Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          RMPN0mr0yqGntCNtlCEke74raJqBtatoy931Hx9lw78=
Subject key identifier:   0A:38:F0:EC:6C:48:B2:3B:3F:41:3F:03:B5:61:47:8C:F7:BC:FE:12
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       019A71B798047D379AB5B322C02AB742C6E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          0F37
Signing time:             Tue 11 Nov 2025 07:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:48 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: /iJTR8LhgiMiJaPcBzHAIT+C8KWyDrKW9+soWR97Rhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:98:04:7d:37:9a:b5:b3:22:c0:2a:b7:42:c6:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Nov 11 07:00:48 2025 GMT
            Not After : Nov 12 07:00:48 2025 GMT
        Subject: CN=0a38f0ec6c48b23b3f413f03b561478cf7bcfe12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a3:c0:f5:39:f6:f8:ed:4c:0d:67:f2:c7:bf:
                    e1:d4:28:3c:4e:61:3f:70:19:30:ff:6c:3c:37:68:
                    71:05:33:06:1c:6a:a8:0d:35:a0:3e:11:4e:31:5e:
                    8c:39:a5:e9:70:19:27:8e:a8:eb:0a:50:b7:6e:26:
                    0e:32:30:9e:6d:b9:fb:19:d0:ea:08:bd:f7:15:c8:
                    dc:6f:20:51:c3:c7:e4:8c:b7:ec:e2:94:7b:e3:c9:
                    96:15:91:a9:f0:fc:1b:0c:e3:b4:35:b8:e0:90:24:
                    82:cd:af:bc:b7:8b:9b:71:dd:61:4c:d3:02:bc:a7:
                    ff:41:62:2d:8a:c9:86:af:54:7f:45:36:80:37:1a:
                    90:8f:3f:c8:ad:39:46:25:5a:d1:ed:2b:55:3b:26:
                    35:d8:7b:76:69:01:57:c6:81:af:9b:2e:92:36:e0:
                    18:7d:51:f7:b3:e2:be:9b:75:05:36:28:a2:a0:78:
                    44:89:15:55:4f:4e:33:17:5a:b6:5b:20:46:ab:68:
                    6e:32:2b:21:5d:0f:a5:ba:cd:66:aa:fc:ba:3b:cd:
                    24:87:98:c8:34:53:2b:34:58:e7:2d:d1:33:d3:39:
                    0b:55:df:80:80:5b:e7:39:62:f4:2e:3f:c7:a6:3c:
                    3c:13:d6:6d:7e:a1:ce:7a:ac:31:8d:12:c3:4b:3d:
                    5c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:38:F0:EC:6C:48:B2:3B:3F:41:3F:03:B5:61:47:8C:F7:BC:FE:12
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:b4:dc:86:a8:26:e2:6d:90:cf:c8:5c:f8:ca:d2:ff:51:89:
         84:98:57:d2:f0:28:ac:bc:47:27:2f:85:02:91:42:1e:1c:03:
         03:72:76:12:35:7b:b7:cc:9a:12:5a:a3:0d:cf:80:d6:c9:84:
         95:3c:51:33:49:b2:b9:90:00:8b:38:91:43:4b:e7:8e:70:7a:
         20:3d:7c:bb:18:3c:91:92:c5:53:dd:87:43:ec:5a:fb:de:27:
         06:01:30:e7:8c:a0:68:8f:35:76:17:3f:01:41:5d:98:38:5f:
         08:e5:cd:37:9a:b3:30:27:49:2f:1f:36:ee:35:dc:a2:2d:b6:
         4e:72:38:28:82:48:07:0b:e6:88:56:74:e6:46:68:4d:71:6f:
         36:81:cf:1a:7e:0a:89:9e:f9:8b:43:29:4f:66:8e:b6:82:3a:
         e3:0e:3b:41:19:c9:d2:d4:2f:c6:be:f9:61:04:ff:d2:0f:58:
         9c:ee:b8:a3:0b:bd:fd:2c:0c:a4:9d:98:d5:55:c0:d6:71:1f:
         c0:5c:58:5a:0f:5b:17:30:e5:23:5a:e9:06:6b:64:6a:0e:2b:
         70:99:9f:2d:54:70:a4:6d:df:79:21:cb:61:a2:82:3b:9b:cf:
         fe:52:39:f3:f3:99:47:1f:50:3a:e1:02:23:5c:a1:d4:f2:27:
         59:0b:72:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5gEfTeatbMiwCq3QsbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjUxMTExMDcwMDQ4WhcNMjUxMTEyMDcwMDQ4WjAzMTEwLwYDVQQD
EygwYTM4ZjBlYzZjNDhiMjNiM2Y0MTNmMDNiNTYxNDc4Y2Y3YmNmZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6PA9Tn2+O1MDWfyx7/h1Cg8TmE/
cBkw/2w8N2hxBTMGHGqoDTWgPhFOMV6MOaXpcBknjqjrClC3biYOMjCebbn7GdDq
CL33FcjcbyBRw8fkjLfs4pR748mWFZGp8PwbDOO0NbjgkCSCza+8t4ubcd1hTNMC
vKf/QWItismGr1R/RTaANxqQjz/IrTlGJVrR7StVOyY12Ht2aQFXxoGvmy6SNuAY
fVH3s+K+m3UFNiiioHhEiRVVT04zF1q2WyBGq2huMishXQ+lus1mqvy6O80kh5jI
NFMrNFjnLdEz0zkLVd+AgFvnOWL0Lj/Hpjw8E9ZtfqHOeqwxjRLDSz1ckQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo48OxsSLI7P0E/A7VhR4z3vP4SMB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb7Tchqgm
4m2Qz8hc+MrS/1GJhJhX0vAorLxHJy+FApFCHhwDA3J2EjV7t8yaElqjDc+A1smE
lTxRM0myuZAAiziRQ0vnjnB6ID18uxg8kZLFU92HQ+xa+94nBgEw54ygaI81dhc/
AUFdmDhfCOXNN5qzMCdJLx827jXcoi22TnI4KIJIBwvmiFZ05kZoTXFvNoHPGn4K
iZ75i0MpT2aOtoI64w47QRnJ0tQvxr75YQT/0g9YnO64owu9/SwMpJ2Y1VXA1nEf
wFxYWg9bFzDlI1rpBmtkag4rcJmfLVRwpG3feSHLYaKCO5vP/lI58/OZRx9QOuEC
I1yh1PInWQtyXA==
-----END CERTIFICATE-----