Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
File:                     yfcvcKzNptLmEzWoFzDm9u5RPMU.mft (raw, json)
Hash identifier:          iC3gficWBg3MkS/pEeVuJZb1q3pKT1M42AP/xy4S2Co=
Subject key identifier:   68:0C:0C:C3:49:0C:3C:6B:D2:D5:1E:3F:FC:1D:43:87:DE:49:06:2B
Authority key identifier: C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5
Certificate issuer:       /CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
Certificate serial:       0199FBEB6A554587D586332087E7B25A8D57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:13 +0000
Files and hashes:         1: yfcvcKzNptLmEzWoFzDm9u5RPMU.crl (hash: KOOxSx65RMxFshkaKmemlvw18U4BIq7zbS4R7EKDfdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:6a:55:45:87:d5:86:33:20:87:e7:b2:5a:8d:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
        Validity
            Not Before: Oct 19 10:02:13 2025 GMT
            Not After : Oct 20 10:02:13 2025 GMT
        Subject: CN=680c0cc3490c3c6bd2d51e3ffc1d4387de49062b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:54:af:b1:f6:a4:7d:fe:be:d6:e8:89:62:12:
                    e7:ef:f1:d5:37:48:a2:09:a4:bb:96:af:fb:91:c1:
                    8a:d0:83:54:ed:e0:c3:51:4b:7c:3d:33:d4:11:2b:
                    27:c3:d7:a2:de:0d:3c:49:51:96:ee:e7:51:ad:6e:
                    f7:3e:d6:49:70:e0:3a:ab:75:c1:f1:ae:89:c0:f7:
                    ea:23:d6:b8:bc:0d:37:43:e7:96:9f:a7:96:44:58:
                    f5:e8:64:8b:0f:b4:96:36:fd:db:3b:7d:73:36:ff:
                    41:9c:8a:b0:e6:e1:f9:39:16:8c:e2:84:4e:fa:fe:
                    98:7a:f5:24:f1:7d:06:75:74:69:e4:f4:22:8b:dd:
                    51:e7:a2:46:bf:4b:1d:67:5e:1a:4d:25:3f:0c:62:
                    90:c8:ef:39:12:ec:ef:2f:5b:6c:b2:91:d1:99:3f:
                    9c:06:3a:e2:55:ac:5f:36:a6:df:7f:22:d3:cc:8d:
                    7e:64:67:68:66:e1:82:89:40:08:a9:a5:5d:08:29:
                    ae:08:17:dd:e8:0b:5d:d6:e9:d7:0f:01:b4:17:b5:
                    7a:30:a0:4f:14:38:8e:0e:1e:a7:ec:b3:a7:0d:ad:
                    f3:e6:91:36:7c:59:35:24:31:3a:1c:4a:63:5b:11:
                    10:67:44:89:1b:a8:6e:42:a5:89:65:64:3a:fc:df:
                    0b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:0C:0C:C3:49:0C:3C:6B:D2:D5:1E:3F:FC:1D:43:87:DE:49:06:2B
            X509v3 Authority Key Identifier:
                keyid:C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:77:b6:fe:b6:73:47:a0:f4:01:c4:80:19:db:8f:ec:d9:42:
         dc:4a:3e:e0:e9:90:f4:6b:80:25:b3:96:1e:fb:ae:ae:da:25:
         98:44:94:8c:5a:08:0f:af:e3:c3:6f:f3:05:98:4a:7d:1a:cb:
         ef:a9:ee:7b:eb:16:44:0b:e8:25:04:f9:dc:9f:6b:f8:78:3b:
         dc:da:3c:21:6e:af:10:b0:64:4a:54:8e:e3:47:5d:4a:62:1f:
         4b:5f:a4:c0:dc:30:c5:ff:fe:ee:55:b1:c4:51:75:5d:7c:44:
         32:6a:c0:22:4f:8d:b4:f9:ab:17:bb:ce:54:e9:f6:1f:76:6a:
         cf:9b:0f:f1:55:40:ab:b4:7f:07:b4:28:14:63:7f:7a:b4:96:
         3c:be:8a:d1:97:69:43:e3:69:4e:98:05:eb:f8:bf:78:f1:24:
         1c:07:85:f9:ba:be:6e:f3:2e:ad:ab:f3:fc:fd:67:d9:9e:dc:
         17:c7:ca:db:ec:a9:02:94:f4:44:a7:37:dd:a7:d0:63:70:98:
         cb:7f:af:66:4e:63:4f:29:33:ce:51:53:ce:64:99:2a:f4:21:
         ca:71:e8:bc:4e:df:91:e2:a5:9a:dd:aa:c2:8d:7e:ba:92:9b:
         66:0e:ee:ab:48:80:a4:bf:1b:f7:c8:d7:2b:c4:da:7e:c8:11:
         14:3c:c0:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn762pVRYfVhjMgh+eyWo1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZjcyZjcwYWNjZGE2ZDJlNjEzMzVhODE3MzBlNmY2ZWU1
MTNjYzUwHhcNMjUxMDE5MTAwMjEzWhcNMjUxMDIwMTAwMjEzWjAzMTEwLwYDVQQD
Eyg2ODBjMGNjMzQ5MGMzYzZiZDJkNTFlM2ZmYzFkNDM4N2RlNDkwNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FSvsfakff6+1uiJYhLn7/HVN0ii
CaS7lq/7kcGK0INU7eDDUUt8PTPUESsnw9ei3g08SVGW7udRrW73PtZJcOA6q3XB
8a6JwPfqI9a4vA03Q+eWn6eWRFj16GSLD7SWNv3bO31zNv9BnIqw5uH5ORaM4oRO
+v6YevUk8X0GdXRp5PQii91R56JGv0sdZ14aTSU/DGKQyO85EuzvL1tsspHRmT+c
BjriVaxfNqbffyLTzI1+ZGdoZuGCiUAIqaVdCCmuCBfd6Atd1unXDwG0F7V6MKBP
FDiODh6n7LOnDa3z5pE2fFk1JDE6HEpjWxEQZ0SJG6huQqWJZWQ6/N8LgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgMDMNJDDxr0tUeP/wdQ4feSQYrMB8GA1UdIwQY
MBaAFMn3L3CszabS5hM1qBcw5vbuUTzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEt
MmY5ZjgxZTkzMjk4LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEtMmY5ZjgxZTkzMjk4
LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm3e2/rZz
R6D0AcSAGduP7NlC3Eo+4OmQ9GuAJbOWHvuurtolmESUjFoID6/jw2/zBZhKfRrL
76nue+sWRAvoJQT53J9r+Hg73No8IW6vELBkSlSO40ddSmIfS1+kwNwwxf/+7lWx
xFF1XXxEMmrAIk+NtPmrF7vOVOn2H3Zqz5sP8VVAq7R/B7QoFGN/erSWPL6K0Zdp
Q+NpTpgF6/i/ePEkHAeF+bq+bvMuravz/P1n2Z7cF8fK2+ypApT0RKc33afQY3CY
y3+vZk5jTykzzlFTzmSZKvQhynHovE7fkeKlmt2qwo1+upKbZg7uq0iApL8b98jX
K8TafsgRFDzA6A==
-----END CERTIFICATE-----