Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          1d1pbwMjyo9jsJkOteily6kS0RLF+zsd/jYNGuIc1K0=
Subject key identifier:   17:DE:B6:1A:1D:5E:DF:0C:1E:E7:1A:21:1C:A2:5D:E0:E1:CC:4D:D2
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       0199FFC8059BA35456C9131EE51BEAAA9A3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          16DF
Signing time:             Mon 20 Oct 2025 04:02:02 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:02 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:02 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: HJ3vmIOWQwT95DpJKyJBT6iEYW2LqhmGQFwZBuNKOGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:05:9b:a3:54:56:c9:13:1e:e5:1b:ea:aa:9a:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Oct 20 04:02:02 2025 GMT
            Not After : Oct 21 04:02:02 2025 GMT
        Subject: CN=17deb61a1d5edf0c1ee71a211ca25de0e1cc4dd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:84:f0:d4:56:c4:ce:b1:ba:71:35:b4:34:5e:
                    aa:b7:75:5e:e7:cf:be:b5:0e:39:d4:f8:64:54:56:
                    51:f6:30:9a:8f:91:04:85:8f:72:83:77:6e:83:ce:
                    3e:5b:c6:01:9a:86:2e:7d:be:41:b5:31:8c:96:63:
                    7c:b1:d6:48:80:e2:07:cc:47:b8:10:bd:73:e0:a7:
                    c9:85:10:7a:e6:6a:1c:43:a2:af:65:07:0a:05:1a:
                    3c:ba:34:54:93:39:d8:50:f2:df:f8:4e:f2:17:89:
                    48:1a:9a:ee:8a:e5:84:67:1c:de:67:6a:51:ee:4b:
                    61:b2:d8:81:64:37:90:65:07:d8:11:fe:99:72:d6:
                    30:08:82:ef:35:fe:8b:00:f5:4b:f5:be:b5:b3:0b:
                    9d:78:31:98:e0:80:98:79:84:34:10:93:01:67:77:
                    b3:e9:b0:df:0a:57:cb:40:30:4f:c4:96:3a:aa:22:
                    fe:d8:01:24:44:c1:85:35:ef:fc:31:12:a9:31:8b:
                    aa:5a:f4:23:76:a4:68:9f:b3:10:4b:46:b8:fc:bc:
                    2b:8f:d7:fb:18:e4:a7:74:ae:da:5a:ed:c1:07:bd:
                    8e:57:54:8c:bf:36:01:ab:ff:9e:58:02:75:13:56:
                    ab:aa:f5:4b:f6:6f:54:40:60:55:dd:a8:f5:9c:48:
                    b3:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:DE:B6:1A:1D:5E:DF:0C:1E:E7:1A:21:1C:A2:5D:E0:E1:CC:4D:D2
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:dd:f8:e8:e2:32:7e:5f:66:bf:8c:27:cc:30:af:0b:9a:bc:
         51:42:8e:d8:9b:25:ae:b0:0d:2a:c1:57:99:b8:da:4a:9a:4d:
         d7:ab:24:02:89:4d:e4:9f:e5:95:87:0b:ab:5e:2e:55:8b:2d:
         71:23:63:4d:16:70:ea:fa:6f:89:6d:8c:22:ae:d2:75:08:cb:
         4d:ec:62:31:0c:cf:c8:06:b1:3d:4c:94:21:82:f3:4f:69:cc:
         01:ea:0e:45:44:e0:9f:29:41:b3:80:22:3e:01:17:22:da:b2:
         91:9f:fd:07:39:03:5a:b3:08:86:55:72:db:1b:fb:1d:80:c3:
         c1:e5:12:eb:fa:1e:ec:95:8f:23:98:cd:c2:68:d1:96:33:b1:
         5a:08:cd:57:ad:9c:bc:2d:33:23:72:82:1a:83:0a:a8:8a:77:
         bb:67:82:f5:e0:99:b6:13:7d:2d:01:c8:6c:70:d0:b6:44:a5:
         c7:19:6d:68:f0:e0:4e:b6:26:37:85:5e:1d:7d:4d:75:18:55:
         ca:45:68:4b:ca:65:f7:6e:73:3e:1d:19:7e:0c:0d:e1:bf:16:
         8b:df:21:d1:75:02:14:e0:61:f6:9a:f6:b0:0c:48:ae:83:af:
         45:cb:f4:25:a4:26:27:5a:f0:e6:75:3f:1d:25:59:47:53:c9:
         de:20:2e:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yAWbo1RWyRMe5Rvqqpo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUxMDIwMDQwMjAyWhcNMjUxMDIxMDQwMjAyWjAzMTEwLwYDVQQD
EygxN2RlYjYxYTFkNWVkZjBjMWVlNzFhMjExY2EyNWRlMGUxY2M0ZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Tw1FbEzrG6cTW0NF6qt3Ve58++
tQ451PhkVFZR9jCaj5EEhY9yg3dug84+W8YBmoYufb5BtTGMlmN8sdZIgOIHzEe4
EL1z4KfJhRB65mocQ6KvZQcKBRo8ujRUkznYUPLf+E7yF4lIGpruiuWEZxzeZ2pR
7kthstiBZDeQZQfYEf6ZctYwCILvNf6LAPVL9b61swudeDGY4ICYeYQ0EJMBZ3ez
6bDfClfLQDBPxJY6qiL+2AEkRMGFNe/8MRKpMYuqWvQjdqRon7MQS0a4/Lwrj9f7
GOSndK7aWu3BB72OV1SMvzYBq/+eWAJ1E1arqvVL9m9UQGBV3aj1nEizCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfethodXt8MHucaIRyiXeDhzE3SMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKd346OIy
fl9mv4wnzDCvC5q8UUKO2JslrrANKsFXmbjaSppN16skAolN5J/llYcLq14uVYst
cSNjTRZw6vpviW2MIq7SdQjLTexiMQzPyAaxPUyUIYLzT2nMAeoORUTgnylBs4Ai
PgEXItqykZ/9BzkDWrMIhlVy2xv7HYDDweUS6/oe7JWPI5jNwmjRljOxWgjNV62c
vC0zI3KCGoMKqIp3u2eC9eCZthN9LQHIbHDQtkSlxxltaPDgTrYmN4VeHX1NdRhV
ykVoS8pl925zPh0ZfgwN4b8Wi98h0XUCFOBh9pr2sAxIroOvRcv0JaQmJ1rw5nU/
HSVZR1PJ3iAuoQ==
-----END CERTIFICATE-----