Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          zaLLwlYITlzg96SuWsJ1oaS9TMqRvDFwJtyiNF9AA7Y=
Subject key identifier:   42:80:C8:5B:BB:BC:49:85:5F:47:86:81:4A:25:8E:D5:2F:9C:EF:0D
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0196B890EEE0FC270CA581F7EAB65B709ABA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0E13
Signing time:             Sat 10 May 2025 05:00:28 +0000
Manifest this update:     Sat 10 May 2025 05:00:28 +0000
Manifest next update:     Sun 11 May 2025 05:00:28 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: Z6UpnUcL3oE/HtHnPz2hz9JeqjUMcb/Z1UjU/H2xISU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:90:ee:e0:fc:27:0c:a5:81:f7:ea:b6:5b:70:9a:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: May 10 05:00:28 2025 GMT
            Not After : May 11 05:00:28 2025 GMT
        Subject: CN=4280c85bbbbc49855f4786814a258ed52f9cef0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:70:09:eb:5c:a7:ce:1c:c1:7b:fb:4f:f9:04:
                    c4:f2:97:a3:ad:e0:59:39:ed:98:a7:dd:83:fa:91:
                    b6:e5:65:73:23:61:47:e2:8f:53:0e:a0:2a:61:d0:
                    45:24:c3:bf:27:db:d8:63:fe:55:e4:00:0a:bd:7f:
                    7c:53:c3:43:b7:db:e2:70:e9:67:99:c3:3e:5b:bb:
                    86:ff:e0:53:3b:b7:8f:2a:81:cc:78:51:56:7c:32:
                    05:25:0f:96:72:53:de:8a:a6:d8:69:b3:76:c1:f1:
                    37:72:d1:23:9c:ea:8e:ac:4c:1c:f5:6b:bd:32:0c:
                    76:bd:27:df:84:20:d2:fa:97:6b:23:2b:2a:30:0d:
                    13:ca:3b:b3:54:30:1a:1c:3d:09:86:d6:66:77:0e:
                    af:93:27:2f:aa:68:25:47:7c:85:aa:74:8e:6c:5d:
                    57:6d:58:fb:ce:f5:61:6d:ff:c5:85:01:ac:93:df:
                    b3:6c:c8:f5:0a:b9:c2:e1:f2:b5:7b:80:88:1d:e5:
                    11:13:9a:37:e9:54:93:fd:5b:b6:fe:2c:e0:6a:61:
                    e4:e4:85:62:7f:05:00:02:5a:87:ee:44:7c:e9:e0:
                    1b:fc:4d:c5:1d:76:fb:ae:58:7c:10:2d:65:56:43:
                    bd:4a:9e:df:1e:39:c8:85:70:4a:d5:31:d8:42:8f:
                    73:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:80:C8:5B:BB:BC:49:85:5F:47:86:81:4A:25:8E:D5:2F:9C:EF:0D
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:1a:2e:b8:c6:df:27:99:a7:77:64:4a:23:1b:0e:19:a3:d3:
         16:e3:48:21:43:63:4d:6e:ea:7b:d4:6c:dc:db:50:74:ee:a3:
         f7:37:18:aa:63:7b:c3:c7:58:1e:35:2b:1b:ed:5e:60:b6:e2:
         55:aa:bf:b6:19:ec:de:dd:fe:cc:97:7f:ef:22:9f:df:b4:fb:
         c0:74:e5:31:75:70:83:06:9a:bf:c9:6e:fa:af:3a:9f:c4:e3:
         7e:bd:ff:55:02:6d:0c:75:96:1d:a8:f7:53:33:0e:46:c4:19:
         fd:af:32:00:18:86:6a:35:14:80:70:8c:af:53:1d:bb:ba:b8:
         78:28:8a:e1:ea:7d:47:5d:f5:57:3e:9e:0e:14:cf:0a:bc:20:
         d9:9c:93:34:6b:20:54:5f:32:62:5a:5b:c6:a1:86:e9:64:08:
         d2:55:28:d2:6e:14:4e:d4:ad:fc:08:9f:49:8a:05:18:2c:95:
         c4:5b:93:f6:8f:cd:dc:ff:a2:54:36:5d:f3:fb:32:55:5d:ee:
         52:fe:b9:80:18:aa:ce:df:f4:9c:71:ca:5f:b4:7f:ba:3b:6c:
         06:97:dd:fa:7c:39:34:2c:a2:8c:1a:52:47:f8:d5:67:2e:7c:
         88:d4:87:fb:e1:aa:cb:fd:80:65:a1:36:27:81:14:f3:f4:9c:
         19:34:50:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4kO7g/CcMpYH36rZbcJq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNTEwMDUwMDI4WhcNMjUwNTExMDUwMDI4WjAzMTEwLwYDVQQD
Eyg0MjgwYzg1YmJiYmM0OTg1NWY0Nzg2ODE0YTI1OGVkNTJmOWNlZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XAJ61ynzhzBe/tP+QTE8pejreBZ
Oe2Yp92D+pG25WVzI2FH4o9TDqAqYdBFJMO/J9vYY/5V5AAKvX98U8NDt9vicOln
mcM+W7uG/+BTO7ePKoHMeFFWfDIFJQ+WclPeiqbYabN2wfE3ctEjnOqOrEwc9Wu9
Mgx2vSffhCDS+pdrIysqMA0TyjuzVDAaHD0JhtZmdw6vkycvqmglR3yFqnSObF1X
bVj7zvVhbf/FhQGsk9+zbMj1CrnC4fK1e4CIHeURE5o36VST/Vu2/izgamHk5IVi
fwUAAlqH7kR86eAb/E3FHXb7rlh8EC1lVkO9Sp7fHjnIhXBK1THYQo9z3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKAyFu7vEmFX0eGgUoljtUvnO8NMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyhouuMbf
J5mnd2RKIxsOGaPTFuNIIUNjTW7qe9Rs3NtQdO6j9zcYqmN7w8dYHjUrG+1eYLbi
Vaq/thns3t3+zJd/7yKf37T7wHTlMXVwgwaav8lu+q86n8Tjfr3/VQJtDHWWHaj3
UzMORsQZ/a8yABiGajUUgHCMr1Mdu7q4eCiK4ep9R131Vz6eDhTPCrwg2ZyTNGsg
VF8yYlpbxqGG6WQI0lUo0m4UTtSt/AifSYoFGCyVxFuT9o/N3P+iVDZd8/syVV3u
Uv65gBiqzt/0nHHKX7R/ujtsBpfd+nw5NCyijBpSR/jVZy58iNSH++Gqy/2AZaE2
J4EU8/ScGTRQAQ==
-----END CERTIFICATE-----