Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          N2aZQSAIxQVwvfZpnNSePNOSvL4ChREJcVo+DT4vddM=
Subject key identifier:   F1:4B:C3:06:00:FD:BD:A4:51:E3:20:C0:4C:BD:28:98:E1:B1:EA:98
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019A714A1D969121A5DEA29DBFF8C0DA7055
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          05B8
Signing time:             Tue 11 Nov 2025 05:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:13 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: sAnmq8Q7iOIpsvCqLVn1GCwFw/RNkjkg1L+hhvRaJp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:1d:96:91:21:a5:de:a2:9d:bf:f8:c0:da:70:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Nov 11 05:01:13 2025 GMT
            Not After : Nov 12 05:01:13 2025 GMT
        Subject: CN=f14bc30600fdbda451e320c04cbd2898e1b1ea98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2b:01:90:a4:94:79:75:2d:48:a9:62:79:af:
                    63:46:2e:bf:f9:a0:7f:83:f9:e1:65:c4:f8:06:91:
                    b1:ee:ce:2a:ce:03:26:84:f2:76:e7:c2:3e:08:31:
                    43:4d:6f:2f:3a:38:0b:15:ee:31:03:08:52:a8:6a:
                    c9:91:b7:e6:38:c2:c1:1d:12:8c:13:0c:18:8d:8c:
                    28:6d:91:bc:8f:e3:26:54:10:85:76:2e:13:42:ee:
                    a6:e1:da:59:f9:33:3e:a4:c8:e0:6e:30:27:1f:ed:
                    98:b9:6d:c1:29:09:ad:f3:50:ed:6e:c1:8d:9c:5c:
                    bc:9a:b9:33:0e:c0:56:bc:05:2a:d6:57:16:c5:7f:
                    ea:ec:8f:ec:69:f6:1f:da:43:6f:d4:f7:07:74:08:
                    f5:c9:95:36:d9:56:eb:9f:63:3b:a5:93:ee:28:43:
                    be:bb:cf:ee:1d:d2:4a:f4:95:11:62:ca:5f:5e:a6:
                    e5:4e:92:89:39:22:f4:ae:06:54:02:b8:8f:f3:af:
                    8b:47:70:ae:5a:b7:4f:f0:66:58:ef:e3:fa:e9:c0:
                    28:f8:a4:c2:b9:b2:cf:e1:b8:5f:a6:91:66:20:66:
                    15:ca:3e:d3:9b:f4:58:ef:d7:d7:6b:25:41:f5:fa:
                    b0:38:11:cb:a9:ce:8c:4a:37:41:ef:84:10:99:a6:
                    b9:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:4B:C3:06:00:FD:BD:A4:51:E3:20:C0:4C:BD:28:98:E1:B1:EA:98
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:91:8c:c6:76:fa:d2:97:7f:0c:c3:e2:d1:93:cd:e0:42:f9:
         ee:62:e4:5c:ce:02:e8:1b:99:82:8e:66:6c:80:82:d0:c1:bf:
         ed:38:f4:a4:5c:4b:18:e6:20:03:09:34:40:4b:96:b7:0f:54:
         17:c2:e9:d5:df:03:91:8a:2f:c1:33:9f:a6:b1:22:fd:89:35:
         38:70:4f:90:22:7f:29:1c:21:4b:59:41:19:a1:6a:52:c3:9a:
         cc:a2:97:f3:4b:b2:7c:3b:65:55:e6:16:f6:bc:c7:5c:a8:a0:
         2b:5e:52:4c:c6:78:1a:45:93:0d:6f:46:6d:7e:ac:92:a0:f5:
         fa:17:ce:13:26:fa:ab:75:c7:98:97:e1:0f:e8:26:65:8c:ee:
         2a:0d:7a:16:19:d4:3e:60:e2:8e:ec:62:4c:b6:94:e5:f3:43:
         d1:2b:da:ea:56:d8:59:9d:d1:4f:35:90:d1:ff:b5:7a:b9:00:
         73:4d:40:c5:90:76:34:f1:c0:bd:e0:91:bc:58:aa:3a:f3:ec:
         ef:6c:52:61:ad:dd:96:f1:0f:be:a2:02:6f:7c:e3:f5:a0:6b:
         b2:97:8a:72:3f:e8:e2:ec:99:6f:1e:a0:8b:c8:65:71:0f:2b:
         23:37:0d:10:32:00:18:51:b4:d9:6b:62:af:b9:cb:98:d8:4e:
         cb:f5:64:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSh2WkSGl3qKdv/jA2nBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUxMTExMDUwMTEzWhcNMjUxMTEyMDUwMTEzWjAzMTEwLwYDVQQD
EyhmMTRiYzMwNjAwZmRiZGE0NTFlMzIwYzA0Y2JkMjg5OGUxYjFlYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCsBkKSUeXUtSKliea9jRi6/+aB/
g/nhZcT4BpGx7s4qzgMmhPJ258I+CDFDTW8vOjgLFe4xAwhSqGrJkbfmOMLBHRKM
EwwYjYwobZG8j+MmVBCFdi4TQu6m4dpZ+TM+pMjgbjAnH+2YuW3BKQmt81DtbsGN
nFy8mrkzDsBWvAUq1lcWxX/q7I/safYf2kNv1PcHdAj1yZU22Vbrn2M7pZPuKEO+
u8/uHdJK9JURYspfXqblTpKJOSL0rgZUAriP86+LR3CuWrdP8GZY7+P66cAo+KTC
ubLP4bhfppFmIGYVyj7Tm/RY79fXayVB9fqwOBHLqc6MSjdB74QQmaa5iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFLwwYA/b2kUeMgwEy9KJjhseqYMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5GMxnb6
0pd/DMPi0ZPN4EL57mLkXM4C6BuZgo5mbICC0MG/7Tj0pFxLGOYgAwk0QEuWtw9U
F8Lp1d8DkYovwTOfprEi/Yk1OHBPkCJ/KRwhS1lBGaFqUsOazKKX80uyfDtlVeYW
9rzHXKigK15STMZ4GkWTDW9GbX6skqD1+hfOEyb6q3XHmJfhD+gmZYzuKg16FhnU
PmDijuxiTLaU5fND0Sva6lbYWZ3RTzWQ0f+1erkAc01AxZB2NPHAveCRvFiqOvPs
72xSYa3dlvEPvqICb3zj9aBrspeKcj/o4uyZbx6gi8hlcQ8rIzcNEDIAGFG02Wti
r7nLmNhOy/VkUg==
-----END CERTIFICATE-----