Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          zjZL+sQWejsazIcOsxAleFPWzKnMX5yUwLuJOqAyb6Y=
Subject key identifier:   C6:31:18:A0:24:C3:6E:BE:2A:94:AD:85:F0:E2:9E:AC:FC:0A:D9:53
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0196C804575D0DCB74C9E301B7BF8BD43E3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0E1B
Signing time:             Tue 13 May 2025 05:00:49 +0000
Manifest this update:     Tue 13 May 2025 05:00:49 +0000
Manifest next update:     Wed 14 May 2025 05:00:49 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: jw6+IsuFtbTcP8Lvc+/wKJlbluQtA0u9hXwDsA8u+l8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:04:57:5d:0d:cb:74:c9:e3:01:b7:bf:8b:d4:3e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: May 13 05:00:49 2025 GMT
            Not After : May 14 05:00:49 2025 GMT
        Subject: CN=c63118a024c36ebe2a94ad85f0e29eacfc0ad953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fb:ae:cc:5a:cd:c0:bb:67:64:e6:88:38:1a:
                    53:53:ec:91:57:20:4a:ae:e0:2c:7c:90:a3:5f:df:
                    17:a9:2a:3a:f0:69:75:9e:3c:59:be:cf:ba:58:98:
                    28:ab:8d:a0:ba:70:64:2a:29:65:a3:fc:93:82:25:
                    06:d0:44:71:b1:0e:2d:91:e1:e6:6d:22:f5:f2:5b:
                    83:68:78:e4:ce:d6:93:a6:a0:4e:59:b4:af:69:c3:
                    ec:d6:c3:30:2b:68:d0:9d:aa:ec:12:c4:24:02:ab:
                    2b:f8:25:f4:f8:52:63:b8:52:03:cc:ee:69:b7:db:
                    1d:97:d9:99:77:14:5f:1e:70:c5:33:3a:3c:c9:28:
                    31:ab:ce:e1:0f:83:15:4b:7c:46:7d:44:df:be:d0:
                    78:47:93:77:0d:63:84:27:8a:70:51:87:5f:2e:7a:
                    fb:42:43:85:6d:ee:6d:23:0a:50:85:5a:3c:83:42:
                    d7:f4:08:4c:54:ac:f2:5b:d6:b7:10:5c:74:24:e5:
                    76:02:cd:eb:7a:0e:0e:0d:b9:2c:d9:50:bb:9c:c2:
                    43:1d:18:2b:4e:12:13:07:25:2f:c0:98:3d:97:16:
                    fb:1a:85:94:4c:06:7c:f8:c4:ec:7a:fc:c3:e5:c4:
                    bf:2f:fa:d2:b1:79:e3:6f:87:69:e9:50:5f:17:58:
                    61:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:31:18:A0:24:C3:6E:BE:2A:94:AD:85:F0:E2:9E:AC:FC:0A:D9:53
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:ab:ff:dd:e7:65:2b:6a:95:f1:d8:15:46:bb:0a:26:56:00:
         81:69:b6:8f:da:2d:5d:de:1f:8b:eb:19:af:d2:6d:71:26:c9:
         3e:d5:1a:91:5e:66:18:20:0c:0e:7e:b7:d1:4a:f9:da:ce:26:
         2e:72:5b:0e:8d:56:d3:d6:56:a3:c9:7a:a1:33:c9:28:3c:86:
         75:d4:4a:a3:2d:9a:4a:27:24:2b:57:88:b4:35:4f:e2:fd:94:
         bf:bf:d7:35:5d:e5:a5:c3:55:e8:75:e2:30:02:27:fd:e5:a3:
         03:49:45:49:53:86:a3:d4:0b:84:2f:ef:3c:0e:f5:36:73:70:
         b2:47:3e:ef:f0:a9:23:cd:46:01:00:49:50:21:f4:d3:9d:21:
         16:55:6b:81:98:12:67:35:0c:6d:d8:f3:e2:38:09:af:ca:7c:
         41:16:3a:62:4f:a1:ee:04:f9:78:32:f9:c4:a1:7c:0b:97:c0:
         05:ff:47:1b:dd:af:36:f9:f9:9c:d8:ea:90:1a:82:c8:b6:b3:
         8e:b4:75:ab:e3:90:95:81:eb:70:b0:2e:9d:d7:67:74:03:5a:
         e6:87:40:9d:cc:ae:7e:b5:71:49:e3:2b:09:e6:ac:55:23:39:
         6f:79:9e:c9:72:34:cf:ec:90:a1:3e:be:76:05:e5:80:32:ac:
         81:87:b0:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIBFddDct0yeMBt7+L1D46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNTEzMDUwMDQ5WhcNMjUwNTE0MDUwMDQ5WjAzMTEwLwYDVQQD
EyhjNjMxMThhMDI0YzM2ZWJlMmE5NGFkODVmMGUyOWVhY2ZjMGFkOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/uuzFrNwLtnZOaIOBpTU+yRVyBK
ruAsfJCjX98XqSo68Gl1njxZvs+6WJgoq42gunBkKillo/yTgiUG0ERxsQ4tkeHm
bSL18luDaHjkztaTpqBOWbSvacPs1sMwK2jQnarsEsQkAqsr+CX0+FJjuFIDzO5p
t9sdl9mZdxRfHnDFMzo8ySgxq87hD4MVS3xGfUTfvtB4R5N3DWOEJ4pwUYdfLnr7
QkOFbe5tIwpQhVo8g0LX9AhMVKzyW9a3EFx0JOV2As3reg4ODbks2VC7nMJDHRgr
ThITByUvwJg9lxb7GoWUTAZ8+MTsevzD5cS/L/rSsXnjb4dp6VBfF1hhGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYxGKAkw26+KpSthfDinqz8CtlTMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqv/3edl
K2qV8dgVRrsKJlYAgWm2j9otXd4fi+sZr9JtcSbJPtUakV5mGCAMDn630Ur52s4m
LnJbDo1W09ZWo8l6oTPJKDyGddRKoy2aSickK1eItDVP4v2Uv7/XNV3lpcNV6HXi
MAIn/eWjA0lFSVOGo9QLhC/vPA71NnNwskc+7/CpI81GAQBJUCH0050hFlVrgZgS
ZzUMbdjz4jgJr8p8QRY6Yk+h7gT5eDL5xKF8C5fABf9HG92vNvn5nNjqkBqCyLaz
jrR1q+OQlYHrcLAunddndANa5odAncyufrVxSeMrCeasVSM5b3meyXI0z+yQoT6+
dgXlgDKsgYewfw==
-----END CERTIFICATE-----