Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          dvgF94ilok/RWqM/WBJnsRw/NY94jixHOXYC1mZaMx0=
Subject key identifier:   6C:97:E8:00:B9:D9:B3:46:A0:A6:50:50:A0:F6:CB:8D:41:43:D8:EE
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       019678D671F543D5D21E8C6E19DCF2358BC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0DF2
Signing time:             Sun 27 Apr 2025 20:00:41 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:41 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:41 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: MoCawv+Je9z/e6wXLimzCFzSnOJXLpUxWim4bxv109o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:71:f5:43:d5:d2:1e:8c:6e:19:dc:f2:35:8b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Apr 27 20:00:41 2025 GMT
            Not After : Apr 28 20:00:41 2025 GMT
        Subject: CN=6c97e800b9d9b346a0a65050a0f6cb8d4143d8ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8d:21:1f:da:ac:b6:4b:cc:a6:38:f5:40:76:
                    fa:4b:c8:d6:c3:d7:93:12:c1:2f:c2:11:4b:2b:23:
                    d4:7d:10:e1:8b:18:9d:ef:c1:ce:2d:7a:5d:64:12:
                    e5:a0:b0:de:cc:7c:dc:8a:2c:0a:62:5e:d3:4e:c3:
                    77:d3:fd:0a:ae:26:79:34:b1:14:1f:76:d2:69:b5:
                    11:43:39:b7:89:36:21:e0:59:b7:35:5a:80:2e:9a:
                    aa:c8:f0:52:d6:8a:60:26:f4:77:d4:59:42:47:ae:
                    b3:c0:ba:5b:6b:7f:ca:58:6f:89:91:00:70:c5:cd:
                    b6:e4:58:20:50:01:35:8d:57:64:29:ba:c2:ed:02:
                    9d:e4:11:20:af:68:6e:47:7c:a7:b2:0a:1c:c2:6b:
                    7d:52:98:e6:0f:7e:01:b0:22:66:49:1e:c0:7c:61:
                    69:85:99:49:e7:f7:af:b4:17:44:4c:a9:65:a9:70:
                    a6:4a:27:ff:ec:98:5b:04:08:24:5c:ad:14:0e:18:
                    b4:ef:c0:ee:80:b7:52:e3:cc:a0:26:1a:d5:95:4a:
                    22:bb:e9:0e:b9:9e:c1:08:94:98:fa:b7:90:5a:45:
                    4e:66:2f:59:12:69:2e:f6:e7:f1:e0:ed:e8:76:0e:
                    24:e9:42:d9:07:8d:74:73:5c:9e:e4:13:b3:84:c8:
                    6d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:97:E8:00:B9:D9:B3:46:A0:A6:50:50:A0:F6:CB:8D:41:43:D8:EE
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:12:1e:0b:46:fd:e0:33:6a:86:be:8c:90:47:30:4b:7f:4e:
         5e:ed:5a:0d:93:44:3c:b9:d2:67:0f:3b:1e:64:3a:67:6e:2a:
         07:83:72:6c:0b:ee:29:5f:d0:86:8b:2a:07:17:0a:34:6d:ab:
         3e:f3:67:e1:76:84:39:66:28:e7:7c:22:c3:62:54:10:e7:88:
         f1:fc:32:2c:0f:02:10:3f:de:55:5e:be:52:e6:54:d5:b9:d7:
         85:11:f8:04:0a:df:24:9d:99:f9:93:8f:10:7b:28:ab:24:19:
         20:4c:21:64:1a:de:d7:3b:ef:15:1b:a9:24:5c:2b:a8:88:19:
         bc:8c:72:71:21:2e:9a:d8:2a:c9:90:69:fb:2e:14:f0:ce:f4:
         20:a9:3f:1c:cc:dc:29:ed:89:1d:05:7a:f5:0f:1e:a3:25:c1:
         f3:28:ce:95:19:97:fa:bf:48:24:46:ca:63:97:4f:13:ba:c4:
         a9:87:79:c2:d3:ef:2b:da:c0:8f:47:76:b0:5c:23:ba:91:86:
         1f:65:4d:89:da:cd:13:42:67:8b:14:f9:36:ad:99:9c:10:71:
         9e:b0:a7:cc:40:63:9d:17:1b:74:b7:d3:c8:74:64:7e:5e:56:
         81:e8:2d:66:76:2c:71:50:d1:b2:10:de:c9:01:d6:66:51:24:
         01:24:8d:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41nH1Q9XSHoxuGdzyNYvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwNDI3MjAwMDQxWhcNMjUwNDI4MjAwMDQxWjAzMTEwLwYDVQQD
Eyg2Yzk3ZTgwMGI5ZDliMzQ2YTBhNjUwNTBhMGY2Y2I4ZDQxNDNkOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro0hH9qstkvMpjj1QHb6S8jWw9eT
EsEvwhFLKyPUfRDhixid78HOLXpdZBLloLDezHzciiwKYl7TTsN30/0KriZ5NLEU
H3bSabURQzm3iTYh4Fm3NVqALpqqyPBS1opgJvR31FlCR66zwLpba3/KWG+JkQBw
xc225FggUAE1jVdkKbrC7QKd5BEgr2huR3ynsgocwmt9UpjmD34BsCJmSR7AfGFp
hZlJ5/evtBdETKllqXCmSif/7JhbBAgkXK0UDhi078DugLdS48ygJhrVlUoiu+kO
uZ7BCJSY+reQWkVOZi9ZEmku9ufx4O3odg4k6ULZB410c1ye5BOzhMht5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyX6AC52bNGoKZQUKD2y41BQ9juMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzRIeC0b9
4DNqhr6MkEcwS39OXu1aDZNEPLnSZw87HmQ6Z24qB4NybAvuKV/QhosqBxcKNG2r
PvNn4XaEOWYo53wiw2JUEOeI8fwyLA8CED/eVV6+UuZU1bnXhRH4BArfJJ2Z+ZOP
EHsoqyQZIEwhZBre1zvvFRupJFwrqIgZvIxycSEumtgqyZBp+y4U8M70IKk/HMzc
Ke2JHQV69Q8eoyXB8yjOlRmX+r9IJEbKY5dPE7rEqYd5wtPvK9rAj0d2sFwjupGG
H2VNidrNE0JnixT5Nq2ZnBBxnrCnzEBjnRcbdLfTyHRkfl5WgegtZnYscVDRshDe
yQHWZlEkASSN5Q==
-----END CERTIFICATE-----