Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
File:                     yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft (raw, json)
Hash identifier:          Tksc5UcUUt3XQckPbB6sHOfZwG1DBEQl+gTDvgBiM6Y=
Subject key identifier:   2A:EB:D8:0A:2F:34:F2:85:2B:57:A9:2C:BB:A9:B4:63:FA:8D:F2:EE
Authority key identifier: CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58
Certificate issuer:       /CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358
Certificate serial:       0199FD3456D6663EA135D474B2A38BE68B84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
Manifest number:          0134
Signing time:             Sun 19 Oct 2025 16:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:29 +0000
Files and hashes:         1: yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl (hash: EZo2wkGRTImgiZC3X70YyFVGV6D4/bUOT9IeElXpuvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:56:d6:66:3e:a1:35:d4:74:b2:a3:8b:e6:8b:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358
        Validity
            Not Before: Oct 19 16:01:29 2025 GMT
            Not After : Oct 20 16:01:29 2025 GMT
        Subject: CN=2aebd80a2f34f2852b57a92cbba9b463fa8df2ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d7:58:91:1d:59:4d:ce:af:98:7a:1d:17:89:
                    35:db:b3:25:a4:47:32:15:ff:67:9e:75:bf:fe:d0:
                    79:57:fb:0e:7a:77:87:93:e5:8e:ed:e5:53:cc:4a:
                    0e:64:c2:e8:bc:99:33:bd:3a:45:25:a2:47:59:cf:
                    68:e4:94:74:3e:08:d9:e2:73:36:89:a6:21:97:03:
                    bd:86:7f:23:9c:61:8c:bc:05:00:8c:e5:29:e6:2f:
                    54:24:4b:ee:1b:ec:c9:ac:82:5f:ac:41:6f:b9:79:
                    cd:91:d8:6a:61:47:34:95:e7:d7:67:4d:70:ff:9a:
                    2a:82:55:e1:2f:8d:aa:0b:65:64:60:50:30:4e:7a:
                    6f:62:f0:9b:89:ba:26:91:b4:29:af:c2:da:9f:b2:
                    e7:48:40:f0:48:97:43:b9:00:f4:26:a3:33:c8:e5:
                    ee:dc:66:e1:79:b6:f0:ac:f4:46:0f:2d:e9:9c:26:
                    17:3c:59:8a:90:39:eb:9d:c7:85:96:b9:52:be:08:
                    2b:39:79:e3:01:da:28:36:de:d1:58:f8:27:98:f3:
                    7f:8a:c2:0a:a9:21:2a:17:e5:df:8d:c8:96:fb:3c:
                    ab:c7:76:73:d5:83:03:46:5f:c6:cc:8c:a1:fe:80:
                    f8:0c:7d:68:7f:47:5a:f1:6a:23:75:49:74:39:be:
                    9e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EB:D8:0A:2F:34:F2:85:2B:57:A9:2C:BB:A9:B4:63:FA:8D:F2:EE
            X509v3 Authority Key Identifier:
                keyid:CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:ec:c6:65:fc:d4:fa:35:09:da:dc:f7:24:ae:a0:05:33:ac:
         03:ad:55:c6:cf:2b:89:b0:92:d9:f2:5b:b0:0c:9f:6d:35:9a:
         56:df:e8:28:38:1a:4c:dd:44:b4:41:b3:8f:29:f6:a6:1f:d7:
         cb:aa:84:d8:b0:6f:a9:4a:c0:2a:63:7a:25:95:43:70:af:36:
         5f:54:fa:7f:9b:a3:1b:4b:b0:10:df:8e:28:d4:b2:7c:06:4e:
         1d:dc:51:63:f1:42:93:be:27:4e:7b:db:32:ac:94:c5:8e:fa:
         ac:3e:e5:e8:6d:e4:9a:05:d8:df:a6:e5:fa:56:4a:26:22:de:
         99:46:52:b1:1b:75:c0:a3:a8:21:4d:75:5a:2f:c6:2a:14:7e:
         46:a9:a8:ac:26:af:3d:52:ad:38:cf:91:54:1f:c2:9e:1f:01:
         e9:a8:3f:c1:90:0c:17:7f:86:34:a2:3d:51:d5:56:b4:1c:46:
         63:a6:60:61:ea:00:93:3b:d9:13:ae:32:5d:98:81:59:f0:33:
         fa:b2:99:5f:df:70:f7:1d:5a:51:b9:f7:12:b5:2c:95:36:49:
         e6:7f:77:dc:c8:3b:69:e8:d7:d7:ee:2e:0f:ed:10:5a:62:1b:
         93:d5:7f:aa:02:ca:75:84:5d:48:38:a2:c2:62:08:4d:3e:23:
         7d:83:00:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NFbWZj6hNdR0sqOL5ouEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYmYxOTM0ZmZlOWJmOWNlMzUxNTcyZWQyZWI4MjA3Y2I1
NTUzNTgwHhcNMjUxMDE5MTYwMTI5WhcNMjUxMDIwMTYwMTI5WjAzMTEwLwYDVQQD
EygyYWViZDgwYTJmMzRmMjg1MmI1N2E5MmNiYmE5YjQ2M2ZhOGRmMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntdYkR1ZTc6vmHodF4k127MlpEcy
Ff9nnnW//tB5V/sOeneHk+WO7eVTzEoOZMLovJkzvTpFJaJHWc9o5JR0PgjZ4nM2
iaYhlwO9hn8jnGGMvAUAjOUp5i9UJEvuG+zJrIJfrEFvuXnNkdhqYUc0lefXZ01w
/5oqglXhL42qC2VkYFAwTnpvYvCbibomkbQpr8Lan7LnSEDwSJdDuQD0JqMzyOXu
3GbhebbwrPRGDy3pnCYXPFmKkDnrnceFlrlSvggrOXnjAdooNt7RWPgnmPN/isIK
qSEqF+XfjciW+zyrx3Zz1YMDRl/GzIyh/oD4DH1of0da8WojdUl0Ob6eCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrr2AovNPKFK1epLLuptGP6jfLuMB8GA1UdIwQY
MBaAFMq/GTT/6b+c41FXLtLrggfLVVNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzIt
NWIzODkzNDNkYmM5LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzItNWIzODkzNDNkYmM5
LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqOzGZfzU
+jUJ2tz3JK6gBTOsA61Vxs8ribCS2fJbsAyfbTWaVt/oKDgaTN1EtEGzjyn2ph/X
y6qE2LBvqUrAKmN6JZVDcK82X1T6f5ujG0uwEN+OKNSyfAZOHdxRY/FCk74nTnvb
MqyUxY76rD7l6G3kmgXY36bl+lZKJiLemUZSsRt1wKOoIU11Wi/GKhR+RqmorCav
PVKtOM+RVB/Cnh8B6ag/wZAMF3+GNKI9UdVWtBxGY6ZgYeoAkzvZE64yXZiBWfAz
+rKZX99w9x1aUbn3ErUslTZJ5n933Mg7aejX1+4uD+0QWmIbk9V/qgLKdYRdSDii
wmIITT4jfYMAcw==
-----END CERTIFICATE-----