Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
File:                     Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft (raw, json)
Hash identifier:          nkf0Qj7iwfNsuGJsdhCnvaUwp/TalrYKZWCMX28ZFaw=
Subject key identifier:   98:FB:5F:F2:39:31:36:DE:72:AE:60:66:7A:5B:02:63:C2:46:14:C8
Authority key identifier: 63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA
Certificate issuer:       /CN=636b027bfab91aa4719a80efe021246137428bda
Certificate serial:       0199FF22688C4CF5BC79D09F348E2EA0D71F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
Manifest number:          1483
Signing time:             Mon 20 Oct 2025 01:01:08 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:08 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:08 +0000
Files and hashes:         1: Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl (hash: ZDWwZAiWrBlQQ0VDhH7j7nblCu+hiSBwxzJ0MdN2fFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 01:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:68:8c:4c:f5:bc:79:d0:9f:34:8e:2e:a0:d7:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=636b027bfab91aa4719a80efe021246137428bda
        Validity
            Not Before: Oct 20 01:01:08 2025 GMT
            Not After : Oct 21 01:01:08 2025 GMT
        Subject: CN=98fb5ff2393136de72ae60667a5b0263c24614c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:07:b1:44:76:6c:01:89:8e:fd:25:c2:29:d5:
                    36:2a:cd:5a:35:02:e1:17:48:51:5b:87:c3:e9:14:
                    38:9e:6c:a3:e8:4e:57:59:0a:fa:ab:65:e9:8d:fc:
                    6d:68:e4:f2:8f:f8:fa:39:6e:8c:7a:45:22:64:d0:
                    27:60:fc:af:be:05:4b:af:5a:ac:a2:7f:8a:5c:4a:
                    df:92:87:c9:a9:ea:35:e4:74:d3:b1:88:16:31:88:
                    bf:6d:88:18:5f:da:17:1f:df:c8:f7:16:47:9f:7d:
                    02:1a:c9:80:e0:83:41:27:cc:0b:51:bb:e8:bb:ba:
                    0d:ae:6f:76:c8:31:90:29:98:39:40:a1:c6:8a:c6:
                    12:55:01:e1:f2:e3:cb:73:c2:3d:09:24:1a:e1:d3:
                    b5:0e:40:23:0d:68:13:c5:d6:14:ea:1c:e8:73:14:
                    dc:9d:99:87:2c:da:98:a4:9f:e9:0a:e0:41:ab:41:
                    92:d8:0d:22:b5:93:0c:92:33:85:76:13:9e:3b:56:
                    a4:71:f8:24:d6:15:1a:b8:f4:7a:c5:14:0f:e0:8c:
                    a0:d2:6f:da:d8:57:e9:17:94:6e:20:e6:78:66:18:
                    9d:cf:81:b4:6b:fe:d1:f0:cb:2a:1a:6b:4a:3f:6d:
                    56:3b:d8:87:83:41:64:fc:57:05:28:74:b3:74:8a:
                    e2:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:FB:5F:F2:39:31:36:DE:72:AE:60:66:7A:5B:02:63:C2:46:14:C8
            X509v3 Authority Key Identifier:
                keyid:63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:e9:6d:f4:04:23:00:b9:66:a6:4a:86:5f:80:85:f5:e3:fb:
         e7:58:6c:f6:d4:5d:c6:69:e6:d7:a4:32:b4:6f:68:6f:38:13:
         ff:33:f1:46:29:0c:3f:b2:c9:1e:95:75:78:e9:07:5e:94:b3:
         f5:c0:79:bc:9f:99:b7:f9:f9:c5:4a:79:76:17:c5:8b:77:eb:
         aa:39:b8:45:07:ec:45:be:ce:ef:8a:05:a4:9b:6d:67:45:4d:
         2a:3b:28:69:4c:e0:00:a3:ef:a6:8d:e3:ad:cc:3f:6d:55:83:
         42:47:c2:39:f0:df:50:ee:db:3c:1d:7d:bd:16:b4:d6:5a:19:
         16:7a:41:b9:f2:76:ae:2f:fa:ee:5a:29:93:54:4c:54:bb:68:
         c6:9b:4e:5f:0b:1a:27:4b:b7:3e:93:3f:a4:8f:32:b6:45:2a:
         e7:e5:e9:65:2c:b4:e4:e6:8e:c3:93:74:f0:df:aa:62:15:a4:
         ba:db:ff:9c:da:96:2b:1d:b2:96:9d:57:a5:f7:5c:cf:e9:12:
         a4:d2:65:c1:29:c7:d2:1f:e0:b0:11:e1:d4:91:e7:8b:8d:f3:
         3f:60:8e:c8:e3:45:e6:4f:04:75:56:36:b4:27:b7:a7:7e:98:
         f3:de:1d:f6:e5:5a:66:50:74:72:c9:7d:aa:9f:66:95:ea:1f:
         95:d8:de:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/ImiMTPW8edCfNI4uoNcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNmIwMjdiZmFiOTFhYTQ3MTlhODBlZmUwMjEyNDYxMzc0
MjhiZGEwHhcNMjUxMDIwMDEwMTA4WhcNMjUxMDIxMDEwMTA4WjAzMTEwLwYDVQQD
Eyg5OGZiNWZmMjM5MzEzNmRlNzJhZTYwNjY3YTViMDI2M2MyNDYxNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AexRHZsAYmO/SXCKdU2Ks1aNQLh
F0hRW4fD6RQ4nmyj6E5XWQr6q2XpjfxtaOTyj/j6OW6MekUiZNAnYPyvvgVLr1qs
on+KXErfkofJqeo15HTTsYgWMYi/bYgYX9oXH9/I9xZHn30CGsmA4INBJ8wLUbvo
u7oNrm92yDGQKZg5QKHGisYSVQHh8uPLc8I9CSQa4dO1DkAjDWgTxdYU6hzocxTc
nZmHLNqYpJ/pCuBBq0GS2A0itZMMkjOFdhOeO1akcfgk1hUauPR6xRQP4Iyg0m/a
2FfpF5RuIOZ4Zhidz4G0a/7R8MsqGmtKP21WO9iHg0Fk/FcFKHSzdIriiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJj7X/I5MTbecq5gZnpbAmPCRhTIMB8GA1UdIwQY
MBaAFGNrAnv6uRqkcZqA7+AhJGE3QovaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgt
ODgwYzJlNGZhYTZlLzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgtODgwYzJlNGZhYTZl
LzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADult9AQj
ALlmpkqGX4CF9eP751hs9tRdxmnm16QytG9obzgT/zPxRikMP7LJHpV1eOkHXpSz
9cB5vJ+Zt/n5xUp5dhfFi3frqjm4RQfsRb7O74oFpJttZ0VNKjsoaUzgAKPvpo3j
rcw/bVWDQkfCOfDfUO7bPB19vRa01loZFnpBufJ2ri/67lopk1RMVLtoxptOXwsa
J0u3PpM/pI8ytkUq5+XpZSy05OaOw5N08N+qYhWkutv/nNqWKx2ylp1Xpfdcz+kS
pNJlwSnH0h/gsBHh1JHni43zP2COyONF5k8EdVY2tCe3p36Y894d9uVaZlB0csl9
qp9mleofldjeHg==
-----END CERTIFICATE-----