Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File:                     YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier:          KSZ0wDpg+1DzsJDbbumFfD8q6RTjYvjf3AAoWbM8Enk=
Subject key identifier:   71:B0:0B:8A:6B:A9:A0:D6:BD:26:AA:E5:0C:73:CE:96:58:DA:8D:7D
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer:       /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial:       0199FBEAAE712EB725C13F85C3FDE0D50782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:25 +0000
Files and hashes:         1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: kmICIyOrfm3GgqpMu6Tv6V4GggJF8Jt5acrxzJ8SME8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:ae:71:2e:b7:25:c1:3f:85:c3:fd:e0:d5:07:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
        Validity
            Not Before: Oct 19 10:01:25 2025 GMT
            Not After : Oct 20 10:01:25 2025 GMT
        Subject: CN=71b00b8a6ba9a0d6bd26aae50c73ce9658da8d7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3e:e9:10:b3:aa:77:4e:c8:a9:86:b8:ae:4b:
                    3e:0f:ea:de:28:d3:9d:15:42:08:31:45:6a:cf:d2:
                    60:d7:c4:1c:db:f9:d3:70:80:93:fd:26:30:3c:9a:
                    2d:79:79:5e:c5:ff:e4:e8:10:60:13:93:d8:94:5b:
                    ad:d0:f1:ac:f8:17:00:8b:bf:39:02:e0:0a:da:5a:
                    84:6c:fc:ca:d9:1c:2e:31:87:96:85:f0:6b:8d:68:
                    de:8c:6c:2e:91:0c:7d:e0:60:af:68:d7:1a:4d:fd:
                    eb:51:fc:c3:ee:01:6d:f0:cb:d7:86:d4:d3:18:83:
                    b0:d8:11:87:a4:d2:e7:35:b3:47:67:dc:a7:cf:83:
                    bd:f3:a3:4d:57:50:65:cc:5e:50:d9:26:4b:e7:2c:
                    fd:2c:02:48:0a:11:5e:16:45:71:51:f2:17:e3:4f:
                    63:71:70:52:7f:70:3f:2a:1b:b7:dc:1c:29:c3:e2:
                    1a:05:ce:bc:ee:51:95:79:ed:d7:03:b2:24:a6:70:
                    8b:00:fd:fa:b2:82:69:b8:13:82:a2:0f:d7:46:6a:
                    3b:25:85:74:22:f5:2e:b3:a5:27:ae:0f:3b:21:b4:
                    4a:c7:0a:d3:4c:a3:f4:1b:dd:9d:05:af:51:ce:47:
                    01:dd:1a:79:0c:a3:bb:e9:d8:fb:c3:7a:f0:8d:9e:
                    01:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:B0:0B:8A:6B:A9:A0:D6:BD:26:AA:E5:0C:73:CE:96:58:DA:8D:7D
            X509v3 Authority Key Identifier:
                keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:44:86:35:2a:58:1c:3f:af:43:05:f1:e1:d1:ca:71:7c:a0:
         0c:f1:64:c8:8e:56:45:de:c7:02:a6:a3:a7:af:2e:53:04:83:
         6c:80:f3:39:43:4a:d7:b6:46:2e:82:bf:0a:91:fd:e6:b0:8a:
         01:6b:34:ba:a1:48:73:be:1c:e3:f3:1a:12:02:64:5b:8c:88:
         cf:fc:26:55:29:e4:c2:fa:b5:2a:8c:29:27:b0:83:a8:2d:42:
         1a:a3:78:0c:4a:a9:1b:89:20:9b:3f:59:93:c1:e9:0c:73:a5:
         22:36:3c:26:e3:47:36:5a:41:78:16:45:43:9e:e4:c1:18:51:
         1c:f4:2c:4f:f9:a3:49:c8:3d:8c:a2:b1:b2:8a:07:ef:a1:00:
         f2:6f:0a:64:e4:7e:24:5f:fc:66:88:a7:78:e4:1d:05:4a:c8:
         ac:00:5a:61:77:e3:f1:bb:42:f7:84:87:9f:9f:cc:4a:3d:22:
         ff:a9:9f:ab:af:25:20:7b:bc:4b:e8:82:36:a5:15:97:b3:c6:
         03:68:5d:f8:43:16:49:42:eb:86:d3:a7:89:2a:61:89:78:b9:
         f7:46:f4:27:ad:1e:32:d8:55:5d:da:4d:cf:6b:d9:5a:e6:83:
         39:75:57:63:65:84:40:86:73:d5:cc:75:69:ca:23:f5:df:e7:
         ed:b6:c9:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76q5xLrclwT+Fw/3g1QeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjUxMDE5MTAwMTI1WhcNMjUxMDIwMTAwMTI1WjAzMTEwLwYDVQQD
Eyg3MWIwMGI4YTZiYTlhMGQ2YmQyNmFhZTUwYzczY2U5NjU4ZGE4ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j7pELOqd07IqYa4rks+D+reKNOd
FUIIMUVqz9Jg18Qc2/nTcICT/SYwPJoteXlexf/k6BBgE5PYlFut0PGs+BcAi785
AuAK2lqEbPzK2RwuMYeWhfBrjWjejGwukQx94GCvaNcaTf3rUfzD7gFt8MvXhtTT
GIOw2BGHpNLnNbNHZ9ynz4O986NNV1BlzF5Q2SZL5yz9LAJIChFeFkVxUfIX409j
cXBSf3A/Khu33Bwpw+IaBc687lGVee3XA7IkpnCLAP36soJpuBOCog/XRmo7JYV0
IvUus6Unrg87IbRKxwrTTKP0G92dBa9RzkcB3Rp5DKO76dj7w3rwjZ4B/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGwC4prqaDWvSaq5QxzzpZY2o19MB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS0SGNSpY
HD+vQwXx4dHKcXygDPFkyI5WRd7HAqajp68uUwSDbIDzOUNK17ZGLoK/CpH95rCK
AWs0uqFIc74c4/MaEgJkW4yIz/wmVSnkwvq1KowpJ7CDqC1CGqN4DEqpG4kgmz9Z
k8HpDHOlIjY8JuNHNlpBeBZFQ57kwRhRHPQsT/mjScg9jKKxsooH76EA8m8KZOR+
JF/8ZoineOQdBUrIrABaYXfj8btC94SHn5/MSj0i/6mfq68lIHu8S+iCNqUVl7PG
A2hd+EMWSULrhtOniSphiXi590b0J60eMthVXdpNz2vZWuaDOXVXY2WEQIZz1cx1
acoj9d/n7bbJIQ==
-----END CERTIFICATE-----