Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
File:                     yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft (raw, json)
Hash identifier:          VpBMYVChv5qtQ8HcZKN3eZSpUuuir1ng7lDnYn12LII=
Subject key identifier:   2A:89:DA:0D:9D:B9:4F:A6:04:32:FF:EB:83:74:B6:79:0C:47:FE:84
Authority key identifier: C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3
Certificate issuer:       /CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
Certificate serial:       019A71B913E1CD74AB452176C01F7C7515C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:25 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:25 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:25 +0000
Files and hashes:         1: yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl (hash: YKfIZA6X+ZeKVfKLsiATmtdPNE8kzzxyFZ+TfzaECL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:13:e1:cd:74:ab:45:21:76:c0:1f:7c:75:15:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
        Validity
            Not Before: Nov 11 07:02:25 2025 GMT
            Not After : Nov 12 07:02:25 2025 GMT
        Subject: CN=2a89da0d9db94fa60432ffeb8374b6790c47fe84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ad:94:56:e4:6b:39:47:c9:ce:a7:7c:c3:2b:
                    b7:01:88:1b:68:cf:9b:5b:1d:93:01:c4:65:61:f0:
                    24:5b:fa:dc:d9:4d:b9:85:e5:af:cb:ef:49:1c:55:
                    d1:4b:40:af:5f:50:f0:01:9d:04:85:b4:75:25:af:
                    22:ab:7c:37:02:12:8f:4e:73:f3:86:da:73:76:45:
                    3c:0b:7e:58:a6:38:f0:bb:3a:81:c0:2b:2d:cb:b5:
                    da:8e:87:55:fc:56:49:65:17:07:59:f9:dd:9e:bd:
                    9b:87:86:5d:43:0c:3d:f4:b3:b6:b8:2c:ed:47:c8:
                    5c:5b:17:45:12:fc:58:94:c2:07:55:8c:48:6b:62:
                    d0:e9:24:7c:0e:f8:e9:cc:53:21:d8:12:81:8b:2c:
                    6b:de:e0:11:72:77:cd:4c:0c:e5:94:6a:a7:a3:bf:
                    a4:bd:3c:5a:a9:1d:83:e7:ed:4c:bd:60:2a:d7:d6:
                    48:8d:72:b8:c3:fd:06:89:1d:09:23:21:f3:b4:11:
                    b0:0b:4f:9e:67:3b:ef:33:4c:3d:af:9a:a4:e7:16:
                    c6:c3:98:49:ca:d8:bd:05:1a:0c:61:4f:71:56:93:
                    f8:66:c7:c8:5a:0e:b4:ff:34:5b:56:0b:cd:12:5b:
                    bc:53:b3:c8:df:a7:35:a1:e9:8f:11:c5:64:ee:0a:
                    3d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:89:DA:0D:9D:B9:4F:A6:04:32:FF:EB:83:74:B6:79:0C:47:FE:84
            X509v3 Authority Key Identifier:
                keyid:C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:2f:55:19:79:98:c3:c1:17:4d:9c:4b:94:93:b4:d9:9f:33:
         d3:bb:40:e2:ea:c8:70:18:64:3d:11:f1:04:09:b4:c3:7d:58:
         77:7e:2d:7f:cc:5d:33:6b:d4:0a:11:c4:0b:65:00:25:c9:c3:
         cf:f0:6c:84:7f:05:9b:f4:d8:c2:0d:92:51:8e:a0:9e:96:a0:
         7a:41:28:9f:05:6c:ef:75:5f:70:5b:44:18:01:a4:f5:e1:7c:
         ef:c5:eb:97:0c:3c:e6:5b:b5:18:e8:92:86:2f:b9:d7:c8:c8:
         f2:62:ce:21:f1:10:f1:f6:a2:9b:b4:4c:9c:c3:fb:5b:fc:74:
         8f:06:cf:61:90:0e:71:97:a0:d2:6c:43:91:59:71:8c:3f:e8:
         75:54:18:27:24:e8:14:8c:b3:45:bc:e1:30:53:f3:7c:97:5e:
         2d:07:f7:88:14:2c:89:fc:2e:47:84:8a:e8:8f:22:23:4a:e1:
         36:11:c4:94:49:ca:a2:3e:7b:09:40:f5:b9:3c:18:8a:1b:70:
         2b:d4:59:a9:87:cf:d6:e6:2a:61:8f:5e:e4:6b:c9:49:5b:19:
         b9:bc:d0:a1:40:b6:5b:06:ed:4d:bc:16:68:14:f1:ce:13:ba:
         4e:f9:b6:fa:82:83:98:f6:ae:6c:e1:20:2b:a8:1d:19:37:c2:
         d5:20:28:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRPhzXSrRSF2wB98dRXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWQ0NDNmODVkMGVlYzY2MzY0Y2Q3NTM2ZjE4ODg4YWMx
Zjk5ZTMwHhcNMjUxMTExMDcwMjI1WhcNMjUxMTEyMDcwMjI1WjAzMTEwLwYDVQQD
EygyYTg5ZGEwZDlkYjk0ZmE2MDQzMmZmZWI4Mzc0YjY3OTBjNDdmZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv62UVuRrOUfJzqd8wyu3AYgbaM+b
Wx2TAcRlYfAkW/rc2U25heWvy+9JHFXRS0CvX1DwAZ0EhbR1Ja8iq3w3AhKPTnPz
htpzdkU8C35YpjjwuzqBwCsty7XajodV/FZJZRcHWfndnr2bh4ZdQww99LO2uCzt
R8hcWxdFEvxYlMIHVYxIa2LQ6SR8DvjpzFMh2BKBiyxr3uARcnfNTAzllGqno7+k
vTxaqR2D5+1MvWAq19ZIjXK4w/0GiR0JIyHztBGwC0+eZzvvM0w9r5qk5xbGw5hJ
yti9BRoMYU9xVpP4ZsfIWg60/zRbVgvNElu8U7PI36c1oemPEcVk7go9ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqJ2g2duU+mBDL/64N0tnkMR/6EMB8GA1UdIwQY
MBaAFMjtRD+F0O7GY2TNdTbxiIisH5njMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYt
NmQwNDMxMGUzNDJiLzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYtNmQwNDMxMGUzNDJi
LzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOC9VGXmY
w8EXTZxLlJO02Z8z07tA4urIcBhkPRHxBAm0w31Yd34tf8xdM2vUChHEC2UAJcnD
z/BshH8Fm/TYwg2SUY6gnpagekEonwVs73VfcFtEGAGk9eF878Xrlww85lu1GOiS
hi+518jI8mLOIfEQ8faim7RMnMP7W/x0jwbPYZAOcZeg0mxDkVlxjD/odVQYJyTo
FIyzRbzhMFPzfJdeLQf3iBQsifwuR4SK6I8iI0rhNhHElEnKoj57CUD1uTwYihtw
K9RZqYfP1uYqYY9e5GvJSVsZubzQoUC2WwbtTbwWaBTxzhO6Tvm2+oKDmPaubOEg
K6gdGTfC1SAobw==
-----END CERTIFICATE-----