Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File:                     Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier:          jyp/CcxbpvW/gZ/8tG9i0jc1fgp6tUd2p9Pf1pu7R8M=
Subject key identifier:   83:D6:D4:C5:43:4D:34:36:2C:45:86:77:58:AC:F7:76:FA:F6:74:10
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer:       /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial:       019A71B91757D596420A1F8E9F9F0B188082
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number:          0F1F
Signing time:             Tue 11 Nov 2025 07:02:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:26 +0000
Files and hashes:         1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: gU4/kj/ytNVM6xJWu3UJXF0ln5hTZE9meRWGj3jP9JQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:17:57:d5:96:42:0a:1f:8e:9f:9f:0b:18:80:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
        Validity
            Not Before: Nov 11 07:02:26 2025 GMT
            Not After : Nov 12 07:02:26 2025 GMT
        Subject: CN=83d6d4c5434d34362c45867758acf776faf67410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fb:b7:e0:e0:f2:f8:55:4d:2e:6a:1f:bb:5a:
                    ce:94:26:71:c9:e2:fe:16:10:40:86:72:eb:42:32:
                    d2:8e:30:8d:86:72:40:6c:7e:54:aa:96:7e:a5:8d:
                    da:01:7c:21:9f:51:f8:b0:4f:0c:83:7e:fc:79:f7:
                    5d:d3:4f:aa:ad:6d:de:4c:2e:1c:c6:ce:8a:1a:91:
                    b6:18:72:fb:1d:8a:ba:ad:a4:6e:81:5f:99:9e:2a:
                    3b:86:ea:ae:36:17:c0:ba:a6:f7:ce:86:28:ba:6c:
                    08:37:1a:fe:eb:ed:18:c7:b5:81:fe:c5:ff:84:9b:
                    12:8e:97:d8:c0:3b:dd:0b:66:05:b0:b3:b4:67:3e:
                    70:ad:4e:b9:2b:92:c8:0e:e8:15:10:8a:34:f3:d0:
                    bc:8f:f1:37:de:dc:82:1d:87:88:26:a3:27:6e:2d:
                    78:1f:09:10:72:62:09:1c:95:16:6d:35:d9:fc:c3:
                    ff:83:20:19:fc:7e:40:7c:25:74:95:8d:1f:fa:86:
                    a4:f3:33:1e:9e:78:7b:31:a6:c6:d6:ad:02:90:50:
                    4f:a9:c3:04:78:fe:08:ed:c6:74:f0:ad:43:ad:56:
                    5a:39:54:ab:24:10:6d:72:bc:b1:73:6d:fe:7f:9d:
                    4d:25:b2:d3:5d:3d:48:05:14:05:a7:2d:8a:c8:fe:
                    4b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:D6:D4:C5:43:4D:34:36:2C:45:86:77:58:AC:F7:76:FA:F6:74:10
            X509v3 Authority Key Identifier:
                keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:44:05:98:6a:f5:04:42:d3:09:41:84:f0:4c:d1:71:17:8a:
         bb:94:7e:f7:b8:ca:7c:f0:e9:e7:e5:c8:34:47:c4:75:b7:92:
         7a:43:50:8e:6e:ad:53:4f:7a:af:34:53:d0:5c:a8:c0:b3:8d:
         ed:1c:fe:ad:cf:72:ae:3d:e7:43:c2:e9:d4:df:49:0d:40:c3:
         09:09:46:73:11:dc:0c:35:46:66:a7:a9:02:7a:b8:f6:0b:8f:
         68:9e:97:2f:26:c4:e0:5a:13:09:04:66:9c:85:3b:a2:be:20:
         c2:c2:03:df:a5:2a:b3:4f:89:26:95:91:99:fc:b2:af:7e:88:
         0c:25:50:9d:37:ab:fa:b8:5e:57:eb:5f:b6:1b:29:7f:b3:b2:
         ac:45:f1:1b:81:9c:8b:6c:a7:c5:fa:30:fd:db:6e:1b:ff:54:
         cb:7f:05:8d:d9:87:ad:41:fd:63:ee:7b:5a:65:d1:15:33:b5:
         0e:75:2d:40:82:dd:8c:0e:16:0f:93:cc:c1:30:16:46:89:9d:
         28:9e:fc:95:c0:36:e6:fa:f5:80:c2:c3:27:d5:36:0c:b5:76:
         24:a8:80:74:fd:bb:32:83:e1:9a:46:72:9e:d8:1b:f0:db:02:
         36:31:5f:50:1d:83:ad:2c:09:72:32:ee:d0:d4:5d:06:47:3a:
         82:05:80:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRdX1ZZCCh+On58LGICCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjUxMTExMDcwMjI2WhcNMjUxMTEyMDcwMjI2WjAzMTEwLwYDVQQD
Eyg4M2Q2ZDRjNTQzNGQzNDM2MmM0NTg2Nzc1OGFjZjc3NmZhZjY3NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPu34ODy+FVNLmofu1rOlCZxyeL+
FhBAhnLrQjLSjjCNhnJAbH5UqpZ+pY3aAXwhn1H4sE8Mg378efdd00+qrW3eTC4c
xs6KGpG2GHL7HYq6raRugV+Znio7huquNhfAuqb3zoYoumwINxr+6+0Yx7WB/sX/
hJsSjpfYwDvdC2YFsLO0Zz5wrU65K5LIDugVEIo089C8j/E33tyCHYeIJqMnbi14
HwkQcmIJHJUWbTXZ/MP/gyAZ/H5AfCV0lY0f+oak8zMennh7MabG1q0CkFBPqcME
eP4I7cZ08K1DrVZaOVSrJBBtcryxc23+f51NJbLTXT1IBRQFpy2KyP5LhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPW1MVDTTQ2LEWGd1is93b69nQQMB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2kQFmGr1
BELTCUGE8EzRcReKu5R+97jKfPDp5+XINEfEdbeSekNQjm6tU096rzRT0FyowLON
7Rz+rc9yrj3nQ8Lp1N9JDUDDCQlGcxHcDDVGZqepAnq49guPaJ6XLybE4FoTCQRm
nIU7or4gwsID36Uqs0+JJpWRmfyyr36IDCVQnTer+rheV+tfthspf7OyrEXxG4Gc
i2ynxfow/dtuG/9Uy38FjdmHrUH9Y+57WmXRFTO1DnUtQILdjA4WD5PMwTAWRomd
KJ78lcA25vr1gMLDJ9U2DLV2JKiAdP27MoPhmkZyntgb8NsCNjFfUB2DrSwJcjLu
0NRdBkc6ggWAjA==
-----END CERTIFICATE-----