Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          VPMwxQ8PSPDRxOhN4Rq8jyPg/6cmp8EJQLyqEdQdw78=
Subject key identifier:   46:16:A0:D3:54:AC:9C:C4:62:BC:A9:E4:BA:6F:44:0B:43:E1:8E:C6
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       019A71B8A66E99499670DFFF0B28CC2A0B40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          0EDE
Signing time:             Tue 11 Nov 2025 07:01:57 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:57 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:57 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: 0TkhhHWfKAPp8WROilZd+TqTDf2IT2bJVMR8atNUcw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a6:6e:99:49:96:70:df:ff:0b:28:cc:2a:0b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Nov 11 07:01:57 2025 GMT
            Not After : Nov 12 07:01:57 2025 GMT
        Subject: CN=4616a0d354ac9cc462bca9e4ba6f440b43e18ec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:46:c7:d8:47:a8:ce:a4:ea:87:23:a7:47:8f:
                    47:5e:71:52:31:52:c9:5c:f5:36:60:3a:4f:97:ae:
                    20:36:42:f4:9a:09:4a:1c:38:ff:19:82:0e:0e:e1:
                    71:07:e1:c4:93:8b:50:89:ab:97:28:0c:8f:2a:d7:
                    3e:48:57:4e:81:c6:16:f0:5f:76:e6:00:fd:bc:b7:
                    94:e2:7e:fd:b9:d0:0a:f0:fd:2a:60:9f:4a:68:26:
                    8b:ad:18:c2:5e:1a:ef:52:9e:05:c9:3c:5b:b1:a0:
                    6f:8e:c5:de:d6:fa:97:af:76:76:8b:ee:2b:ca:54:
                    cd:e4:db:fa:c6:5a:30:7e:17:0d:f6:f0:d4:60:1c:
                    e0:1b:d1:2d:9e:af:ff:ec:45:66:54:1d:b1:7d:8e:
                    2f:13:56:f7:80:61:94:02:2a:40:ce:8e:92:04:45:
                    8c:52:0a:df:8a:70:a6:80:e9:09:83:8f:ec:4d:65:
                    0b:22:af:5a:66:b7:29:76:e1:37:96:53:04:01:6c:
                    39:2e:87:d5:c4:0e:4f:4d:92:ba:03:78:fb:a2:c3:
                    ca:08:54:08:77:9f:fd:fd:a3:55:b9:08:b1:9e:d7:
                    eb:3f:17:22:69:d6:4d:d7:42:18:82:a0:1f:e7:6f:
                    0e:66:17:27:db:78:58:88:48:e8:2e:ac:a5:54:c5:
                    10:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:16:A0:D3:54:AC:9C:C4:62:BC:A9:E4:BA:6F:44:0B:43:E1:8E:C6
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:79:b4:0a:65:3e:3f:9e:28:a5:78:59:49:c5:db:e8:a4:84:
         23:6f:a4:a0:75:c5:3b:39:a3:e3:3d:7a:b4:29:73:f0:c5:34:
         2d:4b:c5:ce:da:9c:c6:4e:fc:cc:3a:2b:e3:8f:0b:80:90:75:
         f0:eb:94:84:76:f0:88:be:0e:c7:92:39:f8:7f:2b:b4:7b:f2:
         f1:03:b2:96:b0:99:da:1d:6f:94:be:da:4d:d0:05:0a:1f:27:
         fa:c9:69:a1:35:ee:ce:23:fa:f3:77:c3:29:88:97:ae:49:98:
         7a:5c:4f:18:be:52:88:c0:2d:d5:7f:1e:8b:c4:48:bf:1a:f8:
         3d:ad:02:bc:62:45:db:69:7b:b3:c9:11:53:3a:48:bf:bd:6a:
         34:36:7a:c1:ff:5d:82:96:45:5c:b7:3b:76:ae:19:8b:43:4a:
         37:ae:3e:03:1d:e2:d5:88:9f:b1:06:9c:44:90:bc:2b:21:8a:
         4e:77:10:8c:93:03:c0:75:63:4b:85:24:5b:cb:f8:a8:46:55:
         d3:35:4b:4c:d5:ad:09:6b:7e:3f:92:41:99:0a:50:50:8e:49:
         8e:77:f5:e6:4a:16:8d:c3:55:ef:ba:44:a4:a0:df:e7:3e:74:
         f8:f7:bf:03:a9:89:42:51:58:8a:a4:61:d1:89:05:d6:e9:5e:
         b4:b6:2f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKZumUmWcN//CyjMKgtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjUxMTExMDcwMTU3WhcNMjUxMTEyMDcwMTU3WjAzMTEwLwYDVQQD
Eyg0NjE2YTBkMzU0YWM5Y2M0NjJiY2E5ZTRiYTZmNDQwYjQzZTE4ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkbH2EeozqTqhyOnR49HXnFSMVLJ
XPU2YDpPl64gNkL0mglKHDj/GYIODuFxB+HEk4tQiauXKAyPKtc+SFdOgcYW8F92
5gD9vLeU4n79udAK8P0qYJ9KaCaLrRjCXhrvUp4FyTxbsaBvjsXe1vqXr3Z2i+4r
ylTN5Nv6xlowfhcN9vDUYBzgG9Etnq//7EVmVB2xfY4vE1b3gGGUAipAzo6SBEWM
UgrfinCmgOkJg4/sTWULIq9aZrcpduE3llMEAWw5LofVxA5PTZK6A3j7osPKCFQI
d5/9/aNVuQixntfrPxciadZN10IYgqAf528OZhcn23hYiEjoLqylVMUQSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYWoNNUrJzEYryp5LpvRAtD4Y7GMB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANHm0CmU+
P54opXhZScXb6KSEI2+koHXFOzmj4z16tClz8MU0LUvFztqcxk78zDor448LgJB1
8OuUhHbwiL4Ox5I5+H8rtHvy8QOylrCZ2h1vlL7aTdAFCh8n+slpoTXuziP683fD
KYiXrkmYelxPGL5SiMAt1X8ei8RIvxr4Pa0CvGJF22l7s8kRUzpIv71qNDZ6wf9d
gpZFXLc7dq4Zi0NKN64+Ax3i1YifsQacRJC8KyGKTncQjJMDwHVjS4UkW8v4qEZV
0zVLTNWtCWt+P5JBmQpQUI5Jjnf15koWjcNV77pEpKDf5z50+Pe/A6mJQlFYiqRh
0YkF1uletLYvww==
-----END CERTIFICATE-----