Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          96izsAovB08lMUS7ViEKLd7o9YcDtKGx4Oo6yU3xwFE=
Subject key identifier:   F1:D7:4D:13:5F:73:F4:0B:F8:7D:B4:F6:19:A6:9A:D1:29:C9:EC:D2
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       0199FCC642AAAC82A78BF2A139FAB566A6AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0D8A
Signing time:             Sun 19 Oct 2025 14:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:15 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: whZSf/eTYnH92/cF8NTyt4DBJ80EcIQen1W3VELayY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:42:aa:ac:82:a7:8b:f2:a1:39:fa:b5:66:a6:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Oct 19 14:01:15 2025 GMT
            Not After : Oct 20 14:01:15 2025 GMT
        Subject: CN=f1d74d135f73f40bf87db4f619a69ad129c9ecd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a1:f7:f6:06:7c:fe:b1:28:31:88:65:65:d8:
                    4e:88:7b:7c:09:31:49:42:fa:00:a4:82:28:50:8c:
                    fa:e4:c5:cc:91:98:74:56:8f:48:5b:7e:47:b2:53:
                    35:eb:8e:de:e1:f7:bd:67:65:99:eb:ab:40:94:b5:
                    e3:0b:c3:7d:6c:c2:d5:79:03:4e:4b:7e:ff:69:62:
                    c9:1b:12:ca:a8:40:e8:8f:9e:93:df:89:5b:c1:6f:
                    68:60:6a:46:3a:39:84:9c:11:9d:76:0c:80:f6:a8:
                    57:62:98:f1:5c:82:ea:e2:c8:b7:91:1f:0f:cb:99:
                    14:93:b4:5e:2d:6a:19:61:2b:58:74:06:20:cf:ba:
                    21:d4:b6:0f:95:bb:33:07:95:d7:f7:a8:01:a7:21:
                    76:3a:63:93:ca:10:5d:0b:5a:b6:12:4f:57:83:e5:
                    85:92:bc:e1:8d:71:2a:ac:e4:d3:e7:84:87:1e:e7:
                    cf:5c:d6:be:19:97:e0:2e:41:20:59:e2:f0:96:2c:
                    05:24:bd:5b:19:f9:62:48:9f:4c:a1:52:4e:0e:55:
                    d9:d8:da:1a:97:35:8d:cd:49:62:6f:3f:f9:5d:8a:
                    fa:53:78:bd:f9:2a:0a:c1:d7:e5:02:ec:4b:db:66:
                    6f:19:e4:1a:ce:59:0c:60:be:c9:65:d2:48:b8:42:
                    73:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:D7:4D:13:5F:73:F4:0B:F8:7D:B4:F6:19:A6:9A:D1:29:C9:EC:D2
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:1e:63:bd:d5:c1:2a:e2:56:b4:06:0b:3a:7a:4f:a4:e2:c6:
         50:43:f8:b6:69:67:76:ae:a9:cc:f9:6f:0f:93:88:44:81:8e:
         a7:4a:26:f2:c8:49:f0:93:42:b4:49:3c:1b:7c:86:56:8a:1f:
         92:11:b5:69:4a:e0:81:75:cd:ea:fd:5e:a0:c6:18:b8:d8:a2:
         d2:10:62:89:e1:75:fc:da:71:3b:24:fb:aa:2f:45:ef:2e:1b:
         fc:3d:3a:19:01:00:a2:65:c6:f8:3d:cf:3f:7c:1a:3f:45:a5:
         4f:a9:04:2e:fb:a9:49:4d:f2:55:43:4e:48:b3:39:d0:63:52:
         76:59:70:e1:dc:f6:c0:27:8e:bd:9d:2d:99:44:21:19:4d:5d:
         62:eb:1e:8e:d5:fc:51:28:8e:a8:df:47:9e:66:4c:b4:b4:07:
         cd:b0:b5:a2:74:67:80:75:09:dc:9e:16:db:95:38:f5:33:0d:
         14:1b:31:c9:5e:3c:66:ac:13:8b:f4:87:fd:41:72:b9:5a:ac:
         87:69:ca:0c:f4:d8:fe:bf:d8:33:8f:28:d2:6f:d2:31:cd:76:
         b3:b1:0a:2a:eb:b5:b5:f0:a0:5a:d5:0d:3e:ad:69:3d:8c:78:
         e9:4e:46:75:7d:ea:30:1e:25:30:aa:91:62:d5:e0:d0:b2:6b:
         b8:52:db:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xkKqrIKni/KhOfq1ZqarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjUxMDE5MTQwMTE1WhcNMjUxMDIwMTQwMTE1WjAzMTEwLwYDVQQD
EyhmMWQ3NGQxMzVmNzNmNDBiZjg3ZGI0ZjYxOWE2OWFkMTI5YzllY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36H39gZ8/rEoMYhlZdhOiHt8CTFJ
QvoApIIoUIz65MXMkZh0Vo9IW35HslM1647e4fe9Z2WZ66tAlLXjC8N9bMLVeQNO
S37/aWLJGxLKqEDoj56T34lbwW9oYGpGOjmEnBGddgyA9qhXYpjxXILq4si3kR8P
y5kUk7ReLWoZYStYdAYgz7oh1LYPlbszB5XX96gBpyF2OmOTyhBdC1q2Ek9Xg+WF
krzhjXEqrOTT54SHHufPXNa+GZfgLkEgWeLwliwFJL1bGfliSJ9MoVJODlXZ2Noa
lzWNzUlibz/5XYr6U3i9+SoKwdflAuxL22ZvGeQazlkMYL7JZdJIuEJzYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHXTRNfc/QL+H209hmmmtEpyezSMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVB5jvdXB
KuJWtAYLOnpPpOLGUEP4tmlndq6pzPlvD5OIRIGOp0om8shJ8JNCtEk8G3yGVoof
khG1aUrggXXN6v1eoMYYuNii0hBiieF1/NpxOyT7qi9F7y4b/D06GQEAomXG+D3P
P3waP0WlT6kELvupSU3yVUNOSLM50GNSdllw4dz2wCeOvZ0tmUQhGU1dYusejtX8
USiOqN9HnmZMtLQHzbC1onRngHUJ3J4W25U49TMNFBsxyV48ZqwTi/SH/UFyuVqs
h2nKDPTY/r/YM48o0m/SMc12s7EKKuu1tfCgWtUNPq1pPYx46U5GdX3qMB4lMKqR
YtXg0LJruFLbHg==
-----END CERTIFICATE-----