Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          nB6xS62LNCC3tOHl4poBB13diB+dsCTLbyylM4nXXXo=
Subject key identifier:   30:5C:2F:5C:FA:A5:3E:2F:0D:ED:74:AD:4F:2D:EA:BF:96:F7:01:F5
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0199228C288DD214EE8EE98586FB14AA9B7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0F53
Signing time:             Sun 07 Sep 2025 05:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:34 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: wCiSExapjcg8cBWuFx1yoqjgbCpn/L61qG+84nOKbgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:28:8d:d2:14:ee:8e:e9:85:86:fb:14:aa:9b:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Sep  7 05:00:34 2025 GMT
            Not After : Sep  8 05:00:34 2025 GMT
        Subject: CN=305c2f5cfaa53e2f0ded74ad4f2deabf96f701f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:6f:45:f3:6e:35:1e:78:c9:39:88:28:70:
                    32:51:d5:38:2c:6f:c1:0b:cd:13:1d:a8:d9:d5:58:
                    0e:fe:e7:bd:25:14:ea:68:5d:42:17:46:71:7f:70:
                    69:a9:8a:25:20:02:c6:b6:69:7a:22:82:57:9f:52:
                    47:f3:22:98:92:10:29:70:2c:e4:b4:3c:99:da:c1:
                    16:f8:44:8e:99:fc:e4:66:db:c6:44:09:71:b6:94:
                    14:b5:5f:32:56:7d:63:2a:7b:58:18:c8:08:a9:9b:
                    17:fd:37:00:30:61:dd:7a:4c:a9:66:5e:72:a3:cf:
                    94:bc:b1:da:5d:05:1e:05:d1:a6:0a:b2:5e:46:fd:
                    2a:46:1b:80:db:c5:71:88:36:fb:b0:98:d2:b8:ce:
                    b2:16:f5:08:82:66:0e:59:93:87:d2:95:47:d0:26:
                    9c:62:c8:ba:70:44:dd:07:d9:5d:6a:a1:b3:f3:25:
                    a0:8a:3c:4f:c6:4a:09:11:88:1e:46:ed:c4:69:66:
                    24:89:e3:d7:8e:7e:cb:08:09:7f:3b:82:01:b1:11:
                    6d:31:d4:15:44:58:b6:9e:5f:b4:7a:89:ac:eb:26:
                    68:63:8e:f5:48:df:6e:30:8b:e5:89:eb:b6:1b:53:
                    76:49:ff:b0:92:1e:e7:2f:a0:78:f7:04:c1:79:8e:
                    3a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:5C:2F:5C:FA:A5:3E:2F:0D:ED:74:AD:4F:2D:EA:BF:96:F7:01:F5
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:62:17:04:48:95:cb:9e:33:2b:f8:5c:95:29:71:dd:93:63:
         b8:5c:b4:26:5c:a8:03:6c:82:03:be:40:e2:b9:09:82:d7:b8:
         3d:68:6c:7e:65:10:ef:50:99:51:f8:54:e7:d7:ce:dd:e3:68:
         ab:c6:0e:e3:42:ee:52:62:e3:dd:3b:68:92:d6:39:b0:4b:6d:
         49:38:9d:c2:a4:91:af:c1:0a:a9:67:07:8e:e6:15:06:8b:90:
         7f:61:76:f6:8e:a2:a0:62:8d:84:cd:c2:08:a2:02:c5:cf:be:
         24:53:0f:38:0a:39:6f:2b:8e:39:25:fa:d7:cb:82:ea:0f:a2:
         c3:4a:ab:53:f1:36:93:60:d2:13:18:2d:2a:03:94:44:04:00:
         2e:09:ef:23:e3:a2:d1:8f:07:bb:88:bd:8a:d7:ee:f4:ab:07:
         37:f7:8f:93:29:99:5c:99:16:3c:26:d2:07:6f:4b:07:5e:0c:
         d8:eb:d7:46:b5:98:2d:58:83:3b:fd:57:67:e8:e5:e7:65:db:
         bd:16:76:8d:46:fa:dd:ac:43:bd:8d:fc:2f:32:04:f5:cf:3e:
         86:e2:27:c0:d1:91:51:ac:80:44:5a:76:e0:37:f9:0e:d7:ba:
         9c:d4:59:10:54:52:30:99:27:90:63:56:58:37:32:60:7a:30:
         72:38:6b:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijCiN0hTujumFhvsUqpt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwOTA3MDUwMDM0WhcNMjUwOTA4MDUwMDM0WjAzMTEwLwYDVQQD
EygzMDVjMmY1Y2ZhYTUzZTJmMGRlZDc0YWQ0ZjJkZWFiZjk2ZjcwMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2dvRfNuNR54yTmIKHAyUdU4LG/B
C80THajZ1VgO/ue9JRTqaF1CF0Zxf3BpqYolIALGtml6IoJXn1JH8yKYkhApcCzk
tDyZ2sEW+ESOmfzkZtvGRAlxtpQUtV8yVn1jKntYGMgIqZsX/TcAMGHdekypZl5y
o8+UvLHaXQUeBdGmCrJeRv0qRhuA28VxiDb7sJjSuM6yFvUIgmYOWZOH0pVH0Cac
Ysi6cETdB9ldaqGz8yWgijxPxkoJEYgeRu3EaWYkiePXjn7LCAl/O4IBsRFtMdQV
RFi2nl+0eoms6yZoY471SN9uMIvlieu2G1N2Sf+wkh7nL6B49wTBeY46ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBcL1z6pT4vDe10rU8t6r+W9wH1MB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmIXBEiV
y54zK/hclSlx3ZNjuFy0JlyoA2yCA75A4rkJgte4PWhsfmUQ71CZUfhU59fO3eNo
q8YO40LuUmLj3TtoktY5sEttSTidwqSRr8EKqWcHjuYVBouQf2F29o6ioGKNhM3C
CKICxc++JFMPOAo5byuOOSX618uC6g+iw0qrU/E2k2DSExgtKgOURAQALgnvI+Oi
0Y8Hu4i9itfu9KsHN/ePkymZXJkWPCbSB29LB14M2OvXRrWYLViDO/1XZ+jl52Xb
vRZ2jUb63axDvY38LzIE9c8+huInwNGRUayARFp24Df5Dte6nNRZEFRSMJknkGNW
WDcyYHowcjhrMA==
-----END CERTIFICATE-----