Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          a0EjIM/SGVHN53jIVFwT4XDAGYSo25zV9sYVyM+NT+E=
Subject key identifier:   C4:E3:48:09:88:DA:F4:F4:62:3E:2F:CA:A0:DC:FD:64:FD:02:AC:01
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       0199FBEBAD274E9EAA6CD2C88CAACF481A7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          11DF
Signing time:             Sun 19 Oct 2025 10:02:30 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:30 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:30 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: KrgDe62BNfIB8s1xmc+KLZWu5F7D7nTAxe8oVxKViAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:ad:27:4e:9e:aa:6c:d2:c8:8c:aa:cf:48:1a:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Oct 19 10:02:30 2025 GMT
            Not After : Oct 20 10:02:30 2025 GMT
        Subject: CN=c4e3480988daf4f4623e2fcaa0dcfd64fd02ac01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:52:9a:93:f7:fe:14:9b:11:c5:34:8a:f4:b6:
                    d8:14:44:b2:62:1b:2d:c5:2f:95:e7:e1:af:70:5c:
                    73:4a:67:e8:5d:c3:10:6d:e0:87:2e:f7:63:b5:5f:
                    2d:95:58:a5:68:9b:d3:b9:23:c8:50:e5:a0:d2:bc:
                    da:ee:c0:a4:3c:b0:18:c4:64:79:5a:51:e2:08:8b:
                    33:27:d6:2a:18:d5:a4:2d:8b:47:50:ec:e5:60:74:
                    9e:cb:b0:60:64:a0:9d:cb:61:95:44:cd:c8:74:f9:
                    e5:22:e4:6e:41:d8:60:f4:de:f4:56:44:08:a8:74:
                    d6:28:77:e0:8f:c2:f0:93:7a:ca:a4:69:2a:0c:29:
                    65:0e:f0:81:fd:e4:94:f7:04:f1:e1:c4:e5:bf:25:
                    e4:74:9b:ee:36:75:d2:ba:b2:ff:56:8b:28:32:bc:
                    25:14:58:de:02:0e:34:9d:f9:d4:cb:9b:83:f3:b4:
                    0e:10:bc:9e:c0:bb:b6:f6:99:55:c7:22:8b:c6:4a:
                    6f:48:40:2c:00:9c:85:7d:fe:2a:ec:10:f5:38:3e:
                    fe:b4:01:ec:96:3b:9c:61:08:54:e2:2d:ef:37:c2:
                    fb:a7:5c:f9:e2:5c:08:78:94:b9:7a:4b:03:5f:b2:
                    4c:ca:dd:f4:ef:3b:65:f9:c9:69:f4:5c:56:bf:7b:
                    7b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:E3:48:09:88:DA:F4:F4:62:3E:2F:CA:A0:DC:FD:64:FD:02:AC:01
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:33:11:f1:6b:1a:e6:98:d5:36:4b:11:eb:fc:8c:d2:80:25:
         51:4f:70:73:c4:4a:29:9b:5a:73:cd:44:6c:ba:4c:c1:f3:2b:
         e5:59:91:8d:1d:65:a9:ff:c4:a0:b1:57:dc:1e:eb:27:9c:76:
         6c:a2:88:66:e3:b1:aa:5b:84:a6:13:39:53:44:6d:04:46:09:
         84:5a:49:34:ac:06:5e:40:09:2c:53:99:fe:15:70:05:1f:05:
         a1:b8:31:12:a4:0c:59:a8:7e:a1:f6:56:8c:49:9e:3f:67:0d:
         df:80:67:39:b6:bb:11:3c:80:e5:9d:2e:a8:95:8a:ed:d0:91:
         c8:41:5c:25:d8:74:99:f7:e9:ea:69:e3:2d:eb:a0:55:b6:a3:
         d9:ff:f9:51:a3:b0:01:24:4a:3b:26:1e:86:e5:1b:e9:00:0c:
         cf:39:f7:f6:99:b8:e1:60:3e:2f:ad:89:7a:a9:f5:6a:ff:35:
         76:21:01:fd:22:f3:57:e1:d8:12:c2:c5:06:0f:d9:72:b3:6e:
         b8:3a:06:3b:74:4b:f6:75:64:13:c2:8e:e0:33:ee:82:eb:7e:
         e6:c4:57:c5:e7:a9:50:fe:f1:3f:1d:aa:0c:e5:4b:c8:2b:2a:
         ca:30:0f:75:bd:6b:ac:fe:81:86:8e:09:2a:21:05:92:f8:ba:
         7a:24:37:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7660nTp6qbNLIjKrPSBp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUxMDE5MTAwMjMwWhcNMjUxMDIwMTAwMjMwWjAzMTEwLwYDVQQD
EyhjNGUzNDgwOTg4ZGFmNGY0NjIzZTJmY2FhMGRjZmQ2NGZkMDJhYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlKak/f+FJsRxTSK9LbYFESyYhst
xS+V5+GvcFxzSmfoXcMQbeCHLvdjtV8tlVilaJvTuSPIUOWg0rza7sCkPLAYxGR5
WlHiCIszJ9YqGNWkLYtHUOzlYHSey7BgZKCdy2GVRM3IdPnlIuRuQdhg9N70VkQI
qHTWKHfgj8Lwk3rKpGkqDCllDvCB/eSU9wTx4cTlvyXkdJvuNnXSurL/VosoMrwl
FFjeAg40nfnUy5uD87QOELyewLu29plVxyKLxkpvSEAsAJyFff4q7BD1OD7+tAHs
ljucYQhU4i3vN8L7p1z54lwIeJS5eksDX7JMyt307ztl+clp9FxWv3t7fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTjSAmI2vT0Yj4vyqDc/WT9AqwBMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzMR8Wsa
5pjVNksR6/yM0oAlUU9wc8RKKZtac81EbLpMwfMr5VmRjR1lqf/EoLFX3B7rJ5x2
bKKIZuOxqluEphM5U0RtBEYJhFpJNKwGXkAJLFOZ/hVwBR8FobgxEqQMWah+ofZW
jEmeP2cN34BnOba7ETyA5Z0uqJWK7dCRyEFcJdh0mffp6mnjLeugVbaj2f/5UaOw
ASRKOyYehuUb6QAMzzn39pm44WA+L62Jeqn1av81diEB/SLzV+HYEsLFBg/ZcrNu
uDoGO3RL9nVkE8KO4DPugut+5sRXxeepUP7xPx2qDOVLyCsqyjAPdb1rrP6Bho4J
KiEFkvi6eiQ3zA==
-----END CERTIFICATE-----