Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          Z7UlDOWtMLTa5rzWEi+2+Qv0VgM0eS+me5UNAa0fV/E=
Subject key identifier:   CE:92:93:91:F9:9E:AB:C0:87:E6:97:B4:D9:A4:81:7D:6B:4D:AE:56
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       0199FE470CD8CB5AD95AB8005E2DDCBA1924
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          1280
Signing time:             Sun 19 Oct 2025 21:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:33 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: Txs41CxfuunWYgtNVud31bKCTbVE1aH7Wjk60GGmA/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:0c:d8:cb:5a:d9:5a:b8:00:5e:2d:dc:ba:19:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Oct 19 21:01:33 2025 GMT
            Not After : Oct 20 21:01:33 2025 GMT
        Subject: CN=ce929391f99eabc087e697b4d9a4817d6b4dae56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f5:71:17:c8:7f:83:3d:d7:17:02:31:03:b5:
                    f8:d2:5f:0f:34:80:d1:a1:ef:be:55:63:df:c0:1e:
                    1f:7f:28:6f:18:97:28:1c:e9:ba:1e:29:be:61:f5:
                    2e:fb:5a:96:22:cc:a8:6b:6e:44:ae:1b:94:ed:fd:
                    b3:47:8d:1f:30:18:b3:a3:81:e8:7d:07:a6:d3:f9:
                    79:fe:c0:98:2c:87:58:a1:bd:1e:c3:ae:a5:07:45:
                    b8:56:2b:7c:4f:68:3b:fb:e1:b6:fd:74:61:02:41:
                    a3:fd:32:a2:de:38:64:e8:1e:42:c5:7f:c9:02:63:
                    7c:1b:43:b6:2e:61:65:81:24:b2:26:9d:3b:d8:e8:
                    02:55:b7:45:f0:38:30:c0:15:1b:a7:77:a8:55:3f:
                    3d:87:9b:16:35:e9:16:93:e6:b5:1e:ff:3f:d3:14:
                    83:38:9e:dd:72:da:9c:4c:31:90:45:24:68:51:b0:
                    2b:13:73:7a:49:77:f3:4e:a0:b9:ec:45:b9:2a:11:
                    f5:8e:01:ff:7f:ef:29:55:91:d9:db:9b:f2:8f:0d:
                    7a:0f:15:c7:da:b1:e8:34:9c:d3:8b:83:e5:4a:56:
                    1c:06:aa:6b:8e:d4:26:51:ef:c5:eb:f7:c7:da:67:
                    72:3f:61:a5:06:c6:1f:ce:d2:ec:49:28:53:12:8c:
                    60:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:92:93:91:F9:9E:AB:C0:87:E6:97:B4:D9:A4:81:7D:6B:4D:AE:56
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:55:fb:3c:7f:76:7d:f9:16:91:d5:77:97:bc:89:88:5a:30:
         1d:00:ec:05:a6:1f:54:0f:35:9f:fc:88:54:04:96:46:db:a4:
         98:d3:f2:d4:39:9b:6a:a1:69:e8:89:85:11:d5:73:27:00:d1:
         0c:3b:ef:66:13:2f:06:36:50:3f:29:7f:73:db:f1:0a:57:a5:
         0b:4d:27:ee:53:5a:f4:97:4a:6a:fd:24:5b:dc:5e:1f:53:1b:
         15:59:06:5f:d9:23:79:12:33:73:c0:e3:7f:96:d0:db:58:0b:
         bf:c8:8e:11:d0:1c:e2:97:b8:6d:61:57:d5:17:f6:6f:38:f5:
         2c:ac:26:a9:59:27:79:8d:a6:58:a1:e1:d9:b4:f9:63:93:f5:
         de:6f:2c:f2:94:fa:7a:61:e6:76:92:dd:6f:9d:82:85:4e:26:
         1d:0c:64:9c:c1:25:e1:2c:5f:9a:a8:59:f0:ba:e2:b4:80:6d:
         90:27:4f:34:6f:33:09:fa:70:a6:4f:2d:1b:34:03:77:c7:0b:
         cd:fd:a8:b6:3a:11:4a:72:49:66:09:7d:8e:ca:be:c0:34:fd:
         70:f5:98:8b:98:f3:6a:7f:01:3c:cd:7f:04:0b:8e:ce:34:c4:
         67:d1:c6:ec:35:b7:bc:ba:38:dc:36:17:e8:3d:29:f8:3b:97:
         60:af:c8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RwzYy1rZWrgAXi3cuhkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUxMDE5MjEwMTMzWhcNMjUxMDIwMjEwMTMzWjAzMTEwLwYDVQQD
EyhjZTkyOTM5MWY5OWVhYmMwODdlNjk3YjRkOWE0ODE3ZDZiNGRhZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/VxF8h/gz3XFwIxA7X40l8PNIDR
oe++VWPfwB4ffyhvGJcoHOm6Him+YfUu+1qWIsyoa25ErhuU7f2zR40fMBizo4Ho
fQem0/l5/sCYLIdYob0ew66lB0W4Vit8T2g7++G2/XRhAkGj/TKi3jhk6B5CxX/J
AmN8G0O2LmFlgSSyJp072OgCVbdF8DgwwBUbp3eoVT89h5sWNekWk+a1Hv8/0xSD
OJ7dctqcTDGQRSRoUbArE3N6SXfzTqC57EW5KhH1jgH/f+8pVZHZ25vyjw16DxXH
2rHoNJzTi4PlSlYcBqprjtQmUe/F6/fH2mdyP2GlBsYfztLsSShTEoxgCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6Sk5H5nqvAh+aXtNmkgX1rTa5WMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1X7PH92
ffkWkdV3l7yJiFowHQDsBaYfVA81n/yIVASWRtukmNPy1DmbaqFp6ImFEdVzJwDR
DDvvZhMvBjZQPyl/c9vxClelC00n7lNa9JdKav0kW9xeH1MbFVkGX9kjeRIzc8Dj
f5bQ21gLv8iOEdAc4pe4bWFX1Rf2bzj1LKwmqVkneY2mWKHh2bT5Y5P13m8s8pT6
emHmdpLdb52ChU4mHQxknMEl4SxfmqhZ8LritIBtkCdPNG8zCfpwpk8tGzQDd8cL
zf2otjoRSnJJZgl9jsq+wDT9cPWYi5jzan8BPM1/BAuOzjTEZ9HG7DW3vLo43DYX
6D0p+DuXYK/Ifw==
-----END CERTIFICATE-----