Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          7dL0RZ/QIS3oBJNPkSirAFy+mzQITZHFtDVf2V1GnYw=
Subject key identifier:   80:CD:B0:CF:E7:F3:5F:F9:28:29:5C:DE:CA:15:D7:B0:A5:E3:01:07
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       0199FFC74720C8B19BBEB49B2B18D93B80D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          010E
Signing time:             Mon 20 Oct 2025 04:01:13 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:13 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:13 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: cRoe044e+UryFDtJstANwxqkiCvkYMen+bZhuB/+zZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:47:20:c8:b1:9b:be:b4:9b:2b:18:d9:3b:80:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Oct 20 04:01:13 2025 GMT
            Not After : Oct 21 04:01:13 2025 GMT
        Subject: CN=80cdb0cfe7f35ff928295cdeca15d7b0a5e30107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c5:f0:b9:20:20:29:35:b9:7a:fa:03:3c:a8:
                    3f:fa:c1:65:de:98:08:1d:61:46:69:2b:a5:66:31:
                    15:85:06:13:43:e8:fa:6b:34:47:f6:c1:1e:1c:d5:
                    0b:75:b2:b2:63:fb:cf:b1:b6:de:67:a9:ff:e5:81:
                    ac:de:bb:d0:94:ea:eb:37:02:c1:e0:f8:2b:25:46:
                    45:d0:45:84:5f:27:e7:56:c1:04:42:c4:ea:90:f3:
                    d0:ca:61:44:3b:9d:a8:29:db:56:bf:b0:67:9a:e5:
                    f5:ad:5a:43:4c:15:0f:c2:bf:8a:a5:9c:af:d6:1e:
                    03:5e:d9:71:91:ff:d0:74:62:cf:dc:b2:2c:05:7c:
                    46:89:3d:38:ab:cf:35:18:65:1e:99:0a:31:d3:9d:
                    a3:11:43:cb:de:f7:19:aa:58:2b:4d:4e:ca:75:68:
                    26:40:ce:d4:61:d6:44:c6:49:e7:92:ef:ca:ca:a6:
                    29:1d:77:59:da:5e:15:aa:2f:be:e1:5e:be:18:47:
                    50:5b:38:85:a7:72:49:4b:70:01:c5:16:8c:e8:35:
                    ff:29:ea:4a:4a:66:c2:da:3b:1a:e8:3b:1c:fc:dd:
                    84:33:72:5a:b9:ce:ef:ff:f3:ab:86:6c:ed:86:65:
                    90:d1:ae:c5:e8:81:0b:72:59:4e:71:e9:f3:6d:25:
                    78:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:CD:B0:CF:E7:F3:5F:F9:28:29:5C:DE:CA:15:D7:B0:A5:E3:01:07
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:80:6b:49:42:52:e5:0c:39:1e:bc:d8:67:e6:8f:43:2e:e8:
         88:38:cd:39:96:f6:1e:2d:a8:19:ae:d3:93:13:b1:7a:eb:c5:
         8f:df:df:b3:e1:37:e0:82:1d:1b:5b:59:77:bd:dc:c3:db:2c:
         df:40:87:f2:a4:fa:1f:cc:06:32:d2:86:7f:44:ba:06:7c:6c:
         cb:58:5d:8c:cf:40:84:4d:4f:14:d9:47:4d:dc:0e:cc:0b:b0:
         86:e0:cd:e9:0e:ac:c8:9c:a1:3a:03:d4:6f:0b:1b:47:51:bb:
         c8:d5:2c:df:fa:60:88:f6:62:32:f0:2d:57:d9:e7:2a:f8:50:
         2d:09:b8:b0:c7:70:e3:81:d9:91:b2:fd:73:eb:f2:22:06:87:
         d8:de:11:38:7d:dc:a1:60:8f:82:e2:33:61:f7:92:57:60:7e:
         99:8a:a0:07:9e:38:bb:6d:0b:c1:7f:3e:cd:fa:e2:0f:db:43:
         4e:0a:bc:46:48:3f:83:36:52:4c:1e:ba:4c:7f:b0:29:25:4d:
         fa:07:ff:af:70:d9:95:2e:0c:9d:8d:c7:cd:11:dd:bb:98:00:
         68:5c:ee:a9:8f:c3:f0:2f:94:9f:03:fe:65:3d:b0:9a:95:78:
         65:80:d7:f6:f3:e6:14:91:16:cb:19:8b:e0:24:f9:0f:a7:cd:
         84:94:f5:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x0cgyLGbvrSbKxjZO4DTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjUxMDIwMDQwMTEzWhcNMjUxMDIxMDQwMTEzWjAzMTEwLwYDVQQD
Eyg4MGNkYjBjZmU3ZjM1ZmY5MjgyOTVjZGVjYTE1ZDdiMGE1ZTMwMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsXwuSAgKTW5evoDPKg/+sFl3pgI
HWFGaSulZjEVhQYTQ+j6azRH9sEeHNULdbKyY/vPsbbeZ6n/5YGs3rvQlOrrNwLB
4PgrJUZF0EWEXyfnVsEEQsTqkPPQymFEO52oKdtWv7BnmuX1rVpDTBUPwr+KpZyv
1h4DXtlxkf/QdGLP3LIsBXxGiT04q881GGUemQox052jEUPL3vcZqlgrTU7KdWgm
QM7UYdZExknnku/KyqYpHXdZ2l4Vqi++4V6+GEdQWziFp3JJS3ABxRaM6DX/KepK
SmbC2jsa6Dsc/N2EM3Jauc7v//OrhmzthmWQ0a7F6IELcllOcenzbSV4GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDNsM/n81/5KClc3soV17Cl4wEHMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIBrSUJS
5Qw5HrzYZ+aPQy7oiDjNOZb2Hi2oGa7TkxOxeuvFj9/fs+E34IIdG1tZd73cw9ss
30CH8qT6H8wGMtKGf0S6Bnxsy1hdjM9AhE1PFNlHTdwOzAuwhuDN6Q6syJyhOgPU
bwsbR1G7yNUs3/pgiPZiMvAtV9nnKvhQLQm4sMdw44HZkbL9c+vyIgaH2N4ROH3c
oWCPguIzYfeSV2B+mYqgB544u20LwX8+zfriD9tDTgq8Rkg/gzZSTB66TH+wKSVN
+gf/r3DZlS4MnY3HzRHdu5gAaFzuqY/D8C+UnwP+ZT2wmpV4ZYDX9vPmFJEWyxmL
4CT5D6fNhJT1OQ==
-----END CERTIFICATE-----