Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          4Pi8SPWF0ShAyX7m4I9e3BekV0h2Vica2pP5aU1tBgA=
Subject key identifier:   6B:83:D0:A5:BA:A3:80:12:FE:6C:29:BE:5D:00:E1:F3:78:D9:E5:C4
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       019A1FBFA8482B06A39FC36D02A31E1F33C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          02F1
Signing time:             Sun 26 Oct 2025 09:00:45 +0000
Manifest this update:     Sun 26 Oct 2025 09:00:45 +0000
Manifest next update:     Mon 27 Oct 2025 09:00:45 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: f6K9anZWy3pNCHUSsA68/zDtYrI+GdBk1W+Z8hSb2cY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 03:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1f:bf:a8:48:2b:06:a3:9f:c3:6d:02:a3:1e:1f:33:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Oct 26 09:00:45 2025 GMT
            Not After : Oct 27 09:00:45 2025 GMT
        Subject: CN=6b83d0a5baa38012fe6c29be5d00e1f378d9e5c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b4:b9:96:48:82:a4:59:26:2b:5e:ef:e1:8e:
                    40:68:a7:66:24:18:40:39:87:e8:65:0f:f5:c7:13:
                    21:82:c6:b8:bf:f2:53:70:42:e3:0a:f6:b7:2e:1d:
                    78:f7:dd:bc:da:87:cb:e3:c2:33:c6:f7:c5:f4:bd:
                    9b:2d:24:a6:ac:f9:3b:4a:1a:12:d2:18:62:2f:9e:
                    95:25:1c:f9:da:85:69:f3:c2:7b:cb:41:4b:8d:1c:
                    17:0f:24:14:52:be:14:27:6d:1e:0c:59:88:b4:94:
                    ea:b2:75:0a:00:0e:bd:a5:fb:91:31:24:c0:70:7f:
                    f7:70:40:13:83:44:31:1a:4a:31:4f:0d:9a:b0:ad:
                    77:70:05:b1:ad:96:2f:7d:46:76:8d:0d:11:3e:29:
                    c7:1c:2b:5d:8e:1f:56:e3:d7:96:56:a8:2a:9b:61:
                    59:21:a4:9f:f0:7c:9a:e9:87:fe:ee:56:8f:7b:53:
                    dd:45:bb:06:7c:7b:8d:50:88:44:a0:e9:b0:b1:89:
                    96:f6:4f:da:be:bb:79:e1:b9:20:84:d0:43:7e:e5:
                    37:d7:37:d6:67:7d:33:c9:5e:a3:80:82:d1:d1:7b:
                    9c:9b:0d:40:fc:0b:7c:94:de:7a:92:51:0d:19:9c:
                    f7:88:2c:4d:a8:1c:b6:7d:9e:79:f7:fd:52:bc:cc:
                    46:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:83:D0:A5:BA:A3:80:12:FE:6C:29:BE:5D:00:E1:F3:78:D9:E5:C4
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:d8:42:7d:2f:59:09:13:b2:42:a6:16:23:02:2e:ea:a3:35:
         3e:0e:15:a3:04:54:df:4f:82:1a:08:91:e9:8e:5d:ff:17:be:
         88:82:96:13:5a:dc:47:1f:32:2c:45:e3:d5:73:0b:e0:60:73:
         74:63:00:7d:43:df:01:1a:bb:fe:f2:89:a5:ec:99:e1:b1:fb:
         64:9f:87:d7:30:b3:7c:61:60:ab:1e:c3:17:a0:69:f0:94:59:
         e3:9a:ac:2b:24:d5:1b:57:af:15:48:67:ae:77:a4:95:7d:54:
         fb:cb:ac:44:ff:10:6d:fd:58:0b:53:0d:60:cf:d1:95:e9:d5:
         5e:1d:0a:49:d7:22:57:33:a8:b0:5e:67:65:f1:2d:9f:d9:13:
         74:a9:bd:26:69:ef:e2:15:cc:e7:18:0d:ba:47:76:71:c4:49:
         ef:f1:92:ea:72:15:75:4e:23:3d:6e:f5:de:94:0f:2a:a6:5d:
         dd:7b:d2:9b:16:b3:72:75:8c:a0:04:99:9f:19:11:85:19:b4:
         61:79:43:d4:45:57:d9:23:28:a5:93:d1:ea:29:3f:3e:d9:2e:
         f2:6c:8b:ab:10:4b:af:f7:5e:35:85:a3:7b:9f:f2:c1:77:24:
         dd:69:c3:d8:5a:b1:87:f9:c0:67:64:4b:39:43:cc:dd:15:74:
         44:a8:75:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZofv6hIKwajn8NtAqMeHzPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjUxMDI2MDkwMDQ1WhcNMjUxMDI3MDkwMDQ1WjAzMTEwLwYDVQQD
Eyg2YjgzZDBhNWJhYTM4MDEyZmU2YzI5YmU1ZDAwZTFmMzc4ZDllNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrS5lkiCpFkmK17v4Y5AaKdmJBhA
OYfoZQ/1xxMhgsa4v/JTcELjCva3Lh1499282ofL48IzxvfF9L2bLSSmrPk7ShoS
0hhiL56VJRz52oVp88J7y0FLjRwXDyQUUr4UJ20eDFmItJTqsnUKAA69pfuRMSTA
cH/3cEATg0QxGkoxTw2asK13cAWxrZYvfUZ2jQ0RPinHHCtdjh9W49eWVqgqm2FZ
IaSf8Hya6Yf+7laPe1PdRbsGfHuNUIhEoOmwsYmW9k/avrt54bkghNBDfuU31zfW
Z30zyV6jgILR0Xucmw1A/At8lN56klENGZz3iCxNqBy2fZ559/1SvMxGHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuD0KW6o4AS/mwpvl0A4fN42eXEMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADNhCfS9Z
CROyQqYWIwIu6qM1Pg4VowRU30+CGgiR6Y5d/xe+iIKWE1rcRx8yLEXj1XML4GBz
dGMAfUPfARq7/vKJpeyZ4bH7ZJ+H1zCzfGFgqx7DF6Bp8JRZ45qsKyTVG1evFUhn
rneklX1U+8usRP8Qbf1YC1MNYM/RlenVXh0KSdciVzOosF5nZfEtn9kTdKm9Jmnv
4hXM5xgNukd2ccRJ7/GS6nIVdU4jPW713pQPKqZd3XvSmxazcnWMoASZnxkRhRm0
YXlD1EVX2SMopZPR6ik/Ptku8myLqxBLr/deNYWje5/ywXck3WnD2Fqxh/nAZ2RL
OUPM3RV0RKh1cg==
-----END CERTIFICATE-----