Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          RrDRknxoyiFYxAcmpSt1nErP1QN8jwVeamQBMZRchFo=
Subject key identifier:   21:7C:68:84:33:B6:F2:6E:19:E9:96:3E:02:A8:67:96:68:8C:46:74
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0197684E2525D52C3B58EA42AF185AA14EBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0E6E
Signing time:             Fri 13 Jun 2025 08:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 08:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 08:00:41 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: 1dFnVPC0rToZsJfjpIOcZck3HPuD+e+vCOlwTCsAw7Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 08:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:25:25:d5:2c:3b:58:ea:42:af:18:5a:a1:4e:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Jun 13 08:00:41 2025 GMT
            Not After : Jun 14 08:00:41 2025 GMT
        Subject: CN=217c688433b6f26e19e9963e02a86796688c4674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bb:e5:51:dc:3d:0d:af:af:06:c8:78:26:2b:
                    5c:2b:7b:0d:04:89:b0:13:b2:b1:e2:a3:e7:cc:86:
                    05:e5:b8:0d:36:86:c2:47:e6:8a:81:c3:0a:27:f6:
                    77:34:b4:d3:46:55:b0:c3:84:63:a3:cd:64:1e:c1:
                    e3:89:82:33:ca:0f:a4:1e:b2:cd:de:6d:0d:64:8a:
                    68:a9:f8:e6:8f:a7:97:ef:c6:14:19:e1:0a:ce:3a:
                    28:dd:6c:16:f1:7e:3f:62:b8:69:7b:74:91:bf:a2:
                    70:f3:2e:74:d7:0e:84:68:a0:96:ed:18:10:46:94:
                    1d:00:68:1d:a5:14:40:62:98:0c:be:50:da:4c:ea:
                    a0:7b:be:57:69:56:b9:45:d7:88:a8:2e:5e:cb:32:
                    20:d7:56:d7:99:e6:6d:ea:60:7b:fa:45:f1:c2:cd:
                    64:c5:34:b5:08:17:9e:d9:e7:7c:4b:1d:af:35:75:
                    13:0d:9b:c3:f6:75:b8:56:93:f8:61:7a:08:c7:64:
                    16:7e:89:f6:12:62:71:68:58:2d:09:e8:39:81:14:
                    e6:57:e7:df:83:27:08:3f:cd:f4:11:76:e3:11:31:
                    b1:ff:13:d7:e2:c6:d2:0c:d8:6e:ec:18:6e:54:c4:
                    26:ae:7e:61:3c:8d:b1:d6:0c:53:ea:92:0d:9d:77:
                    bc:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7C:68:84:33:B6:F2:6E:19:E9:96:3E:02:A8:67:96:68:8C:46:74
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:e2:73:4b:c6:fe:dd:90:ae:28:0e:89:6d:bd:2e:ec:8b:a0:
         05:64:5f:83:9c:8f:0d:63:61:4e:a7:77:06:d5:8f:c7:0d:e5:
         76:92:59:e9:94:06:54:7b:94:d3:00:bc:93:dd:08:55:e6:ff:
         dd:7e:ab:63:58:14:e9:c4:dd:bc:4f:91:79:22:43:93:61:84:
         06:f7:6d:8d:db:71:a9:e0:c5:23:b2:7e:4b:22:f4:35:14:61:
         89:db:9f:10:a2:c0:b3:6d:17:b5:b2:75:80:b0:18:98:6f:16:
         aa:b8:95:ae:fa:ac:3d:6d:2a:d1:5d:7a:84:5f:cd:e3:5a:e2:
         32:7a:df:f9:e1:ea:73:d4:e3:cc:57:df:27:0b:49:15:87:82:
         87:b8:6f:9f:4a:be:b6:3f:24:28:3f:f4:16:ea:6b:8c:86:e8:
         f2:53:96:5e:2b:2f:79:21:fe:83:ef:01:82:ed:05:d1:2e:ec:
         41:f4:0f:94:20:a0:03:ac:cc:b6:71:1c:73:94:70:7c:b1:f1:
         ff:99:59:11:c1:02:a9:db:f1:b9:2a:70:08:3e:97:ae:72:19:
         b1:2e:e9:e6:60:51:28:cd:66:84:69:07:79:59:4d:03:4a:61:
         44:d3:05:86:f2:84:e6:df:d2:d3:28:e1:e1:79:4a:17:92:d8:
         c2:13:16:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoTiUl1Sw7WOpCrxhaoU67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNjEzMDgwMDQxWhcNMjUwNjE0MDgwMDQxWjAzMTEwLwYDVQQD
EygyMTdjNjg4NDMzYjZmMjZlMTllOTk2M2UwMmE4Njc5NjY4OGM0Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27vlUdw9Da+vBsh4JitcK3sNBImw
E7Kx4qPnzIYF5bgNNobCR+aKgcMKJ/Z3NLTTRlWww4Rjo81kHsHjiYIzyg+kHrLN
3m0NZIpoqfjmj6eX78YUGeEKzjoo3WwW8X4/Yrhpe3SRv6Jw8y501w6EaKCW7RgQ
RpQdAGgdpRRAYpgMvlDaTOqge75XaVa5RdeIqC5eyzIg11bXmeZt6mB7+kXxws1k
xTS1CBee2ed8Sx2vNXUTDZvD9nW4VpP4YXoIx2QWfon2EmJxaFgtCeg5gRTmV+ff
gycIP830EXbjETGx/xPX4sbSDNhu7BhuVMQmrn5hPI2x1gxT6pINnXe82wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF8aIQztvJuGemWPgKoZ5ZojEZ0MB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANuJzS8b+
3ZCuKA6Jbb0u7IugBWRfg5yPDWNhTqd3BtWPxw3ldpJZ6ZQGVHuU0wC8k90IVeb/
3X6rY1gU6cTdvE+ReSJDk2GEBvdtjdtxqeDFI7J+SyL0NRRhidufEKLAs20XtbJ1
gLAYmG8WqriVrvqsPW0q0V16hF/N41riMnrf+eHqc9TjzFffJwtJFYeCh7hvn0q+
tj8kKD/0FuprjIbo8lOWXisveSH+g+8Bgu0F0S7sQfQPlCCgA6zMtnEcc5RwfLHx
/5lZEcECqdvxuSpwCD6XrnIZsS7p5mBRKM1mhGkHeVlNA0phRNMFhvKE5t/S0yjh
4XlKF5LYwhMWtg==
-----END CERTIFICATE-----