Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          qh6J4sjwccYE8I00GhmM1R0za19YOX5sunJ1I/cUwNo=
Subject key identifier:   A6:46:F0:55:A7:AA:29:8C:E5:29:83:DC:B0:F0:E5:1E:5E:EF:CC:75
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0197B77C4D167F317B97B818819EF95230FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0E97
Signing time:             Sat 28 Jun 2025 17:01:06 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:06 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:06 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: YtEkNfoe/PIWfTjQGk8J0eD+1KPC2i6I9Ny1t6LX89c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:4d:16:7f:31:7b:97:b8:18:81:9e:f9:52:30:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Jun 28 17:01:06 2025 GMT
            Not After : Jun 29 17:01:06 2025 GMT
        Subject: CN=a646f055a7aa298ce52983dcb0f0e51e5eefcc75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:84:c5:be:6c:08:d7:46:1a:a3:f5:de:78:b7:
                    35:ae:28:39:b5:9f:05:53:62:8b:4e:09:87:e1:84:
                    4b:8a:97:bf:a3:ad:f4:3b:a5:e2:dc:de:31:a0:14:
                    56:c6:bd:be:30:e3:cd:8d:2c:56:71:f6:35:90:df:
                    9b:77:b5:74:5d:7a:66:39:6b:db:54:56:c6:9c:7b:
                    97:ec:70:47:5a:fb:d3:f0:14:24:a6:c6:df:a3:65:
                    5a:20:5a:fc:65:ac:00:67:b4:86:d4:0b:e8:dc:84:
                    0f:71:8c:67:3e:61:a0:cf:6e:a0:53:3e:76:ef:db:
                    0a:8b:18:41:06:57:a6:69:1d:56:55:1f:b9:07:e0:
                    1c:09:70:1c:75:6b:78:9d:4d:01:3e:1b:7b:90:46:
                    45:6e:fe:15:56:64:9b:5e:0b:dd:de:51:19:77:32:
                    9f:30:62:a2:cd:ba:fd:40:bd:27:88:3a:3e:25:54:
                    76:ad:68:b9:08:c6:b0:cb:b1:9d:0d:69:b8:d7:59:
                    7c:f1:93:7b:ac:a3:d6:0f:dc:8b:89:8b:5a:3b:6d:
                    f3:5c:0c:dc:e7:66:8d:d2:4a:ef:a9:30:9c:2c:dc:
                    b6:bb:82:e3:e6:70:72:8f:59:2e:fc:eb:f5:5b:2e:
                    9b:18:31:d6:2f:f5:7f:a5:57:25:e8:9b:4d:c1:0c:
                    06:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:46:F0:55:A7:AA:29:8C:E5:29:83:DC:B0:F0:E5:1E:5E:EF:CC:75
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ea:a7:03:c8:13:12:cf:40:62:36:c7:fc:41:39:04:3b:76:
         ba:da:80:7b:a4:59:d6:f8:97:90:4b:57:fd:7e:8e:23:e0:e9:
         4d:44:24:b0:2c:4f:9b:53:63:1e:05:36:5d:e6:08:a9:c2:44:
         45:76:c4:25:46:8d:8d:39:42:c8:58:2d:37:63:dc:a3:d3:9e:
         d3:e4:e3:8e:e8:13:9b:06:9b:ea:2f:25:fa:0c:89:00:d4:ee:
         43:11:48:64:c2:a9:6d:e3:c5:21:13:94:a0:de:57:3b:f1:57:
         76:cd:06:47:19:33:3a:b8:6f:5b:30:08:e7:5a:06:b3:5c:08:
         74:60:ac:87:1a:c6:33:24:a4:40:61:f2:10:06:4b:62:a6:23:
         ec:db:22:87:2b:72:f4:e6:2d:14:56:e8:17:e8:c2:00:02:2b:
         d6:49:7c:f6:40:34:6d:df:45:ca:de:73:76:90:0c:28:c4:9d:
         ab:ce:2c:ac:72:f6:98:52:70:05:70:b3:79:5e:3b:fd:96:bb:
         cd:ad:86:b4:05:ab:fa:6f:f6:96:07:fb:0a:d9:a9:bd:ee:ac:
         fd:27:0b:47:0a:e9:e0:c4:8a:ce:74:32:ae:59:2f:8b:62:58:
         5f:92:97:a7:6f:2b:55:d4:d2:a1:ad:85:ec:05:56:14:e0:96:
         1f:30:e9:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fE0WfzF7l7gYgZ75UjD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNjI4MTcwMTA2WhcNMjUwNjI5MTcwMTA2WjAzMTEwLwYDVQQD
EyhhNjQ2ZjA1NWE3YWEyOThjZTUyOTgzZGNiMGYwZTUxZTVlZWZjYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoTFvmwI10Yao/XeeLc1rig5tZ8F
U2KLTgmH4YRLipe/o630O6Xi3N4xoBRWxr2+MOPNjSxWcfY1kN+bd7V0XXpmOWvb
VFbGnHuX7HBHWvvT8BQkpsbfo2VaIFr8ZawAZ7SG1Avo3IQPcYxnPmGgz26gUz52
79sKixhBBlemaR1WVR+5B+AcCXAcdWt4nU0BPht7kEZFbv4VVmSbXgvd3lEZdzKf
MGKizbr9QL0niDo+JVR2rWi5CMawy7GdDWm411l88ZN7rKPWD9yLiYtaO23zXAzc
52aN0krvqTCcLNy2u4Lj5nByj1ku/Ov1Wy6bGDHWL/V/pVcl6JtNwQwGdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZG8FWnqimM5SmD3LDw5R5e78x1MB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXOqnA8gT
Es9AYjbH/EE5BDt2utqAe6RZ1viXkEtX/X6OI+DpTUQksCxPm1NjHgU2XeYIqcJE
RXbEJUaNjTlCyFgtN2Pco9Oe0+TjjugTmwab6i8l+gyJANTuQxFIZMKpbePFIROU
oN5XO/FXds0GRxkzOrhvWzAI51oGs1wIdGCshxrGMySkQGHyEAZLYqYj7Nsihyty
9OYtFFboF+jCAAIr1kl89kA0bd9Fyt5zdpAMKMSdq84srHL2mFJwBXCzeV47/Za7
za2GtAWr+m/2lgf7Ctmpve6s/ScLRwrp4MSKznQyrlkvi2JYX5KXp28rVdTSoa2F
7AVWFOCWHzDpFw==
-----END CERTIFICATE-----