:d6:b2:ff:d3:43:3c:
                    66:0c:1f:81:64:6a:a3:6b:83:53:9e:54:7f:b3:ac:
                    d0:ea:9a:a5:96:d9:80:d5:33:76:c6:25:b6:f7:61:
                    85:6c:e9:94:6b:e1:0c:4c:1e:9d:54:d6:cc:a5:95:
                    69:d4:af:0f:50:a1:1b:31:65:62:45:20:e8:ff:64:
                    92:3c:0f:60:d6:82:64:62:e9:07:69:a0:5c:b0:9c:
                    a4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:9A:B3:0E:3E:A8:99:20:43:E1:3F:84:19:92:5C:5E:DD:E5:49:F5
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:ed:65:35:a1:8a:1b:b3:ca:cd:f8:5d:4c:a8:6a:2e:4c:4a:
         85:58:7c:a0:2f:dc:72:fa:6f:2b:da:2a:e6:20:61:55:b6:48:
         ea:ed:4a:f7:13:a3:cc:4f:94:e9:d3:65:9a:79:11:31:0a:64:
         5b:bb:5b:d3:db:10:16:03:e8:f2:d0:1b:7d:5b:ab:36:21:09:
         f8:30:4d:70:63:b9:92:b5:51:08:0a:5b:52:73:55:91:0f:85:
         94:a0:f9:57:e1:85:dd:16:69:3b:b7:f0:ed:32:aa:85:c4:99:
         14:39:19:cf:a0:40:1f:60:09:16:8f:e6:43:73:15:18:88:6c:
         b9:bc:17:82:68:50:7d:cc:bc:e0:a0:25:00:97:de:81:6a:d2:
         65:3f:14:0b:aa:f0:b7:70:08:5c:f8:79:81:43:84:a1:ed:db:
         f0:ae:df:48:ec:92:bd:6e:fb:ac:57:60:b6:d0:2f:42:f5:9e:
         8a:85:30:92:16:71:90:5b:97:97:13:40:57:49:58:ca:d5:81:
         e8:b7:15:34:61:27:bd:de:7c:96:43:b7:a3:1c:c1:1a:9a:d8:
         9f:4c:98:c7:32:41:86:66:41:02:71:9b:51:07:db:cd:bc:4b:
         27:22:47:b2:80:7d:28:31:2f:55:3e:70:28:9f:21:b8:4a:af:
         3a:59:0c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfwEVjDzj8MCF4oLTQIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUxMTExMDkwMTIzWhcNMjUxMTEyMDkwMTIzWjAzMTEwLwYDVQQD
EyhmNDlhYjMwZTNlYTg5OTIwNDNlMTNmODQxOTkyNWM1ZWRkZTU0OWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR2E3tYD1AOfaxJLwFx7ubTnqO/+
4cL8LBEcQXAWARy+/SPK+AgJI/3Y7dA+Kr4HJsG5EaDCO9Eup6HysI7kfegQCZKm
ineSFzSu0ZcJjRyHpFLRBqNBjYVJ4CuKUH1coYohoBzAlX51AkBm0Usf1bH9mMCm
54aC52z6kBjZU6xZR0HQ7N5TzRRlhBIxO86rqmHCjF70qnQ4JFeEyL/nOKVzWZEW
tEaDeIww3kvWsv/TQzxmDB+BZGqja4NTnlR/s6zQ6pqlltmA1TN2xiW292GFbOmU
a+EMTB6dVNbMpZVp1K8PUKEbMWViRSDo/2SSPA9g1oJkYukHaaBcsJyk4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSasw4+qJkgQ+E/hBmSXF7d5Un1MB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm+1lNaGK
G7PKzfhdTKhqLkxKhVh8oC/ccvpvK9oq5iBhVbZI6u1K9xOjzE+U6dNlmnkRMQpk
W7tb09sQFgPo8tAbfVurNiEJ+DBNcGO5krVRCApbUnNVkQ+FlKD5V+GF3RZpO7fw
7TKqhcSZFDkZz6BAH2AJFo/mQ3MVGIhsubwXgmhQfcy84KAlAJfegWrSZT8UC6rw
t3AIXPh5gUOEoe3b8K7fSOySvW77rFdgttAvQvWeioUwkhZxkFuXlxNAV0lYytWB
6LcVNGEnvd58lkO3oxzBGprYn0yYxzJBhmZBAnGbUQfbzbxLJyJHsoB9KDEvVT5w
KJ8huEqvOlkMpQ==
-----END CERTIFICATE-----