Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          qvnwSuNXEZQKFRVamjlWKpaLqs21Ec+J8r7amvTvk8w=
Subject key identifier:   E5:33:B0:95:B1:06:6D:8A:AD:F1:49:BE:5A:33:19:00:38:6B:CA:A6
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0199FAD826EE335A09998C702924904499BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0FC3
Signing time:             Sun 19 Oct 2025 05:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:33 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: 9fmXpckU0JyYoe1y0GARQl8ierpqiLJkMqcSR92Xbv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:26:ee:33:5a:09:99:8c:70:29:24:90:44:99:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Oct 19 05:01:33 2025 GMT
            Not After : Oct 20 05:01:33 2025 GMT
        Subject: CN=e533b095b1066d8aadf149be5a331900386bcaa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:41:6e:2b:68:78:68:cf:30:aa:bc:ab:4f:4a:
                    b5:74:4c:52:ad:fc:17:a8:8b:5e:35:5d:2e:9d:90:
                    38:5f:81:ac:5b:1e:f7:9d:4e:3e:28:14:a7:1c:f5:
                    c4:f7:30:3a:bf:a7:be:9c:0d:7a:ea:37:de:e0:64:
                    ba:c4:6f:6f:a7:11:eb:84:ad:a6:c1:16:75:8f:1b:
                    fd:81:21:2a:d3:57:d4:aa:39:fd:71:ff:12:2f:7c:
                    a9:fe:29:26:06:51:a9:c9:d9:48:90:bc:e4:64:df:
                    77:74:31:46:2e:3b:cd:d0:bf:96:81:03:fa:c0:68:
                    a6:b7:3e:aa:56:7c:22:39:a1:68:1d:68:3b:3d:55:
                    46:ed:88:cf:6f:86:42:c5:66:ae:3e:e2:66:12:c6:
                    7e:25:cd:05:af:69:de:22:e1:76:53:d7:9d:07:27:
                    49:26:50:86:49:73:36:1a:58:cf:ba:c3:d4:85:b1:
                    9d:76:d6:c0:5b:ce:26:a0:78:0a:8a:6f:ed:85:62:
                    e8:d6:d4:97:3f:2e:13:e6:b7:3f:9f:88:86:39:b7:
                    6c:78:fd:ff:09:7d:fb:d3:dd:73:ef:7c:0d:93:87:
                    54:a8:c8:ab:59:10:38:f4:2c:75:3e:43:e5:dd:1a:
                    bb:c9:9b:3c:66:b0:06:7c:1c:b5:3f:2f:2c:f9:c7:
                    f5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:33:B0:95:B1:06:6D:8A:AD:F1:49:BE:5A:33:19:00:38:6B:CA:A6
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:a9:85:6a:a0:1c:6d:1b:00:04:0e:6d:4f:2e:28:40:c4:ef:
         ab:71:62:8c:52:1a:e7:90:d3:d7:05:0f:24:40:72:92:71:95:
         cf:47:94:82:b0:b6:65:8e:46:f6:a3:53:14:e8:bf:89:e3:ed:
         f2:4c:91:f3:5f:83:3a:09:6f:ae:f7:cd:9b:cb:3b:09:e1:67:
         2e:c2:c8:d7:f3:d7:7a:cf:5c:3c:0c:72:4e:4a:0d:6c:17:a6:
         64:b1:1c:4f:8d:e6:e0:d9:dd:63:5f:97:b7:b7:5f:5a:42:76:
         88:69:53:3f:3e:50:65:cf:bc:5f:07:5e:57:77:20:25:04:71:
         a3:f9:09:b4:68:93:e6:ad:55:68:9f:08:e9:b6:8f:21:b4:89:
         ee:04:6b:f5:72:07:f3:30:dd:5b:7b:cb:8b:a6:74:c7:6e:71:
         d6:c3:47:3a:a9:d8:a3:a4:ad:ac:cb:dc:28:64:ce:d2:fa:eb:
         0d:6f:cf:e2:9e:e9:b5:71:65:25:45:5a:a4:bf:f3:41:c8:ba:
         a2:14:07:98:32:6b:04:c0:15:96:93:f1:bc:4d:a1:bf:c2:08:
         fd:e5:5a:95:cf:63:dd:9e:58:fe:38:65:09:d9:09:66:34:2a:
         78:24:c7:93:3b:4c:15:1d:cd:3e:da:93:1d:30:5c:83:5a:98:
         06:54:4e:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62CbuM1oJmYxwKSSQRJm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUxMDE5MDUwMTMzWhcNMjUxMDIwMDUwMTMzWjAzMTEwLwYDVQQD
EyhlNTMzYjA5NWIxMDY2ZDhhYWRmMTQ5YmU1YTMzMTkwMDM4NmJjYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EFuK2h4aM8wqryrT0q1dExSrfwX
qIteNV0unZA4X4GsWx73nU4+KBSnHPXE9zA6v6e+nA166jfe4GS6xG9vpxHrhK2m
wRZ1jxv9gSEq01fUqjn9cf8SL3yp/ikmBlGpydlIkLzkZN93dDFGLjvN0L+WgQP6
wGimtz6qVnwiOaFoHWg7PVVG7YjPb4ZCxWauPuJmEsZ+Jc0Fr2neIuF2U9edBydJ
JlCGSXM2GljPusPUhbGddtbAW84moHgKim/thWLo1tSXPy4T5rc/n4iGObdseP3/
CX37091z73wNk4dUqMirWRA49Cx1PkPl3Rq7yZs8ZrAGfBy1Py8s+cf1WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUzsJWxBm2KrfFJvlozGQA4a8qmMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApKmFaqAc
bRsABA5tTy4oQMTvq3FijFIa55DT1wUPJEByknGVz0eUgrC2ZY5G9qNTFOi/iePt
8kyR81+DOglvrvfNm8s7CeFnLsLI1/PXes9cPAxyTkoNbBemZLEcT43m4NndY1+X
t7dfWkJ2iGlTPz5QZc+8XwdeV3cgJQRxo/kJtGiT5q1VaJ8I6baPIbSJ7gRr9XIH
8zDdW3vLi6Z0x25x1sNHOqnYo6StrMvcKGTO0vrrDW/P4p7ptXFlJUVapL/zQci6
ohQHmDJrBMAVlpPxvE2hv8II/eValc9j3Z5Y/jhlCdkJZjQqeCTHkztMFR3NPtqT
HTBcg1qYBlROKQ==
-----END CERTIFICATE-----