Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          3Ql1yO7UePfDNeEx9aiBceLVr4mHONdxkvkPP+/Icyc=
Subject key identifier:   77:69:20:FC:28:57:F4:08:32:E8:92:AE:5D:63:BA:53:0F:C5:2A:7D
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0194C46386655A6D02F8A928061E04A56A9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0D10
Signing time:             Sun 02 Feb 2025 02:00:44 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:44 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:44 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: Rj8/06R968xCfN6PAEShSykAo2koQGN4MPYTjPg8oyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:86:65:5a:6d:02:f8:a9:28:06:1e:04:a5:6a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Feb  2 02:00:44 2025 GMT
            Not After : Feb  3 02:00:44 2025 GMT
        Subject: CN=776920fc2857f40832e892ae5d63ba530fc52a7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6c:f9:43:29:71:8d:05:a1:14:84:f1:31:0d:
                    56:da:57:3f:f3:86:37:ec:20:3a:4b:1b:60:7b:19:
                    3b:b1:0c:5d:0a:95:04:8c:96:aa:8a:21:99:fd:97:
                    47:7c:cf:25:d4:5a:c1:09:63:93:0d:b0:24:91:36:
                    c5:2e:3f:60:5f:87:bd:94:2b:22:4b:04:80:bd:17:
                    33:ec:16:f2:65:07:21:dc:0e:0d:66:22:96:c1:57:
                    2c:38:d1:d2:19:81:7a:e2:fc:2a:99:87:ee:06:d7:
                    06:13:96:8f:ab:93:a3:53:99:84:c1:58:65:27:6e:
                    cf:16:76:3c:ec:13:fb:45:85:6b:d0:aa:5a:c7:83:
                    5f:91:ac:80:ee:ab:48:8c:ed:d3:36:ac:83:ee:bf:
                    b2:d2:34:a8:ed:b3:18:a0:d6:19:fd:4f:00:df:4f:
                    6a:13:49:56:4b:72:e9:05:16:ae:e6:27:c5:c6:c1:
                    fc:f7:b5:08:9f:d9:0f:26:3f:2e:b8:d1:e4:f6:e7:
                    ee:3f:99:e8:c3:d0:be:6e:af:d2:28:f4:ff:29:06:
                    af:89:62:1f:1a:ec:0b:88:d8:b2:81:b3:c0:1d:31:
                    30:0c:88:91:d4:45:cd:13:77:2d:d9:df:2c:f1:7a:
                    dc:a3:7d:76:fb:67:bf:b0:e2:32:9c:00:df:5f:35:
                    3e:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:69:20:FC:28:57:F4:08:32:E8:92:AE:5D:63:BA:53:0F:C5:2A:7D
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:dd:c0:09:3d:8d:bc:6c:27:3d:8d:3d:e6:fb:50:6e:23:4f:
         0e:3b:8a:fb:48:98:22:f8:42:1b:b6:d0:e4:bf:ac:94:f8:3a:
         61:04:eb:4b:08:38:e9:54:25:ad:b6:bd:0c:6a:7b:85:c4:68:
         cb:72:8d:da:87:0e:86:73:de:5d:de:23:f3:81:16:c7:81:05:
         bf:3c:e7:94:b8:ed:18:06:80:a5:fd:58:bb:7d:0c:d1:85:08:
         2f:3a:c1:8c:33:55:1c:14:08:ae:82:4c:81:f4:ce:50:b5:a3:
         94:6c:2f:d6:fd:10:6f:51:72:f1:b1:27:27:00:93:c7:0a:b5:
         17:86:ff:db:d7:76:c7:80:f1:46:8a:f6:6c:ab:9e:6b:68:65:
         c6:76:04:e3:b2:51:63:85:e0:97:67:f7:6b:27:c5:80:48:e0:
         77:51:d2:93:b1:52:db:70:7d:a3:06:54:2e:71:e7:02:bf:61:
         dd:60:d1:c8:fc:fb:01:ce:01:5a:a3:67:db:31:f4:8f:ad:b9:
         e1:89:3a:5e:2b:b5:f8:89:03:3d:33:cc:5a:d3:0e:16:16:ef:
         e2:81:e6:9c:20:db:bc:e0:10:a2:50:00:37:30:41:d3:65:14:
         37:20:a4:28:d5:55:8c:fa:3a:3f:68:02:2e:73:21:87:25:60:
         0d:8f:15:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY4ZlWm0C+KkoBh4EpWqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwMjAyMDIwMDQ0WhcNMjUwMjAzMDIwMDQ0WjAzMTEwLwYDVQQD
Eyg3NzY5MjBmYzI4NTdmNDA4MzJlODkyYWU1ZDYzYmE1MzBmYzUyYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomz5QylxjQWhFITxMQ1W2lc/84Y3
7CA6Sxtgexk7sQxdCpUEjJaqiiGZ/ZdHfM8l1FrBCWOTDbAkkTbFLj9gX4e9lCsi
SwSAvRcz7BbyZQch3A4NZiKWwVcsONHSGYF64vwqmYfuBtcGE5aPq5OjU5mEwVhl
J27PFnY87BP7RYVr0Kpax4NfkayA7qtIjO3TNqyD7r+y0jSo7bMYoNYZ/U8A309q
E0lWS3LpBRau5ifFxsH897UIn9kPJj8uuNHk9ufuP5now9C+bq/SKPT/KQaviWIf
GuwLiNiygbPAHTEwDIiR1EXNE3ct2d8s8Xrco312+2e/sOIynADfXzU+bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdpIPwoV/QIMuiSrl1julMPxSp9MB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnt3ACT2N
vGwnPY095vtQbiNPDjuK+0iYIvhCG7bQ5L+slPg6YQTrSwg46VQlrba9DGp7hcRo
y3KN2ocOhnPeXd4j84EWx4EFvzznlLjtGAaApf1Yu30M0YUILzrBjDNVHBQIroJM
gfTOULWjlGwv1v0Qb1Fy8bEnJwCTxwq1F4b/29d2x4DxRor2bKuea2hlxnYE47JR
Y4Xgl2f3ayfFgEjgd1HSk7FS23B9owZULnHnAr9h3WDRyPz7Ac4BWqNn2zH0j625
4Yk6Xiu1+IkDPTPMWtMOFhbv4oHmnCDbvOAQolAANzBB02UUNyCkKNVVjPo6P2gC
LnMhhyVgDY8VEQ==
-----END CERTIFICATE-----