Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          59Nnv3kUuZ0WP1x0HN+2m7dEveQ4TnJphL4KaDm+mxo=
Subject key identifier:   0F:DA:1A:02:C3:04:5F:1F:E3:7F:A2:DB:7E:52:44:68:26:E3:D0:F2
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       019A4FCFE37A0C751860A75F86E61078D8B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0FEF
Signing time:             Tue 04 Nov 2025 17:00:15 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:15 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:15 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: ZXBbUmt72bWdx0GFTfRGc1vLLu82FJA4hxDoLqTKy/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:cf:e3:7a:0c:75:18:60:a7:5f:86:e6:10:78:d8:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Nov  4 17:00:15 2025 GMT
            Not After : Nov  5 17:00:15 2025 GMT
        Subject: CN=0fda1a02c3045f1fe37fa2db7e52446826e3d0f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0a:67:70:1a:b4:3a:4f:8b:a3:e6:3e:e1:c0:
                    51:ed:e5:e3:35:51:75:8f:3d:38:e1:c0:6d:39:f3:
                    6b:91:fb:20:36:cb:85:ce:72:3e:a8:ae:4f:ae:43:
                    2e:21:36:92:e3:70:3b:92:a4:c9:5d:53:d9:24:0e:
                    15:fe:23:af:4c:a9:66:af:92:45:49:62:c5:2e:bb:
                    33:c3:77:f6:8b:07:27:58:f9:10:d2:9a:f2:a7:e8:
                    08:a3:f2:04:12:87:fe:67:05:ee:36:51:4a:2c:e5:
                    8c:93:f6:93:69:8c:ad:a2:ad:22:cd:e9:6c:7c:4a:
                    06:88:11:38:8d:20:f6:ff:0e:0a:d6:f8:90:57:f9:
                    4e:99:9c:7f:ed:a6:41:2d:7e:d0:a9:62:b6:4d:51:
                    e7:8b:a3:4c:01:6e:e6:9f:4d:d0:18:2c:c9:f6:4a:
                    8a:fc:ae:63:24:57:28:08:96:7b:f7:01:18:bd:36:
                    18:c8:7a:e5:d5:48:e8:bf:02:90:95:f7:1e:d3:75:
                    37:ea:54:75:56:be:c2:20:b3:47:50:68:74:b9:3e:
                    61:31:15:ef:9e:55:b2:c6:ee:e5:c5:8e:7f:71:99:
                    8c:0a:bb:a6:5e:9c:e7:4e:f6:2c:9c:b9:5a:9d:a1:
                    23:5a:8b:51:3d:7a:79:91:1b:c3:bf:6e:65:29:f8:
                    a2:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:DA:1A:02:C3:04:5F:1F:E3:7F:A2:DB:7E:52:44:68:26:E3:D0:F2
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:be:96:14:7a:d3:88:99:d6:7e:a3:d6:12:76:17:75:de:d4:
         03:51:71:13:15:06:e0:56:e3:d4:87:cb:85:0c:11:ee:7f:00:
         2e:1e:5f:17:9b:78:0a:08:21:8f:5b:a1:27:62:be:dc:ab:76:
         57:47:5a:c1:ee:76:9e:07:e1:91:99:a1:cb:dd:e0:db:78:e6:
         dd:27:62:57:d3:9e:f1:01:70:42:5a:9d:cc:b9:f7:62:25:e7:
         cb:80:d6:02:f5:35:2d:8d:0b:4b:de:d7:d5:f1:f0:d0:53:fe:
         25:04:77:fc:35:57:cb:0b:2d:31:b5:af:5f:ed:13:ad:ae:2d:
         20:c8:6e:ef:4f:00:97:e3:02:8a:db:fd:49:5c:a7:21:39:8b:
         f3:9c:f9:55:d0:98:7f:ba:87:4a:3e:b0:08:00:b7:bc:64:2a:
         86:e4:ce:8b:f9:d7:a5:e3:d3:f2:04:ed:e5:a2:d9:62:4d:c9:
         98:2b:3d:7c:5c:79:e4:29:ad:5c:df:65:f4:05:87:cc:ed:52:
         28:4f:b4:a0:e5:46:3c:51:59:e8:59:71:54:f3:f0:22:98:b2:
         33:d8:6d:5d:cb:25:ff:cc:df:a8:bd:dd:8f:3a:fe:f3:0b:68:
         ac:f6:04:37:2e:0b:b1:45:11:77:91:a0:1c:35:16:7c:e0:f9:
         c5:84:61:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz+N6DHUYYKdfhuYQeNizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUxMTA0MTcwMDE1WhcNMjUxMTA1MTcwMDE1WjAzMTEwLwYDVQQD
EygwZmRhMWEwMmMzMDQ1ZjFmZTM3ZmEyZGI3ZTUyNDQ2ODI2ZTNkMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwpncBq0Ok+Lo+Y+4cBR7eXjNVF1
jz044cBtOfNrkfsgNsuFznI+qK5PrkMuITaS43A7kqTJXVPZJA4V/iOvTKlmr5JF
SWLFLrszw3f2iwcnWPkQ0pryp+gIo/IEEof+ZwXuNlFKLOWMk/aTaYytoq0izels
fEoGiBE4jSD2/w4K1viQV/lOmZx/7aZBLX7QqWK2TVHni6NMAW7mn03QGCzJ9kqK
/K5jJFcoCJZ79wEYvTYYyHrl1UjovwKQlfce03U36lR1Vr7CILNHUGh0uT5hMRXv
nlWyxu7lxY5/cZmMCrumXpznTvYsnLlanaEjWotRPXp5kRvDv25lKfiiEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/aGgLDBF8f43+i235SRGgm49DyMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxr6WFHrT
iJnWfqPWEnYXdd7UA1FxExUG4Fbj1IfLhQwR7n8ALh5fF5t4Cgghj1uhJ2K+3Kt2
V0dawe52ngfhkZmhy93g23jm3SdiV9Oe8QFwQlqdzLn3YiXny4DWAvU1LY0LS97X
1fHw0FP+JQR3/DVXywstMbWvX+0Tra4tIMhu708Al+MCitv9SVynITmL85z5VdCY
f7qHSj6wCAC3vGQqhuTOi/nXpePT8gTt5aLZYk3JmCs9fFx55CmtXN9l9AWHzO1S
KE+0oOVGPFFZ6FlxVPPwIpiyM9htXcsl/8zfqL3djzr+8wtorPYENy4LsUURd5Gg
HDUWfOD5xYRhDg==
-----END CERTIFICATE-----