Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          Lvrq6JcUit3IVYqHUwEpd4vEWPkWrthZAk7qsKUWPvs=
Subject key identifier:   C8:69:7C:1F:4D:33:74:6E:97:CC:91:52:73:93:66:FD:2E:DF:35:00
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0198D54DD458EC403C9C2D34EAC69CDCD0AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0F2B
Signing time:             Sat 23 Aug 2025 05:01:44 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:44 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:44 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: +0VH7hS3MnMtm8aCiOd0xqZN8ZIWV6BpJkVE0CEx0zw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:d4:58:ec:40:3c:9c:2d:34:ea:c6:9c:dc:d0:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Aug 23 05:01:44 2025 GMT
            Not After : Aug 24 05:01:44 2025 GMT
        Subject: CN=c8697c1f4d33746e97cc9152739366fd2edf3500
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b2:ed:13:9d:41:21:93:cf:48:1d:88:e9:99:
                    63:62:55:b4:6f:f1:d0:f6:c6:e4:d2:18:d8:db:ed:
                    f7:40:dc:09:b3:77:00:d3:7f:2f:b1:9c:d5:a4:8f:
                    5f:a3:4b:f8:5c:4d:da:cc:fd:fa:9a:14:77:ef:a8:
                    28:89:da:0d:73:08:48:f5:e9:b9:7c:a1:e2:5f:f2:
                    9f:13:27:fe:7a:ff:80:8b:5b:bf:9f:24:45:4e:95:
                    16:88:e6:48:4a:cb:4a:95:f3:e4:4d:6b:4e:aa:91:
                    d6:f4:ac:85:9f:e7:9b:89:a3:94:e2:0a:db:7c:ad:
                    87:a6:3c:ab:52:e4:6a:c5:67:02:89:f2:67:42:43:
                    6c:77:9f:16:19:e9:ee:85:db:ad:b9:43:15:a2:52:
                    0e:0e:2f:72:af:28:4e:f5:dd:cd:18:f9:89:fd:fb:
                    b9:e8:7c:9a:58:cf:e7:cf:48:da:b2:b6:c7:ed:a9:
                    ef:5c:73:68:9c:16:0a:26:3d:d1:da:d7:6f:a1:5f:
                    b3:d4:24:56:14:e2:f1:d7:0f:b7:3e:d8:c4:aa:2b:
                    9b:df:09:10:fd:93:9a:dc:14:ab:8f:b3:cf:1b:b2:
                    c8:16:e8:65:fd:51:08:b7:e0:81:56:08:b0:ca:5c:
                    4a:5d:1e:63:67:ed:66:b3:ba:a4:d4:99:ed:2d:7e:
                    4c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:69:7C:1F:4D:33:74:6E:97:CC:91:52:73:93:66:FD:2E:DF:35:00
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:bb:77:c5:7b:d6:5e:ca:dd:b8:33:49:85:5c:03:81:21:a6:
         8b:bc:64:9a:b4:5a:3b:75:e1:f7:3d:8c:37:da:99:60:6c:89:
         f6:85:ea:f6:6c:a7:18:17:85:d6:66:c4:13:a3:c4:82:e0:ac:
         c5:97:01:42:a9:38:19:35:27:96:f2:b1:eb:4d:e4:84:7d:a3:
         f3:43:4b:92:f5:b9:6f:42:24:2b:ba:f8:42:60:d3:a7:56:b8:
         61:21:e9:4f:8f:53:db:c2:b9:55:65:0f:49:c8:b9:5c:d3:7d:
         72:f2:69:82:81:32:c0:96:80:21:43:58:24:da:87:b8:8f:c3:
         f1:ba:6b:7b:12:fb:46:1a:1e:63:6e:56:92:c5:f1:77:a9:38:
         38:35:46:fc:ed:4a:ff:fd:8a:dc:45:d3:22:27:cc:92:cc:dd:
         27:24:ff:82:bb:7e:5b:b4:5a:c2:b8:22:2e:48:a6:42:33:ba:
         1a:45:6b:e9:8f:7a:40:9c:22:d9:d6:de:b5:f6:e9:76:b7:fc:
         9f:a5:83:f2:3a:4b:ea:5a:41:a4:03:18:9e:ab:4a:6d:ce:9b:
         e8:19:f1:3b:45:72:22:7b:58:91:09:d8:a1:78:61:55:c6:aa:
         2c:14:7b:3c:02:b4:a3:50:c3:37:e1:ab:b7:c9:52:cb:b2:6f:
         26:6a:d3:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTdRY7EA8nC006sac3NCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwODIzMDUwMTQ0WhcNMjUwODI0MDUwMTQ0WjAzMTEwLwYDVQQD
EyhjODY5N2MxZjRkMzM3NDZlOTdjYzkxNTI3MzkzNjZmZDJlZGYzNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLLtE51BIZPPSB2I6ZljYlW0b/HQ
9sbk0hjY2+33QNwJs3cA038vsZzVpI9fo0v4XE3azP36mhR376goidoNcwhI9em5
fKHiX/KfEyf+ev+Ai1u/nyRFTpUWiOZISstKlfPkTWtOqpHW9KyFn+ebiaOU4grb
fK2HpjyrUuRqxWcCifJnQkNsd58WGenuhdutuUMVolIODi9yryhO9d3NGPmJ/fu5
6HyaWM/nz0jasrbH7anvXHNonBYKJj3R2tdvoV+z1CRWFOLx1w+3PtjEqiub3wkQ
/ZOa3BSrj7PPG7LIFuhl/VEIt+CBVgiwylxKXR5jZ+1ms7qk1JntLX5M8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhpfB9NM3Rul8yRUnOTZv0u3zUAMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxrt3xXvW
XsrduDNJhVwDgSGmi7xkmrRaO3Xh9z2MN9qZYGyJ9oXq9mynGBeF1mbEE6PEguCs
xZcBQqk4GTUnlvKx603khH2j80NLkvW5b0IkK7r4QmDTp1a4YSHpT49T28K5VWUP
Sci5XNN9cvJpgoEywJaAIUNYJNqHuI/D8bprexL7RhoeY25WksXxd6k4ODVG/O1K
//2K3EXTIifMkszdJyT/grt+W7RawrgiLkimQjO6GkVr6Y96QJwi2dbetfbpdrf8
n6WD8jpL6lpBpAMYnqtKbc6b6BnxO0VyIntYkQnYoXhhVcaqLBR7PAK0o1DDN+Gr
t8lSy7JvJmrTxA==
-----END CERTIFICATE-----