Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          VmulWqXMia+945M0xOErTgHWjSlMWNf0VULrxfwnjek=
Subject key identifier:   4E:93:61:A3:68:E7:61:99:BF:F9:9E:66:D9:64:F2:90:32:09:24:A3
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       0199FBEBF51D3360DC6E30D9B58F02FC8534
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          0BC2
Signing time:             Sun 19 Oct 2025 10:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:48 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: ZWnvngPPlUpHwLLJi9L+nGfbdUPPHJj6Vk5EAYoaoyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:f5:1d:33:60:dc:6e:30:d9:b5:8f:02:fc:85:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Oct 19 10:02:48 2025 GMT
            Not After : Oct 20 10:02:48 2025 GMT
        Subject: CN=4e9361a368e76199bff99e66d964f290320924a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:20:40:d2:7a:7e:67:44:57:bf:f4:d3:4b:6a:
                    1d:ad:ed:a6:65:66:ce:08:da:c6:f2:09:2f:7d:4d:
                    e1:ef:02:be:e0:d7:da:67:3c:69:e4:42:bf:d6:4a:
                    4f:b1:9b:ca:a1:c1:bd:9d:22:07:b2:34:01:9e:c2:
                    93:03:ac:21:b9:ab:fb:0d:e1:7c:f3:c6:9c:b5:64:
                    3c:50:13:87:ba:92:d7:d8:ed:16:c7:69:7c:b3:30:
                    41:46:89:ab:85:45:ff:9a:72:d1:78:ac:8d:f9:19:
                    e8:fe:f4:9f:f9:75:b1:94:b4:96:f8:6f:64:97:7f:
                    ef:fe:70:fb:33:3d:e0:3d:fc:2f:56:00:f3:45:1f:
                    23:5d:d9:38:94:ae:07:21:2f:f5:7e:74:ad:27:3b:
                    10:df:76:46:11:69:9e:c5:34:49:c7:45:b0:bb:af:
                    3b:33:a8:bc:b0:e2:e8:82:5c:88:37:bb:bf:47:6b:
                    70:f1:4f:12:05:8e:ba:a4:1b:08:7c:ff:f7:54:ea:
                    4c:10:4d:95:d0:97:43:47:4e:47:64:bb:52:75:ec:
                    89:b0:23:2d:11:ac:08:43:fb:09:4b:b2:37:04:0d:
                    a5:bc:21:9f:c4:cf:51:16:8d:49:55:81:b1:b8:22:
                    30:e2:9a:1c:4f:3a:aa:a7:e1:4f:29:fe:03:54:ea:
                    4b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:93:61:A3:68:E7:61:99:BF:F9:9E:66:D9:64:F2:90:32:09:24:A3
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:bc:c3:49:b9:39:c5:1d:e2:a5:7e:f8:16:9d:94:28:79:fc:
         d7:b0:1f:6c:f0:1f:8f:77:cd:cf:6c:ef:ec:ea:fa:23:b5:c0:
         bc:57:57:95:89:7e:3e:d6:d4:59:c8:33:f4:2e:d1:9d:77:bb:
         13:a4:b8:83:46:0b:3e:fd:d4:ab:8a:ec:b0:16:ad:55:97:a7:
         5b:69:d6:0e:33:f1:91:8e:fa:05:9f:d6:f8:79:93:b0:9a:37:
         cf:76:a9:83:8e:91:ed:de:fd:9f:0e:58:fd:70:9f:e6:bb:90:
         c3:7c:85:7a:31:94:32:c7:31:b7:f6:10:bd:1c:76:a2:5b:82:
         5d:d4:cf:7c:61:7b:6e:66:85:2a:f0:52:fa:d8:f2:b9:54:1b:
         70:ea:5f:a4:e6:7a:3c:3c:5b:82:ef:6f:04:2e:00:eb:5f:84:
         ee:b1:6e:07:c4:0d:2f:9f:bc:3d:ef:00:38:c0:f1:7b:01:58:
         e9:11:38:d4:08:ab:a2:65:58:81:78:08:d3:2a:97:ee:31:0f:
         ba:6d:a8:5d:2b:13:3a:b5:39:a9:b1:bc:cd:c2:46:2b:5f:9a:
         37:d3:54:0a:f3:7b:7e:fe:3c:f2:38:75:fa:86:0e:4a:70:fb:
         4d:96:47:ae:37:45:15:5a:d7:69:e3:3e:a4:20:84:07:92:15:
         b8:25:46:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/UdM2DcbjDZtY8C/IU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjUxMDE5MTAwMjQ4WhcNMjUxMDIwMTAwMjQ4WjAzMTEwLwYDVQQD
Eyg0ZTkzNjFhMzY4ZTc2MTk5YmZmOTllNjZkOTY0ZjI5MDMyMDkyNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SBA0np+Z0RXv/TTS2odre2mZWbO
CNrG8gkvfU3h7wK+4NfaZzxp5EK/1kpPsZvKocG9nSIHsjQBnsKTA6whuav7DeF8
88actWQ8UBOHupLX2O0Wx2l8szBBRomrhUX/mnLReKyN+Rno/vSf+XWxlLSW+G9k
l3/v/nD7Mz3gPfwvVgDzRR8jXdk4lK4HIS/1fnStJzsQ33ZGEWmexTRJx0Wwu687
M6i8sOLoglyIN7u/R2tw8U8SBY66pBsIfP/3VOpMEE2V0JdDR05HZLtSdeyJsCMt
EawIQ/sJS7I3BA2lvCGfxM9RFo1JVYGxuCIw4pocTzqqp+FPKf4DVOpLkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6TYaNo52GZv/meZtlk8pAyCSSjMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALLzDSbk5
xR3ipX74Fp2UKHn817AfbPAfj3fNz2zv7Or6I7XAvFdXlYl+PtbUWcgz9C7RnXe7
E6S4g0YLPv3Uq4rssBatVZenW2nWDjPxkY76BZ/W+HmTsJo3z3apg46R7d79nw5Y
/XCf5ruQw3yFejGUMscxt/YQvRx2oluCXdTPfGF7bmaFKvBS+tjyuVQbcOpfpOZ6
PDxbgu9vBC4A61+E7rFuB8QNL5+8Pe8AOMDxewFY6RE41AiromVYgXgI0yqX7jEP
um2oXSsTOrU5qbG8zcJGK1+aN9NUCvN7fv488jh1+oYOSnD7TZZHrjdFFVrXaeM+
pCCEB5IVuCVGvw==
-----END CERTIFICATE-----