Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
File:                     YsuMEjOwFrHwSBCJc9asPnYvY-0.mft (raw, json)
Hash identifier:          adctd8P6PkJ020NqQ/zcGmsAX7lacq/23hE74zaSs1s=
Subject key identifier:   A3:B0:7A:49:62:BD:38:49:9A:75:C6:FA:22:C4:AC:4D:50:5D:8E:FB
Authority key identifier: 62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED
Certificate issuer:       /CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
Certificate serial:       019A72264C7B74E61DB7AAF1C75D15629CF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
Manifest number:          12C7
Signing time:             Tue 11 Nov 2025 09:01:43 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:43 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:43 +0000
Files and hashes:         1: YsuMEjOwFrHwSBCJc9asPnYvY-0.crl (hash: tdebDttsabqe4QfxXtO10cDjwQxe6wTk9d/Qp21qe5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:4c:7b:74:e6:1d:b7:aa:f1:c7:5d:15:62:9c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
        Validity
            Not Before: Nov 11 09:01:43 2025 GMT
            Not After : Nov 12 09:01:43 2025 GMT
        Subject: CN=a3b07a4962bd38499a75c6fa22c4ac4d505d8efb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3d:16:b1:6a:cd:fb:d6:c3:cf:bc:45:e5:e3:
                    88:83:f0:21:d0:b0:f9:04:dd:02:a8:bf:4d:d5:01:
                    73:c1:2f:a2:15:77:00:7a:05:41:5d:83:38:08:a1:
                    e2:f4:0e:cb:90:60:8b:e0:54:47:ea:03:23:fe:23:
                    e8:e4:81:0c:de:49:fc:f6:29:17:68:fa:c4:b0:25:
                    7f:82:e8:ed:f6:0b:c0:1b:94:29:4a:c0:ba:9d:57:
                    c6:fd:5e:04:30:bf:0c:53:1f:6b:13:96:82:73:8b:
                    4a:18:1e:a8:95:cc:7a:93:22:5c:75:17:1f:e3:ea:
                    52:3f:0d:d3:d4:bb:d5:81:cd:14:a8:69:73:58:f0:
                    a5:f4:22:a3:af:91:74:12:23:62:4c:ce:87:f1:e9:
                    5f:58:8c:f7:0e:d5:0d:8f:62:94:af:81:67:97:1d:
                    06:fb:38:fb:9b:2a:c8:b1:f5:67:45:6a:06:a0:70:
                    23:aa:fc:51:42:e9:6c:4f:43:ea:be:cd:ae:34:80:
                    92:5a:7f:21:9b:92:91:1b:ff:53:2c:0e:7c:00:d4:
                    b4:13:b7:b7:6f:83:99:77:8e:14:9a:43:0e:07:3c:
                    5c:77:ae:a9:20:2a:14:d3:69:47:df:87:09:c5:cb:
                    61:b2:7f:ea:c6:b1:79:1a:8b:8e:4c:36:59:f0:d5:
                    fd:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:B0:7A:49:62:BD:38:49:9A:75:C6:FA:22:C4:AC:4D:50:5D:8E:FB
            X509v3 Authority Key Identifier:
                keyid:62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:3e:06:76:a0:9d:1e:ae:ac:d7:6d:19:5e:f4:94:43:ae:e0:
         c0:5b:5f:53:b5:ba:24:41:9b:9e:94:d1:0d:ed:f6:5c:64:0e:
         62:8c:49:66:70:ad:f0:c0:59:56:82:33:20:ed:a4:53:f9:3c:
         88:64:36:77:22:ec:d9:85:0e:3c:53:45:23:0c:07:f0:d3:08:
         8f:59:ee:c5:9e:e9:a7:d5:8a:85:cf:5f:33:35:11:f3:50:5d:
         2a:3e:5a:de:c6:1d:6c:2f:8d:05:84:4d:1f:78:c4:c0:a8:85:
         77:f2:29:9e:53:1a:2d:11:6e:49:f0:3a:5c:2e:b2:88:39:88:
         77:e6:60:67:fb:a4:86:ff:5c:88:82:f2:ca:8b:1a:1e:da:1f:
         a3:dc:e2:f6:bd:bf:f2:27:53:61:b1:9e:5c:00:db:30:aa:a5:
         d7:70:2c:33:02:64:d5:0e:e8:44:6b:59:81:7b:c0:52:73:b2:
         ac:4c:a1:09:fa:ba:4e:c2:13:01:ec:6c:7b:40:b7:5c:62:fd:
         e3:9f:87:83:8a:c4:21:0e:7c:a6:d1:6f:97:64:7d:73:52:7d:
         7b:e7:5e:3b:ae:53:a8:a0:87:ff:76:06:ec:39:9a:31:30:7a:
         4e:7c:2e:39:9c:3e:6e:96:36:46:41:bb:c9:02:88:33:d9:f5:
         f0:d2:1a:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJkx7dOYdt6rxx10VYpzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyY2I4YzEyMzNiMDE2YjFmMDQ4MTA4OTczZDZhYzNlNzYy
ZjYzZWQwHhcNMjUxMTExMDkwMTQzWhcNMjUxMTEyMDkwMTQzWjAzMTEwLwYDVQQD
EyhhM2IwN2E0OTYyYmQzODQ5OWE3NWM2ZmEyMmM0YWM0ZDUwNWQ4ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj0WsWrN+9bDz7xF5eOIg/Ah0LD5
BN0CqL9N1QFzwS+iFXcAegVBXYM4CKHi9A7LkGCL4FRH6gMj/iPo5IEM3kn89ikX
aPrEsCV/gujt9gvAG5QpSsC6nVfG/V4EML8MUx9rE5aCc4tKGB6olcx6kyJcdRcf
4+pSPw3T1LvVgc0UqGlzWPCl9CKjr5F0EiNiTM6H8elfWIz3DtUNj2KUr4Fnlx0G
+zj7myrIsfVnRWoGoHAjqvxRQulsT0Pqvs2uNICSWn8hm5KRG/9TLA58ANS0E7e3
b4OZd44UmkMOBzxcd66pICoU02lH34cJxcthsn/qxrF5GouOTDZZ8NX9WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOweklivThJmnXG+iLErE1QXY77MB8GA1UdIwQY
MBaAFGLLjBIzsBax8EgQiXPWrD52L2PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2Et
M2NhMmY3OTZiNTk2LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2EtM2NhMmY3OTZiNTk2
LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmD4GdqCd
Hq6s120ZXvSUQ67gwFtfU7W6JEGbnpTRDe32XGQOYoxJZnCt8MBZVoIzIO2kU/k8
iGQ2dyLs2YUOPFNFIwwH8NMIj1nuxZ7pp9WKhc9fMzUR81BdKj5a3sYdbC+NBYRN
H3jEwKiFd/IpnlMaLRFuSfA6XC6yiDmId+ZgZ/ukhv9ciILyyosaHtofo9zi9r2/
8idTYbGeXADbMKql13AsMwJk1Q7oRGtZgXvAUnOyrEyhCfq6TsITAexse0C3XGL9
45+Hg4rEIQ58ptFvl2R9c1J9e+deO65TqKCH/3YG7DmaMTB6TnwuOZw+bpY2RkG7
yQKIM9n18NIa8Q==
-----END CERTIFICATE-----