Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          7Q/vY8qk9iPv9cGuMevZTAEIml4Ld1XjiEVrl1KTXqw=
Subject key identifier:   BA:2D:BE:1F:DF:12:8B:BC:62:C5:E0:AD:2C:62:CA:21:ED:7E:09:9E
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       0199FAD7A1CDB50F9DCE6D76493BE9C89C01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          1403
Signing time:             Sun 19 Oct 2025 05:00:59 +0000
Manifest this update:     Sun 19 Oct 2025 05:00:59 +0000
Manifest next update:     Mon 20 Oct 2025 05:00:59 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: q6uvehQ3G9bpkufYHU/Xegdvsv2T3bsKBlPCVlsMklA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:a1:cd:b5:0f:9d:ce:6d:76:49:3b:e9:c8:9c:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: Oct 19 05:00:59 2025 GMT
            Not After : Oct 20 05:00:59 2025 GMT
        Subject: CN=ba2dbe1fdf128bbc62c5e0ad2c62ca21ed7e099e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c7:31:bf:c2:4b:ca:67:cb:72:49:69:b4:3a:
                    0d:1c:2f:82:c9:a7:3f:65:c5:1e:f6:34:25:0f:99:
                    c9:ab:ae:37:da:87:01:7e:0c:86:9d:63:0a:6b:10:
                    8d:bb:ff:d4:32:b3:ea:2f:9f:65:60:8c:43:a0:7a:
                    05:34:80:ab:7b:2d:0a:64:11:d3:18:de:a3:d6:3c:
                    5a:4e:28:0b:20:80:c1:ca:8d:4b:13:bb:d5:b6:02:
                    d4:32:62:5f:83:60:33:6c:3a:6f:23:51:0d:a9:01:
                    3f:99:ff:02:62:65:db:98:6c:f9:2c:50:9d:5b:e5:
                    ac:e5:6b:f1:94:71:dd:73:8f:68:91:eb:54:f7:f1:
                    1f:0a:19:80:64:69:30:11:dc:ae:cd:8e:9a:eb:37:
                    ac:dc:ff:ec:08:3c:7f:3f:79:d9:55:93:10:6c:8e:
                    ed:fe:4a:e2:72:87:bd:63:3e:c0:14:62:45:e6:5f:
                    73:0c:7f:ba:e2:14:22:19:58:26:ef:7b:3a:99:68:
                    19:16:25:e2:f6:79:69:30:4a:7f:96:dd:d7:c8:e2:
                    e8:de:c4:2e:d1:b8:bb:09:90:f8:1c:96:4f:78:02:
                    e1:64:60:1e:11:0a:9d:a3:54:8f:fd:01:6e:f3:8f:
                    59:c7:5d:85:ee:65:08:50:6f:75:28:ca:65:23:a0:
                    68:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:2D:BE:1F:DF:12:8B:BC:62:C5:E0:AD:2C:62:CA:21:ED:7E:09:9E
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:cd:31:88:e8:6f:ec:5b:12:7f:22:8a:ef:1e:11:b8:72:29:
         df:a2:cf:69:af:d9:24:10:b4:50:f8:08:ec:d3:53:4b:41:35:
         c9:84:54:fd:4b:20:a0:46:c0:17:b6:fd:fb:d1:84:5f:85:90:
         5a:71:6c:ad:29:00:9f:64:e3:d4:b2:de:c0:75:ce:f7:6b:c7:
         16:1e:1d:32:14:d3:10:fd:d1:2a:43:08:73:44:0d:c8:f2:c2:
         ff:b0:a7:6e:ae:60:e9:b8:f8:fc:67:a2:81:2f:fa:ec:3e:8f:
         d2:1d:6d:c4:13:ac:c8:67:09:dc:52:48:49:de:e0:d4:ba:f5:
         14:03:2a:98:90:0b:9a:7c:84:ff:ff:6a:3d:ee:35:b1:5a:07:
         2c:89:7b:ab:eb:6a:00:45:fb:c1:af:be:02:f7:c7:e5:ef:6f:
         af:fa:6d:0a:be:76:dd:5a:a6:a0:51:2d:dd:84:33:f3:f8:22:
         33:91:b6:9b:1e:74:1b:a7:b1:d7:5f:69:eb:dc:43:af:67:fb:
         83:52:06:f6:61:bf:48:d7:6e:a2:83:0d:7a:96:63:6e:0e:66:
         ec:81:5c:f2:3e:2b:dc:44:d0:80:49:e5:b0:39:7b:da:d4:ed:
         7c:41:15:03:0e:86:5d:ca:47:6b:b8:0d:f1:3b:ed:6e:80:50:
         a9:64:59:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn616HNtQ+dzm12STvpyJwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjUxMDE5MDUwMDU5WhcNMjUxMDIwMDUwMDU5WjAzMTEwLwYDVQQD
EyhiYTJkYmUxZmRmMTI4YmJjNjJjNWUwYWQyYzYyY2EyMWVkN2UwOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8cxv8JLymfLcklptDoNHC+Cyac/
ZcUe9jQlD5nJq6432ocBfgyGnWMKaxCNu//UMrPqL59lYIxDoHoFNICrey0KZBHT
GN6j1jxaTigLIIDByo1LE7vVtgLUMmJfg2AzbDpvI1ENqQE/mf8CYmXbmGz5LFCd
W+Ws5WvxlHHdc49oketU9/EfChmAZGkwEdyuzY6a6zes3P/sCDx/P3nZVZMQbI7t
/kricoe9Yz7AFGJF5l9zDH+64hQiGVgm73s6mWgZFiXi9nlpMEp/lt3XyOLo3sQu
0bi7CZD4HJZPeALhZGAeEQqdo1SP/QFu849Zx12F7mUIUG91KMplI6BowQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLotvh/fEou8YsXgrSxiyiHtfgmeMB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1c0xiOhv
7FsSfyKK7x4RuHIp36LPaa/ZJBC0UPgI7NNTS0E1yYRU/UsgoEbAF7b9+9GEX4WQ
WnFsrSkAn2Tj1LLewHXO92vHFh4dMhTTEP3RKkMIc0QNyPLC/7Cnbq5g6bj4/Gei
gS/67D6P0h1txBOsyGcJ3FJISd7g1Lr1FAMqmJALmnyE//9qPe41sVoHLIl7q+tq
AEX7wa++AvfH5e9vr/ptCr523VqmoFEt3YQz8/giM5G2mx50G6ex119p69xDr2f7
g1IG9mG/SNduooMNepZjbg5m7IFc8j4r3ETQgEnlsDl72tTtfEEVAw6GXcpHa7gN
8TvtboBQqWRZjQ==
-----END CERTIFICATE-----