Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          AdkNLbTS9ZAKrmmRC3aWgIznuhnmEGAe7G26sEArt4A=
Subject key identifier:   E8:B1:B5:06:82:00:4B:6F:4D:F2:6C:BE:2B:79:08:8B:93:CF:2D:81
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0197D0976D44FE2DFB14486943A5657B4754
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0EA4
Signing time:             Thu 03 Jul 2025 14:01:14 +0000
Manifest this update:     Thu 03 Jul 2025 14:01:14 +0000
Manifest next update:     Fri 04 Jul 2025 14:01:14 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: kvSdzF38ccVKC/DRfZf+CWfswNdLj7NNvFtkQ8sbCq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 14:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d0:97:6d:44:fe:2d:fb:14:48:69:43:a5:65:7b:47:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Jul  3 14:01:14 2025 GMT
            Not After : Jul  4 14:01:14 2025 GMT
        Subject: CN=e8b1b50682004b6f4df26cbe2b79088b93cf2d81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:23:1e:81:f5:bb:d3:b9:1f:24:5d:f6:ae:01:
                    bc:cf:94:20:f2:7d:90:49:c2:5b:bd:aa:aa:9a:ad:
                    da:42:a9:71:2c:dc:89:8a:a5:0f:ae:e4:82:03:e9:
                    a2:43:ad:a9:90:98:35:2c:f6:3e:62:68:01:61:ed:
                    ef:da:4d:3d:26:ec:0f:e2:6d:0e:f5:f6:8d:e4:17:
                    93:58:e3:0a:76:27:91:71:f1:e4:9e:34:e8:50:ee:
                    02:bd:8c:8f:18:18:aa:44:1f:0d:8b:82:23:ff:55:
                    b9:7d:92:37:39:c2:c1:47:3c:2e:d0:78:3e:14:0a:
                    f7:ef:49:21:21:e1:0a:bc:70:a2:35:52:be:c3:da:
                    0d:54:e2:ba:d1:c5:80:f6:ee:fe:1b:6d:1a:ef:82:
                    1d:ab:f9:8f:31:43:70:13:73:b1:5b:29:f8:83:33:
                    eb:c1:d1:bf:3d:fc:de:5b:64:d2:c3:09:2e:84:9c:
                    45:07:3f:9f:2f:d4:6d:59:19:93:cb:18:78:b2:0b:
                    64:4a:70:39:8a:e7:8e:93:87:fb:fd:63:4d:fc:dd:
                    48:31:fe:2f:32:c3:47:17:2a:63:54:68:62:79:51:
                    70:80:06:fd:09:80:74:b3:de:89:96:12:01:3b:86:
                    36:0e:7a:6f:a8:39:ba:1c:b0:d9:f9:e3:09:2e:d7:
                    98:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:B1:B5:06:82:00:4B:6F:4D:F2:6C:BE:2B:79:08:8B:93:CF:2D:81
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:53:31:ae:71:1a:12:aa:11:6f:de:84:e9:76:52:ba:09:9e:
         d8:1d:84:c2:24:f8:f3:a4:13:05:02:f6:94:08:a8:8a:fa:8a:
         2e:b4:4c:bd:1c:a6:a3:ef:17:26:ba:46:74:d3:fb:eb:ae:f4:
         f0:85:d1:f2:36:37:23:9b:5e:b1:d9:9c:1e:ad:b3:8b:0d:82:
         45:50:2e:ba:06:af:7f:68:bf:e5:a2:f8:5c:81:66:f2:c3:7b:
         f0:61:79:15:33:36:a9:db:c8:f7:5e:1e:0f:c1:1d:a0:48:60:
         39:20:fe:08:ac:b4:d9:ca:3a:83:98:07:d3:d5:51:69:f0:68:
         65:c2:af:2c:81:00:55:d7:0d:63:71:dc:95:5a:4f:75:c7:6e:
         fe:d9:7c:e6:17:49:e5:89:82:c6:97:53:83:88:8c:b0:76:be:
         be:92:89:2c:1d:25:78:c6:7b:37:73:2f:a6:c5:3a:36:66:9a:
         6f:9f:d7:d4:37:44:8f:59:dd:df:d0:20:5d:72:57:70:9c:2f:
         3a:e1:73:85:da:c2:07:d0:a3:79:e9:39:45:1e:ce:24:2d:1e:
         de:18:8b:0a:15:a5:c9:3e:ea:67:62:12:d0:f3:09:00:f7:6d:
         17:f9:85:b3:d1:fe:a1:d5:6d:f5:4b:3e:b4:5a:c9:3f:53:45:
         31:87:c3:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfQl21E/i37FEhpQ6Vle0dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNzAzMTQwMTE0WhcNMjUwNzA0MTQwMTE0WjAzMTEwLwYDVQQD
EyhlOGIxYjUwNjgyMDA0YjZmNGRmMjZjYmUyYjc5MDg4YjkzY2YyZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSMegfW707kfJF32rgG8z5Qg8n2Q
ScJbvaqqmq3aQqlxLNyJiqUPruSCA+miQ62pkJg1LPY+YmgBYe3v2k09JuwP4m0O
9faN5BeTWOMKdieRcfHknjToUO4CvYyPGBiqRB8Ni4Ij/1W5fZI3OcLBRzwu0Hg+
FAr370khIeEKvHCiNVK+w9oNVOK60cWA9u7+G20a74Idq/mPMUNwE3OxWyn4gzPr
wdG/PfzeW2TSwwkuhJxFBz+fL9RtWRmTyxh4sgtkSnA5iueOk4f7/WNN/N1IMf4v
MsNHFypjVGhieVFwgAb9CYB0s96JlhIBO4Y2DnpvqDm6HLDZ+eMJLteYjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOixtQaCAEtvTfJsvit5CIuTzy2BMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0VMxrnEa
EqoRb96E6XZSugme2B2EwiT486QTBQL2lAioivqKLrRMvRymo+8XJrpGdNP76670
8IXR8jY3I5tesdmcHq2ziw2CRVAuugavf2i/5aL4XIFm8sN78GF5FTM2qdvI914e
D8EdoEhgOSD+CKy02co6g5gH09VRafBoZcKvLIEAVdcNY3HclVpPdcdu/tl85hdJ
5YmCxpdTg4iMsHa+vpKJLB0leMZ7N3MvpsU6Nmaab5/X1DdEj1nd39AgXXJXcJwv
OuFzhdrCB9Cjeek5RR7OJC0e3hiLChWlyT7qZ2IS0PMJAPdtF/mFs9H+odVt9Us+
tFrJP1NFMYfD6g==
-----END CERTIFICATE-----