Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          Pdo83RWKTktSi0v/Hp98lF41xqVX+utslU+02BPrAwk=
Subject key identifier:   D0:E8:06:37:E6:00:5C:D9:53:01:0F:FF:88:E3:AB:D8:FE:54:BC:96
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       0199FC8F82C9C677F48A315DDDD79EEA9DD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 13:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:27 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: G/7ixlMWFHFj/F5lUygxVYvN1P2DY4/IC20ipzqr1Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:82:c9:c6:77:f4:8a:31:5d:dd:d7:9e:ea:9d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Oct 19 13:01:27 2025 GMT
            Not After : Oct 20 13:01:27 2025 GMT
        Subject: CN=d0e80637e6005cd953010fff88e3abd8fe54bc96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3c:ce:30:63:76:32:33:73:de:11:19:02:37:
                    60:97:16:c9:cc:30:75:0d:8e:89:c4:b9:56:9b:ea:
                    a2:fe:48:51:1e:b7:9c:f8:6a:0f:1f:3f:28:e7:5a:
                    b3:5b:58:38:37:b2:63:ae:97:b9:0b:c0:d9:af:63:
                    8c:5d:c4:2b:8d:f3:62:c3:ea:0c:72:1f:eb:fc:b2:
                    cf:a7:4c:68:a0:5e:4a:f7:1c:ae:32:ed:15:f7:48:
                    48:8f:d3:7f:0e:f0:30:80:9c:e0:90:58:b8:d2:79:
                    33:f6:da:fb:00:e1:a6:25:66:ce:af:68:64:2b:81:
                    c9:6f:77:1a:45:80:c9:49:0a:69:79:5f:3a:83:d9:
                    84:b0:55:0b:56:e5:9b:08:c5:78:8b:f7:86:21:5d:
                    67:13:62:9e:e1:02:46:c5:f1:a5:be:fd:92:19:54:
                    7a:0c:82:45:65:06:f0:8b:c3:c0:83:63:58:4b:5d:
                    e0:55:ff:75:b2:8c:a4:f0:a7:02:df:1f:39:75:63:
                    1e:2a:8d:98:0c:2d:81:76:0a:08:8d:f0:5c:79:4f:
                    0d:ec:64:b3:b2:2d:a9:89:75:ac:55:ad:77:b5:1f:
                    62:59:2a:9c:50:29:b3:a2:8f:ea:ff:d3:0b:08:d3:
                    79:4a:fd:c6:9a:aa:95:8c:8c:12:1c:fb:3f:65:a1:
                    41:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:E8:06:37:E6:00:5C:D9:53:01:0F:FF:88:E3:AB:D8:FE:54:BC:96
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:bb:f0:a1:b3:44:55:29:36:91:8b:a8:ce:9f:43:dd:5c:64:
         c2:db:0b:27:7c:35:91:e7:71:93:79:5d:ed:22:f8:c2:7b:69:
         58:f2:a1:5e:50:cd:db:a0:da:0f:8e:ce:d3:25:18:f0:8f:ea:
         95:30:ae:51:c8:90:f9:fd:23:b7:db:72:1b:dd:8b:50:9c:3e:
         32:f7:3d:53:38:67:50:1f:e6:96:a0:66:90:79:6c:49:b3:0b:
         d5:d9:c8:50:f0:69:96:7f:50:19:ba:5a:c3:cc:59:52:c0:c7:
         92:4b:e0:8b:7a:91:48:c7:09:73:0d:24:97:e9:3c:3b:ac:88:
         9d:29:b1:61:39:6b:b8:cc:05:0e:0a:77:2b:dc:1d:5a:34:25:
         d8:f1:00:92:d9:4d:4a:8a:6e:9e:52:4f:50:ed:9f:61:5f:4f:
         6e:36:72:79:20:7a:c3:3d:bb:e7:aa:6e:2d:bf:f5:78:69:bd:
         d1:29:15:44:72:a4:c7:d4:21:a8:7c:bd:4e:e1:85:78:68:d6:
         cb:80:46:fa:2a:bd:eb:da:c0:08:7e:0d:c3:c8:6e:86:89:97:
         c9:4d:f6:f6:cf:3a:31:87:13:5f:49:c2:9d:7e:46:d8:ba:ae:
         bc:01:3b:cc:50:a1:c5:9a:ca:ed:95:79:05:87:75:57:19:7c:
         da:6a:b0:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4LJxnf0ijFd3dee6p3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjUxMDE5MTMwMTI3WhcNMjUxMDIwMTMwMTI3WjAzMTEwLwYDVQQD
EyhkMGU4MDYzN2U2MDA1Y2Q5NTMwMTBmZmY4OGUzYWJkOGZlNTRiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDzOMGN2MjNz3hEZAjdglxbJzDB1
DY6JxLlWm+qi/khRHrec+GoPHz8o51qzW1g4N7Jjrpe5C8DZr2OMXcQrjfNiw+oM
ch/r/LLPp0xooF5K9xyuMu0V90hIj9N/DvAwgJzgkFi40nkz9tr7AOGmJWbOr2hk
K4HJb3caRYDJSQppeV86g9mEsFULVuWbCMV4i/eGIV1nE2Ke4QJGxfGlvv2SGVR6
DIJFZQbwi8PAg2NYS13gVf91soyk8KcC3x85dWMeKo2YDC2BdgoIjfBceU8N7GSz
si2piXWsVa13tR9iWSqcUCmzoo/q/9MLCNN5Sv3GmqqVjIwSHPs/ZaFBHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDoBjfmAFzZUwEP/4jjq9j+VLyWMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7vwobNE
VSk2kYuozp9D3VxkwtsLJ3w1kedxk3ld7SL4wntpWPKhXlDN26DaD47O0yUY8I/q
lTCuUciQ+f0jt9tyG92LUJw+Mvc9UzhnUB/mlqBmkHlsSbML1dnIUPBpln9QGbpa
w8xZUsDHkkvgi3qRSMcJcw0kl+k8O6yInSmxYTlruMwFDgp3K9wdWjQl2PEAktlN
SopunlJPUO2fYV9PbjZyeSB6wz2756puLb/1eGm90SkVRHKkx9QhqHy9TuGFeGjW
y4BG+iq969rACH4Nw8huhomXyU329s86MYcTX0nCnX5G2LquvAE7zFChxZrK7ZV5
BYd1Vxl82mqwtA==
-----END CERTIFICATE-----