Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
File:                     YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft (raw, json)
Hash identifier:          +fPxocZXHbRWQZQTzyS5mUBpN1Pa+XWZSWGXU6SqHmU=
Subject key identifier:   68:4B:BF:50:E3:A7:57:CE:E4:94:D1:AE:FF:EB:D5:D7:D0:24:AD:3A
Authority key identifier: 60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74
Certificate issuer:       /CN=600b113e062d17ea230806b34a21deb5627b6774
Certificate serial:       019A71B80C868B6B8F506EB9F67613E5C327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
Manifest number:          139C
Signing time:             Tue 11 Nov 2025 07:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:18 +0000
Files and hashes:         1: YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl (hash: 5yEAAXXd7kJ1cj8P3gzPLbeMIzjA9/T78NY16Hn2Pls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:0c:86:8b:6b:8f:50:6e:b9:f6:76:13:e5:c3:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600b113e062d17ea230806b34a21deb5627b6774
        Validity
            Not Before: Nov 11 07:01:18 2025 GMT
            Not After : Nov 12 07:01:18 2025 GMT
        Subject: CN=684bbf50e3a757cee494d1aeffebd5d7d024ad3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a2:2d:6c:79:e1:c2:77:59:a8:fa:e0:8e:71:
                    af:94:4f:68:47:ce:74:25:ca:e4:4e:bc:8d:7a:04:
                    7f:2e:40:41:13:a6:72:6d:85:32:90:5d:54:4e:7b:
                    a5:fe:36:37:73:12:72:b8:36:e0:7f:63:b7:57:95:
                    9e:21:5d:ba:f4:89:75:30:50:e3:61:c3:a8:4d:2c:
                    e9:e0:0e:a0:bc:28:7f:84:60:44:aa:e4:e3:7d:ea:
                    c0:87:ac:10:45:20:cd:15:da:36:57:3f:51:4f:81:
                    be:4d:ac:57:83:ec:31:0f:2e:2d:a2:d2:05:79:2a:
                    44:32:dc:bf:42:df:a0:d3:d3:23:c3:47:87:e3:d4:
                    91:11:af:1d:0b:2c:83:ae:5c:45:60:91:01:fb:fe:
                    4b:b1:88:40:f3:fd:11:0b:89:1e:8c:df:a3:14:08:
                    51:95:9b:0e:d3:0a:99:cc:63:f4:46:3b:d4:ad:00:
                    1c:d0:73:ba:ba:12:1f:73:e5:6b:ec:39:6c:a0:0b:
                    ac:0d:fe:69:86:1f:cb:47:bb:5f:09:4c:64:b3:64:
                    5b:ae:d3:37:8c:6e:66:b4:f8:55:bd:18:f5:77:1a:
                    1b:a5:c4:21:98:cc:6b:e5:7c:b6:c3:f0:68:71:6f:
                    23:26:5a:5c:83:33:dd:cb:d5:5e:37:13:c7:98:b8:
                    5b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:4B:BF:50:E3:A7:57:CE:E4:94:D1:AE:FF:EB:D5:D7:D0:24:AD:3A
            X509v3 Authority Key Identifier:
                keyid:60:0B:11:3E:06:2D:17:EA:23:08:06:B3:4A:21:DE:B5:62:7B:67:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/14c8c5-9af5-41b0-9917-a0da45299c6e/1/YAsRPgYtF-ojCAazSiHetWJ7Z3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:90:cf:6e:5b:01:db:28:ae:f5:e7:3d:9a:8e:60:00:dd:ed:
         24:6f:b8:5d:b4:4d:c9:05:7a:08:d9:c7:23:bd:6c:9c:ba:75:
         6a:3f:16:f0:04:4c:aa:ec:39:d8:05:12:d3:d4:89:50:10:c8:
         be:5e:d9:4f:27:68:fb:f0:ea:e9:92:6a:35:aa:da:af:d9:ad:
         fb:d8:8c:a7:e3:20:b8:39:86:77:fb:8f:3f:05:35:6d:d7:4d:
         fc:28:0a:42:15:07:ec:1d:18:d3:59:c8:45:3d:a7:bb:9b:e0:
         ce:79:06:43:3d:b2:04:7f:9a:07:bd:ea:4e:34:df:d1:e7:c0:
         05:52:c5:d8:1d:1b:47:02:d9:c5:d1:62:1d:c9:59:20:56:72:
         04:d2:9a:f1:34:81:75:db:5a:db:ab:59:fb:e5:9e:d1:a2:24:
         06:79:01:1a:b7:01:52:7d:12:5c:16:c0:c6:82:7c:79:08:92:
         5a:fc:df:7d:55:e1:4d:85:05:8a:de:14:97:70:9e:2f:ea:97:
         8d:39:ae:f7:22:dc:24:8e:8b:60:48:01:53:58:11:b6:e7:53:
         c5:e0:2b:3e:6d:40:56:10:d6:54:7e:93:1f:08:db:7d:0c:7e:
         e2:00:34:67:8b:e7:64:6c:53:b7:1d:93:e8:7b:fc:62:74:a2:
         48:84:24:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAyGi2uPUG659nYT5cMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGIxMTNlMDYyZDE3ZWEyMzA4MDZiMzRhMjFkZWI1NjI3
YjY3NzQwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
Eyg2ODRiYmY1MGUzYTc1N2NlZTQ5NGQxYWVmZmViZDVkN2QwMjRhZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ItbHnhwndZqPrgjnGvlE9oR850
JcrkTryNegR/LkBBE6ZybYUykF1UTnul/jY3cxJyuDbgf2O3V5WeIV269Il1MFDj
YcOoTSzp4A6gvCh/hGBEquTjferAh6wQRSDNFdo2Vz9RT4G+TaxXg+wxDy4totIF
eSpEMty/Qt+g09Mjw0eH49SREa8dCyyDrlxFYJEB+/5LsYhA8/0RC4kejN+jFAhR
lZsO0wqZzGP0RjvUrQAc0HO6uhIfc+Vr7DlsoAusDf5phh/LR7tfCUxks2RbrtM3
jG5mtPhVvRj1dxobpcQhmMxr5Xy2w/BocW8jJlpcgzPdy9VeNxPHmLhbJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhLv1Djp1fO5JTRrv/r1dfQJK06MB8GA1UdIwQY
MBaAFGALET4GLRfqIwgGs0oh3rVie2d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTct
YTBkYTQ1Mjk5YzZlLzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xNGM4YzUtOWFmNS00MWIwLTk5MTctYTBkYTQ1Mjk5YzZl
LzEvWUFzUlBnWXRGLW9qQ0FhelNpSGV0V0o3WjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpDPblsB
2yiu9ec9mo5gAN3tJG+4XbRNyQV6CNnHI71snLp1aj8W8ARMquw52AUS09SJUBDI
vl7ZTydo+/Dq6ZJqNarar9mt+9iMp+MguDmGd/uPPwU1bddN/CgKQhUH7B0Y01nI
RT2nu5vgznkGQz2yBH+aB73qTjTf0efABVLF2B0bRwLZxdFiHclZIFZyBNKa8TSB
ddta26tZ++We0aIkBnkBGrcBUn0SXBbAxoJ8eQiSWvzffVXhTYUFit4Ul3CeL+qX
jTmu9yLcJI6LYEgBU1gRtudTxeArPm1AVhDWVH6THwjbfQx+4gA0Z4vnZGxTtx2T
6Hv8YnSiSIQkHg==
-----END CERTIFICATE-----