Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
File:                     YxB3zMSCuRtFmfUslKiJABOSSf8.mft (raw, json)
Hash identifier:          Eh/Q2frR7Q4nHrXrDyrAqUCj3JnPGA7VEoEyiNxDJOY=
Subject key identifier:   EA:EC:B0:8D:F9:B2:42:B2:EA:05:07:D2:65:B4:46:ED:7D:DE:61:8C
Authority key identifier: 63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF
Certificate issuer:       /CN=631077ccc482b91b4599f52c94a88900139249ff
Certificate serial:       0199FCC65F108FD4EF00E4D0E8E91AF1F4FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
Manifest number:          015B
Signing time:             Sun 19 Oct 2025 14:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:22 +0000
Files and hashes:         1: YxB3zMSCuRtFmfUslKiJABOSSf8.crl (hash: 7M5ssvnhlg4x5lhNTCe4rhR3FthE9FKoGghYzhH2zEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:5f:10:8f:d4:ef:00:e4:d0:e8:e9:1a:f1:f4:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=631077ccc482b91b4599f52c94a88900139249ff
        Validity
            Not Before: Oct 19 14:01:22 2025 GMT
            Not After : Oct 20 14:01:22 2025 GMT
        Subject: CN=eaecb08df9b242b2ea0507d265b446ed7dde618c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:03:b0:0b:7f:31:fe:f5:2b:d5:94:45:bf:c2:
                    02:0f:c0:b3:c1:27:8c:f4:01:f3:50:ac:19:3d:15:
                    9d:2e:28:ab:54:66:58:11:bb:f5:91:78:dc:2e:27:
                    c6:ae:ca:f7:80:c2:9b:9f:9e:3b:49:5b:35:4e:75:
                    73:7a:a1:8c:2f:a3:d2:3e:df:f3:e7:c8:a5:1c:60:
                    be:f8:f1:43:76:92:f2:eb:b9:40:11:af:eb:eb:db:
                    b8:98:f9:0e:05:5f:b3:33:1a:c4:1f:59:c6:e0:96:
                    08:d8:41:78:bb:f7:20:c4:f0:43:02:62:ae:38:be:
                    0c:ee:9b:c7:24:ad:0c:50:25:d5:33:ff:69:69:9c:
                    bd:ea:3e:0b:4b:88:9b:38:51:b2:04:3a:75:fe:b2:
                    a3:d8:f6:b2:80:2d:ec:81:7e:8f:d2:3d:d8:28:98:
                    f6:3a:46:76:64:45:ca:30:2a:60:cc:92:27:3c:e9:
                    ae:90:7e:f9:fa:a3:90:ff:d1:4a:8e:7e:5c:a4:6d:
                    43:b5:2b:25:4c:e0:e7:48:59:80:5e:4c:8a:86:9b:
                    a4:5f:0b:9b:7e:44:20:ca:5a:c2:ce:93:7e:8f:af:
                    ff:d3:19:18:c8:ed:e8:83:8b:33:de:12:f1:f9:03:
                    62:7a:08:1c:8b:f3:ad:be:0c:8d:eb:2f:a5:5d:4c:
                    15:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:EC:B0:8D:F9:B2:42:B2:EA:05:07:D2:65:B4:46:ED:7D:DE:61:8C
            X509v3 Authority Key Identifier:
                keyid:63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:a5:92:ea:e5:07:81:64:c4:d0:83:38:79:7b:15:3e:8f:2c:
         13:35:45:cd:42:43:53:76:95:61:11:71:ca:ab:f0:51:bc:84:
         af:6d:cf:a1:31:97:6f:90:4c:7b:1a:86:eb:34:4b:dc:54:3b:
         49:55:7b:0d:5c:01:5f:93:0d:b6:ec:22:1d:c6:78:db:5a:30:
         46:a7:47:77:18:e2:4d:e6:9b:57:5b:3b:e9:a2:2e:28:16:7c:
         82:55:32:ee:47:da:ec:91:67:b8:23:7a:ed:45:0e:5f:4e:9c:
         8d:99:04:85:f4:f1:81:40:ab:a0:24:fe:cd:6b:10:4e:21:54:
         56:ee:a7:b7:48:d1:3f:b2:bc:1f:9f:36:77:7d:e0:e6:25:90:
         c4:ba:2e:10:b1:cc:e6:93:c3:dd:c4:fc:d7:5b:24:cb:06:59:
         1f:b9:53:f0:09:06:82:46:e0:ad:0d:34:e0:08:1f:bc:62:d6:
         1d:25:32:4b:1f:08:24:ee:88:95:c8:43:81:06:84:3f:3f:fc:
         b0:8d:c6:e3:18:9a:16:25:4f:56:1f:25:a0:e4:08:a3:5d:e7:
         a5:6a:4a:51:df:2e:fc:a0:08:81:a7:e4:bd:f4:e8:7c:29:64:
         56:ea:c6:a6:5f:60:3c:d7:0d:17:2b:a9:96:a7:9d:c3:c9:fc:
         f5:ae:ea:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xl8Qj9TvAOTQ6Oka8fT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTA3N2NjYzQ4MmI5MWI0NTk5ZjUyYzk0YTg4OTAwMTM5
MjQ5ZmYwHhcNMjUxMDE5MTQwMTIyWhcNMjUxMDIwMTQwMTIyWjAzMTEwLwYDVQQD
EyhlYWVjYjA4ZGY5YjI0MmIyZWEwNTA3ZDI2NWI0NDZlZDdkZGU2MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgOwC38x/vUr1ZRFv8ICD8CzwSeM
9AHzUKwZPRWdLiirVGZYEbv1kXjcLifGrsr3gMKbn547SVs1TnVzeqGML6PSPt/z
58ilHGC++PFDdpLy67lAEa/r69u4mPkOBV+zMxrEH1nG4JYI2EF4u/cgxPBDAmKu
OL4M7pvHJK0MUCXVM/9paZy96j4LS4ibOFGyBDp1/rKj2PaygC3sgX6P0j3YKJj2
OkZ2ZEXKMCpgzJInPOmukH75+qOQ/9FKjn5cpG1DtSslTODnSFmAXkyKhpukXwub
fkQgylrCzpN+j6//0xkYyO3og4sz3hLx+QNieggci/OtvgyN6y+lXUwVuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrssI35skKy6gUH0mW0Ru193mGMMB8GA1UdIwQY
MBaAFGMQd8zEgrkbRZn1LJSoiQATkkn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3Njgt
ODA0Yjc2MGRkODc5LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3NjgtODA0Yjc2MGRkODc5
LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKWS6uUH
gWTE0IM4eXsVPo8sEzVFzUJDU3aVYRFxyqvwUbyEr23PoTGXb5BMexqG6zRL3FQ7
SVV7DVwBX5MNtuwiHcZ421owRqdHdxjiTeabV1s76aIuKBZ8glUy7kfa7JFnuCN6
7UUOX06cjZkEhfTxgUCroCT+zWsQTiFUVu6nt0jRP7K8H582d33g5iWQxLouELHM
5pPD3cT811skywZZH7lT8AkGgkbgrQ004AgfvGLWHSUySx8IJO6IlchDgQaEPz/8
sI3G4xiaFiVPVh8loOQIo13npWpKUd8u/KAIgafkvfTofClkVurGpl9gPNcNFyup
lqedw8n89a7qnQ==
-----END CERTIFICATE-----