Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          CqpwT5YsOzGONuRXWBWq7rBR9r1O7W/ZAqTAoMF1D5w=
Subject key identifier:   FE:B3:B4:FA:CC:0E:9F:99:4C:A7:B4:53:83:67:0F:A1:28:18:F7:1C
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       0199FAD7A957DF98AB6F268520915CE39251
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          0EAF
Signing time:             Sun 19 Oct 2025 05:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:01 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: yF4S0Pnnwmk8E1Jw++uyir2VAIGq1R6semZ0h+24kGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:a9:57:df:98:ab:6f:26:85:20:91:5c:e3:92:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Oct 19 05:01:01 2025 GMT
            Not After : Oct 20 05:01:01 2025 GMT
        Subject: CN=feb3b4facc0e9f994ca7b45383670fa12818f71c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:49:8d:c3:3a:78:72:3f:ad:2b:42:f7:67:d2:
                    54:d2:12:53:a4:30:5b:e2:21:69:ed:89:9c:fc:4e:
                    c0:6d:5f:9a:59:75:64:a3:bb:b8:98:a6:bc:0b:5a:
                    ad:b5:16:09:dd:64:10:db:1f:69:72:2f:a4:52:c9:
                    a9:39:b1:57:2f:21:0f:2b:6b:da:eb:d4:84:f1:67:
                    e7:97:ca:93:a1:61:9e:eb:6e:b2:9e:b4:e3:6e:52:
                    2a:ec:ab:10:84:9c:39:ff:31:5e:2d:c1:72:bb:c8:
                    33:42:71:1b:dd:ac:aa:7e:46:4a:ce:a2:40:9a:df:
                    35:41:e0:8c:cf:ec:80:3e:ca:b5:78:c1:11:d7:13:
                    a7:5b:e2:93:4a:9a:f5:39:15:a1:76:eb:82:6b:1b:
                    31:57:cf:99:79:f6:12:c3:5e:28:e1:7f:88:a2:6a:
                    ad:6a:72:5d:55:46:c5:6f:34:e8:31:84:39:85:86:
                    be:80:27:c0:4b:f3:a5:ab:6a:c3:c9:42:47:50:8b:
                    bb:53:9f:ff:e3:ac:ed:b5:d8:8e:72:02:c0:f8:11:
                    1c:e5:75:69:f6:c0:18:f4:db:ac:cb:e4:a4:ca:85:
                    b2:e3:8e:da:b8:36:ba:1e:e9:08:5f:00:58:e8:ee:
                    f6:1e:80:ea:6e:39:b5:10:7a:56:74:d5:cb:dd:b0:
                    73:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:B3:B4:FA:CC:0E:9F:99:4C:A7:B4:53:83:67:0F:A1:28:18:F7:1C
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:0a:6c:4c:eb:2d:b3:bc:76:bc:29:1e:88:98:66:25:f7:b9:
         67:f2:49:bc:3a:e0:27:69:bd:16:f8:7e:a1:16:ea:ad:3d:e8:
         fe:01:32:1e:e0:94:14:8f:9d:01:3f:c2:62:e6:af:d5:65:ea:
         d5:f4:31:1d:93:45:54:49:04:cc:c5:04:7d:33:11:56:40:bb:
         03:a9:95:c2:8b:fa:7e:a8:6e:4f:c4:f1:9b:80:3c:be:20:77:
         7b:60:19:21:e7:ac:44:65:9e:c5:6b:e7:dd:f4:e8:91:0c:13:
         62:05:b1:e8:1a:57:f5:32:a1:9d:53:6c:5a:30:b6:8f:25:9f:
         39:3e:49:fb:1f:60:b3:28:23:12:18:7c:47:8d:4f:0e:be:9b:
         5b:61:ee:53:6f:69:41:50:d3:cd:85:cf:9e:21:c9:1f:9a:68:
         a6:3c:00:ea:e3:61:3b:cc:2e:b2:0e:e1:c8:fb:49:03:c8:b6:
         7f:c3:bd:45:bd:4c:94:fe:c7:a3:68:7a:93:9b:b7:6d:b9:bc:
         12:6b:f0:1a:8b:3e:85:99:7e:02:92:83:a2:7e:fc:56:40:92:
         cd:b2:94:2d:f7:07:52:12:fe:9d:bd:a8:90:f5:f0:11:91:05:
         da:6e:16:53:a2:6a:d2:51:6b:c9:51:43:c7:4c:58:a0:d5:34:
         58:11:8b:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn616lX35irbyaFIJFc45JRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjUxMDE5MDUwMTAxWhcNMjUxMDIwMDUwMTAxWjAzMTEwLwYDVQQD
EyhmZWIzYjRmYWNjMGU5Zjk5NGNhN2I0NTM4MzY3MGZhMTI4MThmNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0mNwzp4cj+tK0L3Z9JU0hJTpDBb
4iFp7Ymc/E7AbV+aWXVko7u4mKa8C1qttRYJ3WQQ2x9pci+kUsmpObFXLyEPK2va
69SE8Wfnl8qToWGe626ynrTjblIq7KsQhJw5/zFeLcFyu8gzQnEb3ayqfkZKzqJA
mt81QeCMz+yAPsq1eMER1xOnW+KTSpr1ORWhduuCaxsxV8+ZefYSw14o4X+Iomqt
anJdVUbFbzToMYQ5hYa+gCfAS/Olq2rDyUJHUIu7U5//46zttdiOcgLA+BEc5XVp
9sAY9Nusy+SkyoWy447auDa6HukIXwBY6O72HoDqbjm1EHpWdNXL3bBzQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6ztPrMDp+ZTKe0U4NnD6EoGPccMB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQpsTOst
s7x2vCkeiJhmJfe5Z/JJvDrgJ2m9Fvh+oRbqrT3o/gEyHuCUFI+dAT/CYuav1WXq
1fQxHZNFVEkEzMUEfTMRVkC7A6mVwov6fqhuT8Txm4A8viB3e2AZIeesRGWexWvn
3fTokQwTYgWx6BpX9TKhnVNsWjC2jyWfOT5J+x9gsygjEhh8R41PDr6bW2HuU29p
QVDTzYXPniHJH5popjwA6uNhO8wusg7hyPtJA8i2f8O9Rb1MlP7Ho2h6k5u3bbm8
EmvwGos+hZl+ApKDon78VkCSzbKULfcHUhL+nb2okPXwEZEF2m4WU6Jq0lFryVFD
x0xYoNU0WBGLeQ==
-----END CERTIFICATE-----