Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          PF0k7QUR7bfyn3GUBSNElyiIANUJfINOfIFiqd0MY/k=
Subject key identifier:   4C:0A:52:7F:75:52:5B:67:08:89:70:65:33:62:1C:14:46:DF:55:08
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       019A041168027B3D401F1129F78B3D0BF22D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          12C2
Signing time:             Tue 21 Oct 2025 00:00:40 +0000
Manifest this update:     Tue 21 Oct 2025 00:00:40 +0000
Manifest next update:     Wed 22 Oct 2025 00:00:40 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: qmMLJwsG7WGov80f0+/Ed6+oXRLfTaXeim+PTEywzqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:04:11:68:02:7b:3d:40:1f:11:29:f7:8b:3d:0b:f2:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Oct 21 00:00:40 2025 GMT
            Not After : Oct 22 00:00:40 2025 GMT
        Subject: CN=4c0a527f75525b670889706533621c1446df5508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b9:84:f6:8e:ad:77:c9:eb:d8:c5:52:22:51:
                    72:93:a3:a8:f7:1c:a4:4c:ca:b2:e4:7b:0b:c3:96:
                    5f:9d:dc:64:96:88:f2:f6:53:3a:ba:0c:d8:7e:13:
                    c2:86:91:ac:44:b4:9d:34:9b:3f:e7:8a:a5:3d:9a:
                    3d:60:1a:aa:fe:c9:36:06:94:7e:eb:e4:a6:e8:a1:
                    db:2d:26:bc:ba:de:0a:de:56:69:34:6c:93:ef:ec:
                    ca:4d:2c:62:a8:be:53:52:d3:d7:29:7a:6e:6e:41:
                    56:d1:8f:d5:f4:54:c2:49:5b:56:2f:d1:fd:35:c5:
                    d3:fd:82:c5:54:4d:af:20:56:e9:12:28:73:5f:87:
                    af:1b:ae:4e:1d:85:f1:38:bd:40:c7:07:27:a7:ce:
                    4f:29:4c:3d:98:d4:3c:0e:3c:45:d6:4c:43:e2:91:
                    f3:93:cf:87:54:f4:b8:73:f2:b4:ff:96:a6:fb:bd:
                    29:e9:a8:1e:a4:fd:94:e3:b1:f6:ae:e2:fc:a0:7b:
                    2e:63:91:49:b0:c8:90:b9:52:e2:90:00:92:8c:a4:
                    2e:9e:61:22:cc:10:fc:2d:7e:2d:75:16:8d:40:74:
                    2a:37:ca:e1:2a:61:8f:b6:eb:7e:6d:f8:d8:ef:9e:
                    e7:63:3b:ae:77:43:28:40:01:cc:d9:d2:50:e4:19:
                    0c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:0A:52:7F:75:52:5B:67:08:89:70:65:33:62:1C:14:46:DF:55:08
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:22:18:57:00:ad:4a:8d:29:9a:33:99:50:51:a6:37:4a:db:
         e9:49:11:8f:35:fa:0e:b3:4f:79:a2:a1:bb:85:09:9d:bf:43:
         92:27:1b:95:3d:5d:3e:35:e9:0c:5a:d0:67:21:40:b5:9f:87:
         aa:5c:81:85:9d:92:3a:1a:eb:0a:2e:d7:36:f1:05:cd:4a:16:
         3e:e1:03:21:7a:35:ed:94:16:39:8e:39:65:60:c6:47:4d:cb:
         6b:4f:b8:9c:55:64:2a:28:35:39:a0:fe:a7:b6:da:2f:c6:94:
         77:bb:8c:42:a6:41:ac:ef:f6:02:36:1c:eb:67:da:7d:7a:24:
         0e:09:c6:f1:a5:ba:4a:4e:cd:de:96:a0:06:26:bd:61:2d:60:
         07:02:dc:c0:fb:51:98:33:ff:6e:2f:9c:f4:98:74:79:b2:06:
         dd:bf:51:42:3f:5e:f5:16:7b:c9:9a:f5:bf:d0:b2:e4:c9:3d:
         e0:5e:04:20:ca:12:32:59:03:90:ba:db:e4:ab:ce:a7:02:35:
         64:30:d4:25:b2:78:af:87:34:b3:1a:e4:e8:da:d8:93:16:10:
         07:f1:9a:63:f5:63:a5:52:d9:4c:34:7d:ea:1b:e3:48:a0:96:
         cc:01:c7:fd:2f:28:6b:31:ba:ca:ae:12:bf:37:64:57:2a:6f:
         0e:f4:50:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEWgCez1AHxEp94s9C/ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjUxMDIxMDAwMDQwWhcNMjUxMDIyMDAwMDQwWjAzMTEwLwYDVQQD
Eyg0YzBhNTI3Zjc1NTI1YjY3MDg4OTcwNjUzMzYyMWMxNDQ2ZGY1NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobmE9o6td8nr2MVSIlFyk6Oo9xyk
TMqy5HsLw5Zfndxklojy9lM6ugzYfhPChpGsRLSdNJs/54qlPZo9YBqq/sk2BpR+
6+Sm6KHbLSa8ut4K3lZpNGyT7+zKTSxiqL5TUtPXKXpubkFW0Y/V9FTCSVtWL9H9
NcXT/YLFVE2vIFbpEihzX4evG65OHYXxOL1Axwcnp85PKUw9mNQ8DjxF1kxD4pHz
k8+HVPS4c/K0/5am+70p6agepP2U47H2ruL8oHsuY5FJsMiQuVLikACSjKQunmEi
zBD8LX4tdRaNQHQqN8rhKmGPtut+bfjY757nYzuud0MoQAHM2dJQ5BkMqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwKUn91UltnCIlwZTNiHBRG31UIMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAyIYVwCt
So0pmjOZUFGmN0rb6UkRjzX6DrNPeaKhu4UJnb9DkicblT1dPjXpDFrQZyFAtZ+H
qlyBhZ2SOhrrCi7XNvEFzUoWPuEDIXo17ZQWOY45ZWDGR03La0+4nFVkKig1OaD+
p7baL8aUd7uMQqZBrO/2AjYc62fafXokDgnG8aW6Sk7N3pagBia9YS1gBwLcwPtR
mDP/bi+c9Jh0ebIG3b9RQj9e9RZ7yZr1v9Cy5Mk94F4EIMoSMlkDkLrb5KvOpwI1
ZDDUJbJ4r4c0sxrk6NrYkxYQB/GaY/VjpVLZTDR96hvjSKCWzAHH/S8oazG6yq4S
vzdkVypvDvRQyQ==
-----END CERTIFICATE-----