Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          eOYllRRLXUGDW/xfUNp9E1M29BzIF0WYzJa2rBwRrIc=
Subject key identifier:   5D:3D:E7:0C:25:47:04:D4:31:34:15:A7:CC:B6:BF:36:B9:7F:E3:F8
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       0199FCFD74002EEE0FE5ECD2B4F282CDBF00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          033F
Signing time:             Sun 19 Oct 2025 15:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:32 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: vlV22yu9ZqYhhlHxmbKdQYLkzbFEigI5qOIeVYVq540=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:74:00:2e:ee:0f:e5:ec:d2:b4:f2:82:cd:bf:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Oct 19 15:01:32 2025 GMT
            Not After : Oct 20 15:01:32 2025 GMT
        Subject: CN=5d3de70c254704d4313415a7ccb6bf36b97fe3f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:d8:f2:df:fd:36:5f:ca:bf:8a:37:65:0f:b5:
                    01:78:ce:4c:6f:29:bd:8b:ef:b7:16:19:dc:0d:42:
                    10:68:8b:1a:5b:e7:2b:c4:76:99:67:5d:c9:01:6b:
                    94:42:50:97:40:92:9c:67:bf:68:b2:a1:de:81:ef:
                    1d:ef:91:d6:11:f4:5a:00:ce:f2:27:e6:36:d5:7a:
                    8b:ad:01:40:22:71:05:ef:2e:04:fc:99:32:b2:94:
                    f3:ea:0a:bf:8c:7e:79:39:2d:4b:29:cb:9b:9c:9e:
                    33:cf:97:f8:05:7c:d6:fd:9d:e4:36:18:32:3a:2a:
                    4a:57:c6:26:ad:8e:f8:3e:15:7b:27:fa:94:31:73:
                    14:82:3c:68:fe:e3:5e:17:45:92:f7:a9:5d:ef:d8:
                    82:67:4d:77:a2:4c:7f:72:87:41:23:c6:d1:05:5f:
                    35:9a:8a:00:29:b0:bc:03:24:d3:ba:b1:59:18:03:
                    62:dc:3d:04:35:26:42:a8:cf:f1:f6:82:22:76:b0:
                    8e:f3:9b:b5:db:de:35:3f:c0:04:1b:05:d1:72:44:
                    20:59:61:43:b8:80:86:bc:80:2b:07:64:bd:6d:a4:
                    06:ea:69:b6:dc:8c:fb:d5:31:d2:11:ed:20:9f:77:
                    8b:33:8f:91:92:57:76:49:03:52:5f:54:73:cc:43:
                    35:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:3D:E7:0C:25:47:04:D4:31:34:15:A7:CC:B6:BF:36:B9:7F:E3:F8
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:9e:01:89:44:d2:09:4e:d5:a3:13:50:e2:6a:4b:73:03:2f:
         3e:84:cc:85:a7:b1:34:e9:e7:2c:d4:66:c6:7b:17:56:a8:05:
         a7:24:35:89:d7:33:21:de:ac:b3:15:94:89:00:39:c4:2e:7d:
         af:47:63:53:79:fe:1d:fe:21:5f:c5:ab:e3:f4:eb:01:b8:40:
         ed:ff:cd:35:26:4e:f5:61:27:11:43:7f:43:63:e2:c1:90:bd:
         86:92:d9:ba:65:65:ec:3e:08:46:c4:d2:a5:b7:8e:db:6c:73:
         ad:5f:78:4c:45:d0:d8:d5:01:d7:19:05:15:d4:9d:4b:8e:33:
         2f:63:90:a9:26:22:03:cf:43:03:2c:72:3c:0a:b4:38:0b:9b:
         b8:e8:a6:52:58:e1:a6:bc:a8:79:c2:e8:d5:fd:2e:35:5f:c5:
         75:18:cb:6b:b5:bf:45:1b:ee:d4:d5:ba:16:94:c0:14:ed:db:
         09:5e:79:76:5e:1c:20:91:7f:29:e6:cd:fc:cf:6b:b0:d3:1e:
         85:c1:d4:ad:cd:8e:3f:05:d4:64:fb:6f:17:4a:ac:f5:65:30:
         46:f7:58:c6:1e:10:a3:d1:ae:00:e0:cf:77:3c:e0:14:2f:6a:
         45:82:78:d7:3d:e9:b3:9c:0e:50:c4:25:4d:de:35:5e:fc:33:
         e8:7b:51:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/XQALu4P5ezStPKCzb8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjUxMDE5MTUwMTMyWhcNMjUxMDIwMTUwMTMyWjAzMTEwLwYDVQQD
Eyg1ZDNkZTcwYzI1NDcwNGQ0MzEzNDE1YTdjY2I2YmYzNmI5N2ZlM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Njy3/02X8q/ijdlD7UBeM5Mbym9
i++3FhncDUIQaIsaW+crxHaZZ13JAWuUQlCXQJKcZ79osqHege8d75HWEfRaAM7y
J+Y21XqLrQFAInEF7y4E/JkyspTz6gq/jH55OS1LKcubnJ4zz5f4BXzW/Z3kNhgy
OipKV8YmrY74PhV7J/qUMXMUgjxo/uNeF0WS96ld79iCZ013okx/codBI8bRBV81
mooAKbC8AyTTurFZGANi3D0ENSZCqM/x9oIidrCO85u12941P8AEGwXRckQgWWFD
uICGvIArB2S9baQG6mm23Iz71THSEe0gn3eLM4+Rkld2SQNSX1RzzEM16QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF095wwlRwTUMTQVp8y2vza5f+P4MB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJ4BiUTS
CU7VoxNQ4mpLcwMvPoTMhaexNOnnLNRmxnsXVqgFpyQ1idczId6ssxWUiQA5xC59
r0djU3n+Hf4hX8Wr4/TrAbhA7f/NNSZO9WEnEUN/Q2PiwZC9hpLZumVl7D4IRsTS
pbeO22xzrV94TEXQ2NUB1xkFFdSdS44zL2OQqSYiA89DAyxyPAq0OAubuOimUljh
pryoecLo1f0uNV/FdRjLa7W/RRvu1NW6FpTAFO3bCV55dl4cIJF/KebN/M9rsNMe
hcHUrc2OPwXUZPtvF0qs9WUwRvdYxh4Qo9GuAODPdzzgFC9qRYJ41z3ps5wOUMQl
Td41Xvwz6HtRZQ==
-----END CERTIFICATE-----