Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File:                     yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier:          RsukuBqFhp/MQr09hToEXCrDKgcjdETZ+X5RiNvUFEk=
Subject key identifier:   10:76:44:43:4B:DD:81:7E:B0:A5:81:EC:35:56:E2:DC:38:EE:22:DD
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer:       /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial:       0199FB0EBE2B5860327F263405FFCB589897
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number:          0353
Signing time:             Sun 19 Oct 2025 06:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:11 +0000
Files and hashes:         1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: GmOl+IOt3hI8zPz9GlaO6QOpdXRsfwY4CsdjvpHyoso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:be:2b:58:60:32:7f:26:34:05:ff:cb:58:98:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
        Validity
            Not Before: Oct 19 06:01:11 2025 GMT
            Not After : Oct 20 06:01:11 2025 GMT
        Subject: CN=107644434bdd817eb0a581ec3556e2dc38ee22dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:39:e8:f8:b1:fe:66:15:64:90:76:07:19:57:
                    bc:a2:99:a4:19:26:45:0a:6b:cc:2f:3d:ac:13:f8:
                    46:3b:c0:86:3f:9c:30:15:c3:f8:41:28:77:40:67:
                    6a:30:e9:ec:f2:90:cb:ef:70:05:b2:89:91:41:47:
                    73:4e:40:35:01:bd:97:3e:2d:e8:09:b5:58:78:cb:
                    22:11:79:ac:9f:22:96:e1:f8:8a:44:41:2c:02:e2:
                    20:40:3c:84:60:a9:6a:eb:d5:6d:d0:36:1d:1c:47:
                    88:b9:37:5c:c5:fe:ce:2e:80:56:1a:35:06:d1:ef:
                    38:fc:a3:78:0f:97:1e:95:39:9b:07:f1:88:91:8b:
                    bf:b5:5a:85:90:d1:eb:8b:c0:0c:ba:12:f7:82:cc:
                    61:68:41:56:ca:c9:e6:d5:4d:1f:d2:c6:5d:0e:52:
                    a2:b1:e0:38:3d:91:45:94:c9:01:af:dc:6e:9c:3e:
                    4c:d7:81:21:9f:75:9b:b5:4f:7b:4a:b0:5e:9f:de:
                    8c:58:b6:ca:56:83:9f:78:a7:28:da:a1:5f:4a:37:
                    48:b8:fb:1d:f3:78:59:2a:b5:9f:12:46:b8:5f:0e:
                    07:8e:30:f9:77:f5:9f:05:67:f1:c3:7d:3c:c6:31:
                    37:af:28:6d:e9:56:70:c9:0c:c2:09:54:59:56:6b:
                    43:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:76:44:43:4B:DD:81:7E:B0:A5:81:EC:35:56:E2:DC:38:EE:22:DD
            X509v3 Authority Key Identifier:
                keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:ab:59:b2:95:f4:b2:b9:03:3e:01:0f:e1:ea:28:68:27:33:
         f7:8a:01:e3:ab:2e:03:d1:91:d1:33:21:36:6d:a6:a6:5d:cf:
         c6:56:3a:bd:fb:87:e3:97:a1:da:04:63:42:ae:97:d9:8c:3b:
         d7:b2:df:44:c3:a4:94:32:2b:2f:1a:27:c8:e6:50:31:3a:11:
         8b:80:37:b9:aa:26:23:be:56:89:f0:5e:d4:c7:05:a6:1c:53:
         34:19:7c:d4:50:0c:b1:f2:90:24:0f:04:81:a6:d3:e2:d6:cc:
         5e:3f:18:21:e6:fd:ba:68:b4:b4:e0:b1:22:bc:9f:ac:05:68:
         91:2e:25:ac:56:56:ac:25:32:b8:48:fb:7e:71:07:ef:4c:80:
         30:e1:c1:5e:aa:ab:4c:70:f0:a5:d9:fd:8d:a5:83:12:5b:fe:
         80:fb:1a:4a:fb:66:f2:e7:8a:8a:b5:1b:f8:d1:fd:c3:3e:28:
         e3:55:ab:9b:65:1a:f6:98:10:5a:a2:20:b5:da:ff:13:45:64:
         7d:e2:e3:49:e6:79:4d:90:66:e3:78:70:0c:13:43:71:a7:8b:
         79:66:6c:52:c9:3b:35:57:8a:b8:df:3d:56:4f:a5:0e:8a:45:
         d5:f3:08:a4:18:f4:e3:90:16:97:c1:78:ed:f4:74:dc:fb:b6:
         ef:a6:70:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Dr4rWGAyfyY0Bf/LWJiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjUxMDE5MDYwMTExWhcNMjUxMDIwMDYwMTExWjAzMTEwLwYDVQQD
EygxMDc2NDQ0MzRiZGQ4MTdlYjBhNTgxZWMzNTU2ZTJkYzM4ZWUyMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjno+LH+ZhVkkHYHGVe8opmkGSZF
CmvMLz2sE/hGO8CGP5wwFcP4QSh3QGdqMOns8pDL73AFsomRQUdzTkA1Ab2XPi3o
CbVYeMsiEXmsnyKW4fiKREEsAuIgQDyEYKlq69Vt0DYdHEeIuTdcxf7OLoBWGjUG
0e84/KN4D5celTmbB/GIkYu/tVqFkNHri8AMuhL3gsxhaEFWysnm1U0f0sZdDlKi
seA4PZFFlMkBr9xunD5M14Ehn3WbtU97SrBen96MWLbKVoOfeKco2qFfSjdIuPsd
83hZKrWfEka4Xw4HjjD5d/WfBWfxw308xjE3ryht6VZwyQzCCVRZVmtDWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBB2RENL3YF+sKWB7DVW4tw47iLdMB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASKtZspX0
srkDPgEP4eooaCcz94oB46suA9GR0TMhNm2mpl3PxlY6vfuH45eh2gRjQq6X2Yw7
17LfRMOklDIrLxonyOZQMToRi4A3uaomI75WifBe1McFphxTNBl81FAMsfKQJA8E
gabT4tbMXj8YIeb9umi0tOCxIryfrAVokS4lrFZWrCUyuEj7fnEH70yAMOHBXqqr
THDwpdn9jaWDElv+gPsaSvtm8ueKirUb+NH9wz4o41Wrm2Ua9pgQWqIgtdr/E0Vk
feLjSeZ5TZBm43hwDBNDcaeLeWZsUsk7NVeKuN89Vk+lDopF1fMIpBj045AWl8F4
7fR03Pu276ZwxA==
-----END CERTIFICATE-----