Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          brTOTvNaHtB5r3jU1mvA+W0zzt2VH9f/cdc911R8yD8=
Subject key identifier:   42:B1:C5:BF:5B:D6:43:2D:DF:8B:64:F6:62:B1:6A:95:DF:38:16:2A
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       0199FBEB39C09F188EFEC611D01B439932D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          062F
Signing time:             Sun 19 Oct 2025 10:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:00 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: rnkKm7Mc9R/HkBZJd1NmKgeSX9/ihrHglhS//0Hv9EE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:39:c0:9f:18:8e:fe:c6:11:d0:1b:43:99:32:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Oct 19 10:02:00 2025 GMT
            Not After : Oct 20 10:02:00 2025 GMT
        Subject: CN=42b1c5bf5bd6432ddf8b64f662b16a95df38162a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:1f:fc:82:16:74:c6:74:19:b3:6d:1c:1c:cd:
                    cd:b5:d0:c4:0f:b8:cf:30:dd:93:5e:92:c0:a4:b6:
                    90:fa:53:b5:49:0d:13:6c:fb:3c:84:14:b7:5e:36:
                    a2:db:e9:9e:c3:c1:82:af:be:5e:af:e5:37:9f:18:
                    e2:4f:55:07:ae:f1:06:e0:6c:eb:46:66:70:51:27:
                    39:fd:d8:20:f1:7e:de:7b:52:65:d3:4e:63:02:bd:
                    a2:08:fc:4a:be:31:94:bd:2c:9d:b7:da:2c:d2:99:
                    a3:36:94:23:33:bc:0a:89:d7:7e:d6:63:cb:d5:61:
                    46:7b:01:96:e4:d3:5c:37:93:24:ff:7e:22:ff:57:
                    f9:62:4a:5e:8f:ab:de:44:ac:27:d6:ef:a1:32:82:
                    41:16:ba:ca:04:fa:ad:cc:65:e9:e0:10:dd:87:ac:
                    55:bf:d4:c8:07:31:0f:0a:cf:7f:e4:c3:37:a5:a6:
                    26:c6:0a:48:f8:f7:b4:9e:7e:c1:b9:ea:ef:1b:a8:
                    2c:67:92:1b:6d:9e:e2:16:06:ca:cf:6c:9d:8c:3f:
                    80:e1:56:70:9a:31:66:31:d3:e2:32:34:9e:29:d4:
                    93:de:77:a1:95:91:a8:e0:61:53:d7:ba:2d:43:f2:
                    38:9f:07:2e:90:4a:ca:27:fa:d5:89:8e:85:d9:85:
                    c4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B1:C5:BF:5B:D6:43:2D:DF:8B:64:F6:62:B1:6A:95:DF:38:16:2A
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:c8:53:95:39:a3:6e:31:4c:e3:57:2e:ba:46:cf:77:b0:f9:
         bd:d2:d6:05:0c:c0:5f:b1:e1:96:78:e7:32:d4:17:eb:36:bc:
         8e:98:8a:fa:05:5e:8f:e3:44:c4:af:c3:02:a1:cc:3a:df:a7:
         fb:ae:e8:47:8d:af:47:6b:14:95:f6:a2:ac:48:18:54:39:bd:
         0a:71:b5:87:63:0d:33:1c:9d:e4:04:b0:68:6d:5e:e6:ad:c2:
         5c:98:b9:af:55:ba:53:36:80:b7:d8:43:a6:b1:6b:8b:09:c2:
         23:40:ea:db:7a:0f:42:23:b1:fc:45:4e:ae:14:f9:1a:de:d6:
         70:a8:75:53:23:c7:42:5d:e7:64:ca:21:60:cf:68:e6:65:9c:
         18:7d:c0:6e:61:1a:83:5c:80:9a:77:9f:7f:3f:59:c1:b9:85:
         91:75:a4:0d:3b:ee:ca:f4:3c:ef:6e:00:15:8c:fd:f3:90:5f:
         21:0e:22:f8:e4:55:8a:b3:51:51:41:88:d6:53:db:5d:b8:63:
         61:74:1f:83:94:15:5b:63:fd:3d:42:ce:74:53:b5:28:08:f4:
         98:26:af:37:bd:23:31:99:32:c7:7c:fd:1a:f2:1d:89:0c:af:
         a9:f9:52:74:4c:9d:20:e2:70:72:bd:e8:8d:7e:4e:14:ba:3e:
         17:e2:9a:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76znAnxiO/sYR0BtDmTLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUxMDE5MTAwMjAwWhcNMjUxMDIwMTAwMjAwWjAzMTEwLwYDVQQD
Eyg0MmIxYzViZjViZDY0MzJkZGY4YjY0ZjY2MmIxNmE5NWRmMzgxNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB/8ghZ0xnQZs20cHM3NtdDED7jP
MN2TXpLApLaQ+lO1SQ0TbPs8hBS3Xjai2+mew8GCr75er+U3nxjiT1UHrvEG4Gzr
RmZwUSc5/dgg8X7ee1Jl005jAr2iCPxKvjGUvSydt9os0pmjNpQjM7wKidd+1mPL
1WFGewGW5NNcN5Mk/34i/1f5Ykpej6veRKwn1u+hMoJBFrrKBPqtzGXp4BDdh6xV
v9TIBzEPCs9/5MM3paYmxgpI+Pe0nn7BuervG6gsZ5IbbZ7iFgbKz2ydjD+A4VZw
mjFmMdPiMjSeKdST3nehlZGo4GFT17otQ/I4nwcukErKJ/rViY6F2YXEOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKxxb9b1kMt34tk9mKxapXfOBYqMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVMhTlTmj
bjFM41cuukbPd7D5vdLWBQzAX7HhlnjnMtQX6za8jpiK+gVej+NExK/DAqHMOt+n
+67oR42vR2sUlfairEgYVDm9CnG1h2MNMxyd5ASwaG1e5q3CXJi5r1W6UzaAt9hD
prFriwnCI0Dq23oPQiOx/EVOrhT5Gt7WcKh1UyPHQl3nZMohYM9o5mWcGH3AbmEa
g1yAmneffz9ZwbmFkXWkDTvuyvQ8724AFYz985BfIQ4i+ORVirNRUUGI1lPbXbhj
YXQfg5QVW2P9PULOdFO1KAj0mCavN70jMZkyx3z9GvIdiQyvqflSdEydIOJwcr3o
jX5OFLo+F+KaEg==
-----END CERTIFICATE-----