Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          QaNiz8BNLBmdzuTbaniVoknu9n26d/JXuxRWA/LOKV4=
Subject key identifier:   D9:1C:9B:05:78:70:43:FE:A9:58:91:16:79:08:3D:07:99:9F:68:D3
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       0199FBEC3329A906412EA3EC1E94B052FAF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0DC7
Signing time:             Sun 19 Oct 2025 10:03:04 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:04 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:04 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: DZLiEa44Ub0OV/KkMTKPxhhiUTVG3AATB7M3bhpKtX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:33:29:a9:06:41:2e:a3:ec:1e:94:b0:52:fa:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Oct 19 10:03:04 2025 GMT
            Not After : Oct 20 10:03:04 2025 GMT
        Subject: CN=d91c9b05787043fea958911679083d07999f68d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:57:dc:e0:79:cd:41:3a:f0:76:e6:92:78:cc:
                    31:2b:81:cf:77:30:df:10:a1:d9:4e:65:0f:11:8a:
                    30:34:2b:d8:f9:df:be:0c:40:25:32:27:78:30:62:
                    11:5f:72:29:fc:02:85:e0:1e:7f:f6:34:b5:6a:68:
                    6a:a2:53:e2:b9:1f:7b:74:a5:5e:06:92:63:12:73:
                    ad:84:08:d1:cd:a6:dc:3f:39:07:6a:18:4f:c2:1a:
                    d9:fa:8f:5d:00:e5:0b:14:67:3c:86:9a:56:4d:4c:
                    5d:c9:2f:c6:d0:3d:75:8c:02:6b:e0:18:4e:d3:c5:
                    1c:5b:0e:59:cc:97:df:d9:a4:61:d6:61:93:37:33:
                    bd:67:b9:18:a4:44:77:88:33:63:2c:ce:86:49:ec:
                    a5:c0:80:8d:8a:a6:b8:04:cc:3e:71:24:04:84:40:
                    ff:e7:ac:16:b5:ad:ec:9d:40:7f:d7:14:24:db:2e:
                    63:cb:d7:cd:d0:c6:84:27:4b:7d:36:77:1d:4e:0a:
                    97:7b:4d:3a:d0:93:85:95:bf:3e:d0:6c:4c:cf:1b:
                    57:7f:14:10:a8:a9:88:3c:53:ad:c8:22:6c:88:3b:
                    01:6a:63:3f:52:88:c0:e7:c5:2d:04:e3:ba:6e:b8:
                    c3:56:d6:52:b7:22:6f:b5:04:c9:ac:62:f4:5f:95:
                    34:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:1C:9B:05:78:70:43:FE:A9:58:91:16:79:08:3D:07:99:9F:68:D3
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:62:b0:c1:49:e3:4b:42:11:78:01:c4:d9:14:d1:c3:e8:8d:
         6e:b0:ce:e6:ee:e1:08:43:4f:a8:a3:f2:4e:95:77:c1:9b:a1:
         ea:14:1c:8a:40:5e:23:e0:36:ea:48:37:81:e5:86:57:f7:ce:
         a3:38:b4:cb:48:28:6f:dd:45:06:a1:22:c0:d9:87:4e:cc:a8:
         51:51:72:d7:78:1e:70:cf:ea:b2:84:14:4d:1b:80:e7:32:dc:
         c8:2c:05:6d:d9:4a:fd:d1:cb:80:3d:5b:16:11:8f:ba:88:9b:
         e4:1c:79:1d:15:64:09:12:49:7c:47:e6:d2:e1:58:3c:50:a5:
         00:81:0f:e0:77:30:7e:2c:48:73:51:b1:14:4c:4a:ab:34:0c:
         1f:d1:b2:6a:e9:e2:f7:0c:11:a8:9e:3c:08:f9:eb:ab:0c:68:
         b7:f4:fc:cc:e2:c1:22:f1:2e:ca:11:e3:3f:38:dd:0e:c5:57:
         44:4f:68:84:06:df:e0:7f:6f:6c:12:4b:15:71:bb:84:66:cc:
         2b:3f:8a:f6:ea:20:f6:49:1f:22:8c:44:e5:33:1d:c1:3c:b7:
         db:20:f2:d1:1d:ff:62:06:c7:c7:70:96:86:d9:ba:7e:a1:27:
         ba:ef:de:74:8e:b4:c0:4a:3d:04:df:ab:11:7e:4c:2a:61:0c:
         5f:4c:00:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77DMpqQZBLqPsHpSwUvr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUxMDE5MTAwMzA0WhcNMjUxMDIwMTAwMzA0WjAzMTEwLwYDVQQD
EyhkOTFjOWIwNTc4NzA0M2ZlYTk1ODkxMTY3OTA4M2QwNzk5OWY2OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vfc4HnNQTrwduaSeMwxK4HPdzDf
EKHZTmUPEYowNCvY+d++DEAlMid4MGIRX3Ip/AKF4B5/9jS1amhqolPiuR97dKVe
BpJjEnOthAjRzabcPzkHahhPwhrZ+o9dAOULFGc8hppWTUxdyS/G0D11jAJr4BhO
08UcWw5ZzJff2aRh1mGTNzO9Z7kYpER3iDNjLM6GSeylwICNiqa4BMw+cSQEhED/
56wWta3snUB/1xQk2y5jy9fN0MaEJ0t9NncdTgqXe0060JOFlb8+0GxMzxtXfxQQ
qKmIPFOtyCJsiDsBamM/UojA58UtBOO6brjDVtZStyJvtQTJrGL0X5U0vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkcmwV4cEP+qViRFnkIPQeZn2jTMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2KwwUnj
S0IReAHE2RTRw+iNbrDO5u7hCENPqKPyTpV3wZuh6hQcikBeI+A26kg3geWGV/fO
ozi0y0gob91FBqEiwNmHTsyoUVFy13gecM/qsoQUTRuA5zLcyCwFbdlK/dHLgD1b
FhGPuoib5Bx5HRVkCRJJfEfm0uFYPFClAIEP4HcwfixIc1GxFExKqzQMH9Gyauni
9wwRqJ48CPnrqwxot/T8zOLBIvEuyhHjPzjdDsVXRE9ohAbf4H9vbBJLFXG7hGbM
Kz+K9uog9kkfIoxE5TMdwTy32yDy0R3/YgbHx3CWhtm6fqEnuu/edI60wEo9BN+r
EX5MKmEMX0wAjQ==
-----END CERTIFICATE-----