Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          7jQAL+XstNVM4MAWvrChQT17xUn2ghbowT6KF0V6jxo=
Subject key identifier:   D2:BA:C3:D3:A7:64:C3:F3:CE:C8:61:5E:CB:D7:9A:99:29:89:D1:F3
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       019A71136ADC18ECCB05B6AF9BCB0BCCD389
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          08B8
Signing time:             Tue 11 Nov 2025 04:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:29 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: dLE7r+jkJCadEr0vVfRUNcPc2SIfS7VsHcvlTyPJiA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:6a:dc:18:ec:cb:05:b6:af:9b:cb:0b:cc:d3:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Nov 11 04:01:29 2025 GMT
            Not After : Nov 12 04:01:29 2025 GMT
        Subject: CN=d2bac3d3a764c3f3cec8615ecbd79a992989d1f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c5:90:8e:02:4d:e4:fb:ce:19:a2:1a:c6:9d:
                    08:16:7d:58:c8:a6:93:13:0a:1b:bf:f7:05:7f:e4:
                    7f:0a:2c:29:ff:e0:c0:15:2b:8a:35:d1:bf:bc:ee:
                    e7:53:5e:bd:26:68:63:45:ad:02:da:75:70:f8:df:
                    e1:c0:38:78:a8:11:98:79:68:a5:42:fe:a0:5e:e2:
                    2e:ec:b1:e2:ff:58:34:38:b6:6d:78:1b:39:80:2d:
                    ca:f6:d2:e3:34:cd:4e:82:03:e1:f8:f1:e1:01:a1:
                    d6:1f:ed:84:31:4a:48:42:31:d2:83:28:bc:20:94:
                    60:a5:ae:38:4e:23:96:70:5d:dc:0e:a7:22:22:74:
                    65:ce:b1:6a:e4:7a:32:f8:75:33:12:f9:55:92:68:
                    83:56:26:83:ed:14:af:32:04:9d:c6:8d:da:1e:41:
                    34:6a:b8:ed:6d:83:c1:04:9f:b0:98:76:9e:50:8b:
                    76:af:34:e7:e7:72:0f:3e:b3:af:96:01:ce:36:10:
                    9e:fa:ea:50:56:d8:e2:29:b4:4f:dd:89:19:a2:96:
                    1c:11:d4:55:6d:37:f2:86:81:c9:60:0e:0f:18:3a:
                    90:c0:7f:54:09:3c:1f:69:07:da:4d:3a:95:87:4d:
                    ac:bc:41:22:83:9d:0a:c2:d4:58:8c:25:8e:c9:cb:
                    4b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:BA:C3:D3:A7:64:C3:F3:CE:C8:61:5E:CB:D7:9A:99:29:89:D1:F3
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:39:66:7e:d7:41:6f:f3:35:a6:3c:97:2c:92:a5:3a:a0:d5:
         28:a6:cd:30:ec:b6:76:b1:09:14:5c:56:75:4b:d8:6f:e3:fe:
         b0:1b:5e:90:83:cb:2c:7a:0d:53:89:b0:73:62:70:d5:49:9a:
         b2:57:30:87:66:c2:b9:ec:b8:1e:b6:21:40:f1:06:1d:7a:46:
         bc:1f:83:62:c6:12:21:40:59:99:53:f5:a9:74:d4:07:08:dd:
         f0:b1:5b:83:f6:3b:f0:81:7e:a0:38:bf:a0:10:b0:ee:dd:8b:
         70:89:62:36:aa:81:f6:42:56:e1:28:ac:c3:67:04:94:6a:99:
         72:54:17:a1:2e:87:1a:63:c5:18:63:60:e0:62:73:ad:07:ea:
         fb:79:8f:99:a7:1b:44:83:e9:6c:c8:a0:cf:bf:57:63:21:f0:
         a8:db:ac:6e:7f:d0:04:f4:44:25:4d:e6:f3:d3:1a:51:ad:4b:
         44:55:5a:0b:66:77:cf:5f:fd:cb:60:8e:49:05:07:8f:e1:11:
         5b:63:97:01:1c:24:19:4d:4e:f0:bc:41:08:76:58:be:76:28:
         ac:94:ba:86:35:55:66:a6:53:d6:06:f1:91:c8:14:64:d4:31:
         85:db:14:db:3b:b3:f0:00:c3:3a:86:32:d2:5d:3e:4e:59:ce:
         4e:5c:d1:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE2rcGOzLBbavm8sLzNOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUxMTExMDQwMTI5WhcNMjUxMTEyMDQwMTI5WjAzMTEwLwYDVQQD
EyhkMmJhYzNkM2E3NjRjM2YzY2VjODYxNWVjYmQ3OWE5OTI5ODlkMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8WQjgJN5PvOGaIaxp0IFn1YyKaT
Ewobv/cFf+R/Ciwp/+DAFSuKNdG/vO7nU169JmhjRa0C2nVw+N/hwDh4qBGYeWil
Qv6gXuIu7LHi/1g0OLZteBs5gC3K9tLjNM1OggPh+PHhAaHWH+2EMUpIQjHSgyi8
IJRgpa44TiOWcF3cDqciInRlzrFq5Hoy+HUzEvlVkmiDViaD7RSvMgSdxo3aHkE0
arjtbYPBBJ+wmHaeUIt2rzTn53IPPrOvlgHONhCe+upQVtjiKbRP3YkZopYcEdRV
bTfyhoHJYA4PGDqQwH9UCTwfaQfaTTqVh02svEEig50KwtRYjCWOyctLxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNK6w9OnZMPzzshhXsvXmpkpidHzMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDlmftdB
b/M1pjyXLJKlOqDVKKbNMOy2drEJFFxWdUvYb+P+sBtekIPLLHoNU4mwc2Jw1Uma
slcwh2bCuey4HrYhQPEGHXpGvB+DYsYSIUBZmVP1qXTUBwjd8LFbg/Y78IF+oDi/
oBCw7t2LcIliNqqB9kJW4Sisw2cElGqZclQXoS6HGmPFGGNg4GJzrQfq+3mPmacb
RIPpbMigz79XYyHwqNusbn/QBPREJU3m89MaUa1LRFVaC2Z3z1/9y2COSQUHj+ER
W2OXARwkGU1O8LxBCHZYvnYorJS6hjVVZqZT1gbxkcgUZNQxhdsU2zuz8ADDOoYy
0l0+TlnOTlzRAA==
-----END CERTIFICATE-----