Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          zfTEj3lZfMEBtEz+mzKNiOgjAhFDqOzXqAtmy+llbhU=
Subject key identifier:   52:3C:23:B1:F8:CE:01:7E:51:CE:4E:D6:AA:9E:55:73:CD:D8:43:7E
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       0199FAD809FC3AA50BE26C598CE7F06EC356
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 05:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:26 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: zRFGu7rek8Ptywe84hRFsl/4VBszLZQh+n8AbTlSBtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:09:fc:3a:a5:0b:e2:6c:59:8c:e7:f0:6e:c3:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Oct 19 05:01:26 2025 GMT
            Not After : Oct 20 05:01:26 2025 GMT
        Subject: CN=523c23b1f8ce017e51ce4ed6aa9e5573cdd8437e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:80:cb:0d:c3:c3:f3:16:34:9c:4d:61:05:48:
                    8d:dd:f8:6d:8a:97:7f:46:87:d7:dc:a6:90:fd:7e:
                    a3:2c:27:d9:14:dc:50:ce:83:0a:06:69:0c:26:31:
                    30:c0:27:e0:9a:c4:92:f8:e7:9d:ef:c4:17:34:61:
                    d9:cc:5f:1d:e2:03:4a:d8:6d:40:a3:98:2e:0b:0d:
                    a5:59:94:e3:52:b9:26:03:de:2e:95:38:0d:bf:2c:
                    75:d2:c2:cf:5d:27:fb:d0:c5:4c:f3:9d:d7:3c:27:
                    4a:5d:db:1e:ab:4c:96:f2:32:96:02:8a:72:9b:de:
                    9f:ac:d1:48:00:6f:a1:ad:a7:47:13:4f:a1:3c:95:
                    7a:ac:d7:ef:85:7b:cc:3c:5d:e1:11:fb:24:e8:9f:
                    3e:1a:c9:18:1b:0b:57:3b:70:ed:7f:c4:f9:5f:93:
                    ee:ac:c2:06:47:36:98:dc:4b:59:ce:2e:8b:f1:7c:
                    9d:ba:c5:f1:90:4b:1a:60:a7:b6:91:3f:32:ae:b0:
                    ee:3b:83:b6:8e:4f:3d:de:8a:ec:21:a7:43:77:0a:
                    7a:98:96:69:7b:53:10:32:db:f9:17:5c:0b:5d:16:
                    c9:d0:d6:15:59:92:c2:c1:61:e3:4c:12:63:d7:78:
                    e2:c6:7a:07:23:7f:d2:65:6d:fc:12:d7:5d:76:bc:
                    b6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:3C:23:B1:F8:CE:01:7E:51:CE:4E:D6:AA:9E:55:73:CD:D8:43:7E
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:2f:65:32:57:65:fe:3b:16:13:1a:53:2a:b8:42:63:af:dd:
         3d:f5:f3:29:30:46:be:c0:45:92:87:6e:73:ae:83:a8:ba:64:
         af:f7:ad:71:99:bf:d4:d2:96:1a:00:4d:04:c3:9a:0c:db:f4:
         8d:f6:59:ef:b3:ab:cb:6e:13:d5:97:85:df:e5:5b:69:2c:e7:
         81:0e:5a:c4:d1:da:78:c1:46:6c:70:c4:6a:3a:90:08:fa:3d:
         e0:5d:0e:c4:6a:2b:79:2c:15:1c:88:a3:2a:d8:d0:50:08:28:
         05:52:b5:1f:db:4f:78:e4:53:06:41:6c:da:a2:23:b3:27:6f:
         41:c3:e5:3d:48:55:0e:f0:d5:7c:80:5e:bc:43:11:91:35:0b:
         1a:a3:f7:5f:85:00:18:e5:00:4a:6c:f4:63:a4:6f:91:45:f8:
         3e:b1:be:90:9a:fe:3e:c6:5d:ce:e8:85:0b:c2:81:f5:34:f1:
         99:54:b0:d5:16:31:43:f0:89:cb:3f:be:5b:09:58:81:57:a3:
         a6:5e:b8:41:92:1a:c8:79:f0:7a:e0:d3:39:85:f8:2a:84:8e:
         0c:fb:5d:82:66:90:09:61:f3:67:dc:00:78:45:53:76:7f:0b:
         28:74:79:7e:37:b8:cf:5b:2f:9b:ff:54:c1:d8:bf:de:a8:f5:
         af:8e:6c:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62An8OqUL4mxZjOfwbsNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjUxMDE5MDUwMTI2WhcNMjUxMDIwMDUwMTI2WjAzMTEwLwYDVQQD
Eyg1MjNjMjNiMWY4Y2UwMTdlNTFjZTRlZDZhYTllNTU3M2NkZDg0MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oDLDcPD8xY0nE1hBUiN3fhtipd/
RofX3KaQ/X6jLCfZFNxQzoMKBmkMJjEwwCfgmsSS+Oed78QXNGHZzF8d4gNK2G1A
o5guCw2lWZTjUrkmA94ulTgNvyx10sLPXSf70MVM853XPCdKXdseq0yW8jKWAopy
m96frNFIAG+hradHE0+hPJV6rNfvhXvMPF3hEfsk6J8+GskYGwtXO3Dtf8T5X5Pu
rMIGRzaY3EtZzi6L8XydusXxkEsaYKe2kT8yrrDuO4O2jk893orsIadDdwp6mJZp
e1MQMtv5F1wLXRbJ0NYVWZLCwWHjTBJj13jixnoHI3/SZW38Etdddry27wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFI8I7H4zgF+Uc5O1qqeVXPN2EN+MB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIy9lMldl
/jsWExpTKrhCY6/dPfXzKTBGvsBFkoduc66DqLpkr/etcZm/1NKWGgBNBMOaDNv0
jfZZ77Ory24T1ZeF3+VbaSzngQ5axNHaeMFGbHDEajqQCPo94F0OxGoreSwVHIij
KtjQUAgoBVK1H9tPeORTBkFs2qIjsydvQcPlPUhVDvDVfIBevEMRkTULGqP3X4UA
GOUASmz0Y6RvkUX4PrG+kJr+PsZdzuiFC8KB9TTxmVSw1RYxQ/CJyz++WwlYgVej
pl64QZIayHnweuDTOYX4KoSODPtdgmaQCWHzZ9wAeEVTdn8LKHR5fje4z1svm/9U
wdi/3qj1r45s1A==
-----END CERTIFICATE-----