Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
File:                     yHfSSx1xwCFHafEZ33KY_wz4l7A.mft (raw, json)
Hash identifier:          tbWWH5AbP7hqeoH+RaKp+B3ZA9Wyu4/0N9XsoqkGHMA=
Subject key identifier:   AB:D3:E3:9C:7C:2A:F9:56:D1:AF:38:11:11:2D:FE:AF:88:5D:73:34
Authority key identifier: C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0
Certificate issuer:       /CN=c877d24b1d71c0214769f119df7298ff0cf897b0
Certificate serial:       019A72939B0EB2ACD6136354D9148ECA3354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
Manifest number:          0B89
Signing time:             Tue 11 Nov 2025 11:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:07 +0000
Files and hashes:         1: yHfSSx1xwCFHafEZ33KY_wz4l7A.crl (hash: peTIbLQPalGu/mmdQydYvFU4gCzXNY1kg/BWq1c8xoc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:9b:0e:b2:ac:d6:13:63:54:d9:14:8e:ca:33:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c877d24b1d71c0214769f119df7298ff0cf897b0
        Validity
            Not Before: Nov 11 11:01:07 2025 GMT
            Not After : Nov 12 11:01:07 2025 GMT
        Subject: CN=abd3e39c7c2af956d1af3811112dfeaf885d7334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a6:79:ad:fd:16:dd:bd:a6:cb:39:6d:20:47:
                    7a:89:21:5b:b5:7b:f2:c0:1e:23:82:87:9b:e6:bc:
                    97:d7:3c:c8:50:11:b0:6a:c3:92:19:e1:15:0c:18:
                    49:c4:9a:a3:3c:50:bb:ce:b4:cf:9c:f0:32:a2:23:
                    4b:10:a5:7f:03:e1:af:32:42:29:a7:c1:87:30:e8:
                    92:36:16:af:72:74:80:a5:59:4d:33:d0:d9:80:62:
                    e4:14:8a:d6:7e:b0:e4:85:47:1a:41:83:2b:41:30:
                    cb:0d:69:28:59:52:2d:f3:aa:9f:87:6c:2c:c8:0f:
                    ad:00:47:c9:7d:5c:60:9c:e5:eb:f9:f5:83:a3:6d:
                    3c:d1:ed:e4:10:c3:62:93:6a:5f:d3:bc:3a:7e:ef:
                    9a:ae:18:13:4a:c8:e1:ac:90:07:35:d7:42:c0:45:
                    cc:b7:df:46:0c:25:de:ff:ca:38:b0:85:d6:fb:6e:
                    f0:1b:1c:12:73:bd:8b:5d:69:ab:ae:9d:9a:9b:b4:
                    89:55:9d:66:95:8a:95:56:e4:99:60:4d:d7:0f:c5:
                    17:ca:73:03:9c:70:e7:dc:61:40:17:cc:54:8d:32:
                    69:f6:d1:90:49:88:a0:7b:a2:89:93:ae:64:83:af:
                    34:22:3f:04:66:04:f8:ef:e2:8e:3f:dd:d3:ea:94:
                    18:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D3:E3:9C:7C:2A:F9:56:D1:AF:38:11:11:2D:FE:AF:88:5D:73:34
            X509v3 Authority Key Identifier:
                keyid:C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:16:aa:5d:b0:ea:fd:10:06:c7:52:ec:dd:91:94:58:62:d4:
         ac:9f:ad:25:aa:bf:e2:f4:7b:b7:ad:52:82:96:d4:4d:c2:a4:
         d3:54:16:17:09:5d:39:ea:30:12:7d:8d:cc:42:6a:ee:36:87:
         78:3f:c2:73:5a:77:6a:e9:3a:d6:a8:4e:49:a2:14:b6:3b:f7:
         b6:77:f8:7e:23:ec:5b:22:06:96:8b:0f:38:ed:25:80:a0:64:
         d4:f6:84:27:e0:dd:3c:b8:26:32:ad:0a:bd:71:bd:81:aa:77:
         65:c2:1e:aa:4f:27:79:b1:a4:31:04:9f:06:8a:11:b3:31:58:
         a1:c1:79:eb:77:19:27:36:07:5e:96:c5:58:da:95:ae:8b:ba:
         6c:ee:39:20:f3:ae:b4:0d:5f:31:dd:fa:79:2c:d4:03:55:b0:
         b0:49:a3:47:f3:f5:1a:9c:8d:50:cf:6b:5d:7a:37:b6:b6:d2:
         a0:dc:89:2b:b2:fc:19:ba:23:55:2a:c0:72:f5:34:7a:b3:10:
         bc:ef:f2:ff:62:95:0d:c4:45:5c:bd:8a:99:8f:d4:33:68:22:
         22:54:67:a2:d8:6f:20:a1:8d:06:15:55:c7:1f:3f:3e:1f:cc:
         e3:e3:7e:12:e4:aa:76:a0:34:13:9f:31:0a:6d:c2:13:60:4f:
         ce:64:5d:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5sOsqzWE2NU2RSOyjNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzdkMjRiMWQ3MWMwMjE0NzY5ZjExOWRmNzI5OGZmMGNm
ODk3YjAwHhcNMjUxMTExMTEwMTA3WhcNMjUxMTEyMTEwMTA3WjAzMTEwLwYDVQQD
EyhhYmQzZTM5YzdjMmFmOTU2ZDFhZjM4MTExMTJkZmVhZjg4NWQ3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKZ5rf0W3b2myzltIEd6iSFbtXvy
wB4jgoeb5ryX1zzIUBGwasOSGeEVDBhJxJqjPFC7zrTPnPAyoiNLEKV/A+GvMkIp
p8GHMOiSNhavcnSApVlNM9DZgGLkFIrWfrDkhUcaQYMrQTDLDWkoWVIt86qfh2ws
yA+tAEfJfVxgnOXr+fWDo2080e3kEMNik2pf07w6fu+arhgTSsjhrJAHNddCwEXM
t99GDCXe/8o4sIXW+27wGxwSc72LXWmrrp2am7SJVZ1mlYqVVuSZYE3XD8UXynMD
nHDn3GFAF8xUjTJp9tGQSYige6KJk65kg680Ij8EZgT47+KOP93T6pQYkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvT45x8KvlW0a84EREt/q+IXXM0MB8GA1UdIwQY
MBaAFMh30ksdccAhR2nxGd9ymP8M+JewMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYt
OWVjMjhhZTY1NzQ1LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYtOWVjMjhhZTY1NzQ1
LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdBaqXbDq
/RAGx1Ls3ZGUWGLUrJ+tJaq/4vR7t61SgpbUTcKk01QWFwldOeowEn2NzEJq7jaH
eD/Cc1p3auk61qhOSaIUtjv3tnf4fiPsWyIGlosPOO0lgKBk1PaEJ+DdPLgmMq0K
vXG9gap3ZcIeqk8nebGkMQSfBooRszFYocF563cZJzYHXpbFWNqVrou6bO45IPOu
tA1fMd36eSzUA1WwsEmjR/P1GpyNUM9rXXo3trbSoNyJK7L8GbojVSrAcvU0erMQ
vO/y/2KVDcRFXL2KmY/UM2giIlRnothvIKGNBhVVxx8/Ph/M4+N+EuSqdqA0E58x
Cm3CE2BPzmRd0g==
-----END CERTIFICATE-----