Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          aUFz/Ut8qxLwQJDtVsxenDggo6lZdSc7erOmSVpmwkc=
Subject key identifier:   C0:87:C2:C9:D5:77:FB:3D:08:BB:85:B0:90:BF:6F:36:82:66:15:2E
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       019A70A4E3CDEFE03B9B4C71D987F654B3A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          1000
Signing time:             Tue 11 Nov 2025 02:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:45 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: 6kfRVoYTGHQl1237WrZuat5CfkRpETTT6N66urMkjHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:e3:cd:ef:e0:3b:9b:4c:71:d9:87:f6:54:b3:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Nov 11 02:00:45 2025 GMT
            Not After : Nov 12 02:00:45 2025 GMT
        Subject: CN=c087c2c9d577fb3d08bb85b090bf6f368266152e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c6:07:59:60:b5:59:94:15:de:ca:28:7e:e8:
                    bb:58:50:5d:79:af:48:38:20:d1:53:f8:c4:8d:d0:
                    2c:29:7e:52:a3:db:d9:fd:58:d6:32:3e:01:ca:17:
                    0f:26:a1:0b:f9:11:db:3b:55:cc:c4:bf:41:3c:4a:
                    c3:b0:26:f7:76:a5:f5:78:84:04:58:f4:46:bb:4a:
                    27:27:ec:86:87:3e:77:aa:ee:90:7d:ed:f5:9b:67:
                    24:79:85:70:b1:14:26:b6:6b:b8:d7:b6:6f:70:76:
                    76:d8:49:27:d6:aa:2e:5c:32:5c:71:06:8c:da:d4:
                    13:de:d2:ea:d4:96:3a:a7:ba:33:46:12:8f:ec:ec:
                    ec:84:85:c4:a9:e6:1e:bf:f6:a2:d7:98:9d:75:19:
                    bf:cc:d7:2e:15:dc:8b:0c:cd:d4:ea:85:48:2a:40:
                    58:15:9d:e0:ce:71:73:d8:4c:c4:ec:69:9c:ee:39:
                    73:4e:86:a0:56:a5:6f:3b:1a:f3:8c:7c:73:ea:0f:
                    37:73:17:ed:b8:f4:46:3b:78:7d:76:85:7c:a4:45:
                    46:10:85:2c:66:7a:cd:c5:06:30:f5:28:91:75:67:
                    c9:03:33:b7:3b:5a:ec:53:0f:f8:d7:76:93:7c:ea:
                    6a:62:15:95:9d:25:a9:d2:b1:2b:8d:e3:22:21:3e:
                    e7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:87:C2:C9:D5:77:FB:3D:08:BB:85:B0:90:BF:6F:36:82:66:15:2E
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:da:ce:e7:be:16:da:c7:42:67:98:86:18:13:93:ba:03:4d:
         c5:e3:aa:4c:63:f1:8d:e6:12:5a:fe:7b:1a:af:59:54:cc:8e:
         e9:70:8c:4f:c0:ef:a1:93:18:60:80:d0:9b:bd:b3:32:0f:10:
         10:0b:43:6d:f5:c9:02:85:d7:c7:f7:23:9d:89:2a:06:3b:e5:
         7e:c7:f2:09:f8:ce:8b:34:a5:b0:61:5d:3f:6f:45:03:09:bc:
         86:f9:a3:92:1b:99:c9:33:ab:7a:dc:64:b5:74:b6:88:56:9b:
         a1:32:dd:b3:79:fa:ec:90:90:79:c4:b7:f6:0b:56:be:18:02:
         9e:2a:83:dd:e7:56:00:a0:7f:df:ce:98:17:38:75:9b:f4:7d:
         90:5d:b1:4c:28:96:ac:30:e5:8c:7c:db:d7:55:89:6c:a9:16:
         cd:51:b2:57:47:3b:5c:18:ab:ef:bb:fd:9b:b2:69:11:27:ae:
         b0:30:15:fa:15:7a:fe:c1:04:2c:dd:6c:a4:83:a5:c5:9c:e1:
         77:cc:cd:8c:3b:87:b1:4b:da:a6:4f:39:23:c0:77:97:d5:f3:
         2d:a9:51:1b:73:9c:54:1b:1e:d5:b0:48:48:57:d7:fc:63:20:
         ac:a5:4f:dc:5c:be:e4:af:a2:c2:f4:a8:f4:4c:59:ef:18:cb:
         da:a9:06:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOPN7+A7m0xx2Yf2VLOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUxMTExMDIwMDQ1WhcNMjUxMTEyMDIwMDQ1WjAzMTEwLwYDVQQD
EyhjMDg3YzJjOWQ1NzdmYjNkMDhiYjg1YjA5MGJmNmYzNjgyNjYxNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MYHWWC1WZQV3soofui7WFBdea9I
OCDRU/jEjdAsKX5So9vZ/VjWMj4ByhcPJqEL+RHbO1XMxL9BPErDsCb3dqX1eIQE
WPRGu0onJ+yGhz53qu6Qfe31m2ckeYVwsRQmtmu417ZvcHZ22Ekn1qouXDJccQaM
2tQT3tLq1JY6p7ozRhKP7OzshIXEqeYev/ai15iddRm/zNcuFdyLDM3U6oVIKkBY
FZ3gznFz2EzE7Gmc7jlzToagVqVvOxrzjHxz6g83cxftuPRGO3h9doV8pEVGEIUs
ZnrNxQYw9SiRdWfJAzO3O1rsUw/413aTfOpqYhWVnSWp0rErjeMiIT7nkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCHwsnVd/s9CLuFsJC/bzaCZhUuMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAndrO574W
2sdCZ5iGGBOTugNNxeOqTGPxjeYSWv57Gq9ZVMyO6XCMT8DvoZMYYIDQm72zMg8Q
EAtDbfXJAoXXx/cjnYkqBjvlfsfyCfjOizSlsGFdP29FAwm8hvmjkhuZyTOretxk
tXS2iFaboTLds3n67JCQecS39gtWvhgCniqD3edWAKB/386YFzh1m/R9kF2xTCiW
rDDljHzb11WJbKkWzVGyV0c7XBir77v9m7JpESeusDAV+hV6/sEELN1spIOlxZzh
d8zNjDuHsUvapk85I8B3l9XzLalRG3OcVBse1bBISFfX/GMgrKVP3Fy+5K+iwvSo
9ExZ7xjL2qkG0g==
-----END CERTIFICATE-----