Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          LccQYDiPwHBpWRseU8cWINVIoEEfm94de7XXpXT8H1U=
Subject key identifier:   D8:47:23:EE:00:DA:10:7F:A9:0A:30:E1:09:64:CB:0A:E2:4C:AA:71
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       0198843116E0D41005E5738264BFBBB77199
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0F01
Signing time:             Thu 07 Aug 2025 11:01:06 +0000
Manifest this update:     Thu 07 Aug 2025 11:01:06 +0000
Manifest next update:     Fri 08 Aug 2025 11:01:06 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: Zv4rFlxhtQqnVFdcyFULNxu/80Gz5oAlPdSql5buVRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 11:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:84:31:16:e0:d4:10:05:e5:73:82:64:bf:bb:b7:71:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Aug  7 11:01:06 2025 GMT
            Not After : Aug  8 11:01:06 2025 GMT
        Subject: CN=d84723ee00da107fa90a30e10964cb0ae24caa71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2d:ad:d5:c9:66:52:0c:dd:9d:2c:5a:28:9f:
                    3f:3b:10:01:97:af:0a:0b:c4:23:f6:f7:b8:db:41:
                    66:b7:06:e8:a1:dd:46:36:20:f7:59:dd:d4:34:1e:
                    5e:4d:05:84:6a:83:bc:d0:84:1a:4d:0a:43:b4:80:
                    03:62:db:3f:18:8d:0e:e1:cf:17:dd:26:66:22:dd:
                    d8:63:2c:c2:d8:d4:d9:f5:63:6b:0a:1e:ac:49:7a:
                    e2:fd:81:de:3d:d1:ff:90:ae:8b:71:8c:c1:5c:50:
                    f1:c8:bc:4d:85:80:2f:bd:05:03:e3:13:a9:c2:6c:
                    76:6b:7c:e4:ea:92:28:ef:96:e1:e6:46:00:c8:69:
                    54:b2:ca:53:da:89:f5:ba:15:45:56:be:3e:f0:3c:
                    11:eb:e7:97:df:7d:8a:f6:1e:0f:89:3b:04:79:3e:
                    6f:ee:42:29:2c:1a:c3:68:10:12:78:a9:76:f3:14:
                    ac:3e:61:17:04:5c:5f:3f:47:5c:a8:72:21:41:ae:
                    28:7f:3c:f5:9a:3a:44:19:ae:24:5e:50:f8:d2:6e:
                    16:75:f5:b2:ab:6d:9b:51:85:a8:73:c8:d0:e0:bc:
                    a6:79:89:85:ed:d1:68:cf:bb:88:db:08:bc:c6:ab:
                    0f:fd:da:40:bf:f9:de:06:9f:17:72:30:54:2d:ff:
                    fb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:47:23:EE:00:DA:10:7F:A9:0A:30:E1:09:64:CB:0A:E2:4C:AA:71
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:5c:8e:6c:8c:65:c7:f4:e3:40:99:7f:54:70:c4:ea:08:57:
         4d:1d:74:c0:61:f6:a9:59:3c:a3:0a:27:9a:92:9c:90:b7:a2:
         00:f4:f8:7c:b0:0a:9f:c1:66:0d:82:d4:92:9a:ea:42:34:04:
         8e:a4:c4:34:d4:d3:f0:0f:56:7c:fb:9d:bc:95:85:85:23:18:
         21:f6:6e:26:71:03:53:6c:ae:8e:9f:ab:4a:b7:cc:7f:eb:f3:
         16:e1:7c:ed:c5:34:95:d3:77:59:01:c7:84:d0:aa:70:d3:bd:
         93:01:bb:12:6d:77:ae:cc:06:13:11:8d:54:b5:2c:c3:b6:13:
         30:b4:3d:86:f4:83:a8:8b:21:7b:52:3c:c8:0b:ee:cd:bb:69:
         bc:1c:1f:8e:83:6f:c7:27:05:82:c4:41:64:66:13:03:00:e2:
         b5:96:63:3c:90:28:09:4b:c7:6a:18:78:a3:36:5b:11:63:f9:
         07:63:6f:f1:46:20:4a:ed:58:08:bd:84:ba:ae:63:e7:79:35:
         06:a4:43:8f:9c:8d:ff:0a:3c:d6:78:10:b2:b7:78:e2:f5:bf:
         e0:ab:19:f5:e2:0f:6b:df:d0:c8:3f:f1:02:cc:b7:72:88:48:
         bc:0a:01:4a:b7:e3:ec:bc:c7:a6:12:23:e6:10:00:37:79:8b:
         c9:23:85:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiEMRbg1BAF5XOCZL+7t3GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjUwODA3MTEwMTA2WhcNMjUwODA4MTEwMTA2WjAzMTEwLwYDVQQD
EyhkODQ3MjNlZTAwZGExMDdmYTkwYTMwZTEwOTY0Y2IwYWUyNGNhYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC2t1clmUgzdnSxaKJ8/OxABl68K
C8Qj9ve420Fmtwbood1GNiD3Wd3UNB5eTQWEaoO80IQaTQpDtIADYts/GI0O4c8X
3SZmIt3YYyzC2NTZ9WNrCh6sSXri/YHePdH/kK6LcYzBXFDxyLxNhYAvvQUD4xOp
wmx2a3zk6pIo75bh5kYAyGlUsspT2on1uhVFVr4+8DwR6+eX332K9h4PiTsEeT5v
7kIpLBrDaBASeKl28xSsPmEXBFxfP0dcqHIhQa4ofzz1mjpEGa4kXlD40m4WdfWy
q22bUYWoc8jQ4LymeYmF7dFoz7uI2wi8xqsP/dpAv/neBp8XcjBULf/7XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhHI+4A2hB/qQow4QlkywriTKpxMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1yObIxl
x/TjQJl/VHDE6ghXTR10wGH2qVk8owonmpKckLeiAPT4fLAKn8FmDYLUkprqQjQE
jqTENNTT8A9WfPudvJWFhSMYIfZuJnEDU2yujp+rSrfMf+vzFuF87cU0ldN3WQHH
hNCqcNO9kwG7Em13rswGExGNVLUsw7YTMLQ9hvSDqIshe1I8yAvuzbtpvBwfjoNv
xycFgsRBZGYTAwDitZZjPJAoCUvHahh4ozZbEWP5B2Nv8UYgSu1YCL2Euq5j53k1
BqRDj5yN/wo81ngQsrd44vW/4KsZ9eIPa9/QyD/xAsy3cohIvAoBSrfj7LzHphIj
5hAAN3mLySOFdw==
-----END CERTIFICATE-----