Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
File:                     yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft (raw, json)
Hash identifier:          17BupdgT3W4YSzfS5BeONFiZpjYLVehf9e4mOKKuBxY=
Subject key identifier:   BB:81:CA:C5:E1:3D:3F:44:23:50:41:8E:E6:B5:8F:47:DD:7E:A8:7E
Authority key identifier: C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4
Certificate issuer:       /CN=c95998989fdb5a5f932147ad7162c63004e067a4
Certificate serial:       0199FC8F7A004000E5EC9A38EAF9C54F7F04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
Manifest number:          0BC5
Signing time:             Sun 19 Oct 2025 13:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:25 +0000
Files and hashes:         1: yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl (hash: AtkZG6NdHvbJZ1QsayRjJCuovB28D6cYHPqFofr6qFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:7a:00:40:00:e5:ec:9a:38:ea:f9:c5:4f:7f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c95998989fdb5a5f932147ad7162c63004e067a4
        Validity
            Not Before: Oct 19 13:01:25 2025 GMT
            Not After : Oct 20 13:01:25 2025 GMT
        Subject: CN=bb81cac5e13d3f442350418ee6b58f47dd7ea87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:14:c2:c9:a1:8e:e4:40:19:d1:c5:30:6b:
                    61:d3:9f:a3:02:3a:f1:32:97:48:5f:b0:0b:be:0b:
                    bf:40:75:59:1a:71:f8:ef:41:06:74:bc:09:79:1b:
                    eb:bd:83:4c:18:a3:1b:4c:06:b0:9c:ad:93:fc:df:
                    9f:b8:d2:e8:22:46:5d:30:ac:0c:90:85:23:55:85:
                    fa:17:9a:01:0b:8b:73:65:ba:45:47:d5:82:86:2b:
                    91:98:d4:9c:db:86:5f:c4:6d:a1:7c:0c:26:99:4d:
                    cc:49:2d:8c:88:bc:54:d0:ed:fc:b0:0a:41:10:7b:
                    12:68:67:12:9e:e2:03:eb:49:de:14:37:da:76:79:
                    24:57:d4:6f:79:0a:a2:b2:ad:e1:5f:2e:df:eb:87:
                    5d:05:7f:f9:7a:9c:a3:e0:a8:47:64:6a:d9:28:ff:
                    b4:56:48:16:45:56:6c:59:3c:ab:11:58:1e:e5:07:
                    d9:a2:5e:8b:22:c7:e1:c3:f5:98:af:c3:9e:bf:c9:
                    79:c2:18:65:8d:9c:bd:3c:59:75:bd:78:b1:68:89:
                    eb:8e:67:c5:b8:2d:5e:29:35:8b:16:56:21:d4:8c:
                    aa:3c:d8:10:d6:12:f4:50:fb:ba:07:09:99:b2:87:
                    2b:2b:a4:f2:f6:ea:b0:21:e9:50:d3:7c:7e:16:78:
                    72:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:81:CA:C5:E1:3D:3F:44:23:50:41:8E:E6:B5:8F:47:DD:7E:A8:7E
            X509v3 Authority Key Identifier:
                keyid:C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:f7:54:57:81:d0:82:af:c5:47:ec:57:2d:b8:23:5e:95:46:
         8c:82:22:31:ef:25:07:cb:6f:5f:20:dc:89:ce:bd:17:75:18:
         fd:5f:52:16:e4:87:fb:e5:e6:f5:03:86:fb:cf:d1:3c:90:1e:
         b8:dc:00:48:d4:13:a8:f8:ba:3b:1f:af:5b:7b:6f:55:ea:72:
         b5:59:63:54:83:1a:5c:b9:9d:06:b4:39:44:ec:99:c5:a1:4b:
         ce:4b:e9:5d:f1:4f:58:22:18:8f:8b:43:14:a1:2b:6f:9d:70:
         d5:a3:12:61:85:e8:a0:97:bc:83:37:a0:83:d1:a3:8b:bd:eb:
         52:6b:50:f0:fc:31:d2:f6:6e:84:fb:86:a5:d4:38:9f:4e:0a:
         34:b6:4c:89:fd:4d:e1:25:56:5c:6f:81:8e:ca:b4:a6:1e:4c:
         5b:39:79:e0:2e:3f:61:83:9f:52:5d:2c:b3:d4:96:dd:d5:da:
         3c:ac:7f:17:2d:21:20:4f:95:d0:d6:7e:c3:90:b7:5e:88:40:
         36:d6:94:16:57:39:0c:a4:ed:8d:98:66:4e:7a:17:0e:29:50:
         29:b2:86:2f:14:3f:20:6d:eb:db:d5:ab:06:ba:ea:c5:0a:c8:
         a1:d3:96:ee:b6:ca:3c:68:64:62:cd:c8:80:40:d0:c4:fc:67:
         52:d6:08:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j3oAQADl7Jo46vnFT38EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTk5ODk4OWZkYjVhNWY5MzIxNDdhZDcxNjJjNjMwMDRl
MDY3YTQwHhcNMjUxMDE5MTMwMTI1WhcNMjUxMDIwMTMwMTI1WjAzMTEwLwYDVQQD
EyhiYjgxY2FjNWUxM2QzZjQ0MjM1MDQxOGVlNmI1OGY0N2RkN2VhODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJwUwsmhjuRAGdHFMGth05+jAjrx
MpdIX7ALvgu/QHVZGnH470EGdLwJeRvrvYNMGKMbTAawnK2T/N+fuNLoIkZdMKwM
kIUjVYX6F5oBC4tzZbpFR9WChiuRmNSc24ZfxG2hfAwmmU3MSS2MiLxU0O38sApB
EHsSaGcSnuID60neFDfadnkkV9RveQqisq3hXy7f64ddBX/5epyj4KhHZGrZKP+0
VkgWRVZsWTyrEVge5QfZol6LIsfhw/WYr8Oev8l5whhljZy9PFl1vXixaInrjmfF
uC1eKTWLFlYh1IyqPNgQ1hL0UPu6BwmZsocrK6Ty9uqwIelQ03x+FnhyoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuBysXhPT9EI1BBjua1j0fdfqh+MB8GA1UdIwQY
MBaAFMlZmJif21pfkyFHrXFixjAE4GekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgt
Y2NmNTI4ZWI0ZGRhLzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgtY2NmNTI4ZWI0ZGRh
LzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvdUV4HQ
gq/FR+xXLbgjXpVGjIIiMe8lB8tvXyDcic69F3UY/V9SFuSH++Xm9QOG+8/RPJAe
uNwASNQTqPi6Ox+vW3tvVepytVljVIMaXLmdBrQ5ROyZxaFLzkvpXfFPWCIYj4tD
FKErb51w1aMSYYXooJe8gzegg9Gji73rUmtQ8Pwx0vZuhPuGpdQ4n04KNLZMif1N
4SVWXG+Bjsq0ph5MWzl54C4/YYOfUl0ss9SW3dXaPKx/Fy0hIE+V0NZ+w5C3XohA
NtaUFlc5DKTtjZhmTnoXDilQKbKGLxQ/IG3r29WrBrrqxQrIodOW7rbKPGhkYs3I
gEDQxPxnUtYIKA==
-----END CERTIFICATE-----