Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          /CzmgvaAAAPcZ6GVvqJrXUZsXDPqEmJUR8YbnhFVIyw=
Subject key identifier:   A7:25:75:E5:63:FA:D6:A7:9B:FE:A5:E4:19:2A:89:58:8E:27:0E:07
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       019676B0F8CAA015DA0346DA446BCECC6D0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 10:00:31 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:31 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:31 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: Qe+cuUc8YXCIcWQLYi+/fHIXjxG5VLwKdntIq8w3eKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:f8:ca:a0:15:da:03:46:da:44:6b:ce:cc:6d:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Apr 27 10:00:31 2025 GMT
            Not After : Apr 28 10:00:31 2025 GMT
        Subject: CN=a72575e563fad6a79bfea5e4192a89588e270e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:52:d8:90:48:58:79:e0:e1:6d:75:4c:59:07:
                    1b:2b:7a:e8:c0:31:b5:0f:72:c2:61:10:d9:9c:49:
                    bd:cc:4b:fc:9f:1a:9c:fa:a1:f0:fc:71:c6:46:9e:
                    43:22:cf:9e:17:55:c1:95:b2:c2:c0:51:20:ac:4f:
                    de:c5:47:ba:d0:6d:2b:e2:de:29:1b:9b:88:32:2a:
                    a8:27:82:e9:af:77:3f:6b:84:eb:8e:7a:03:68:a8:
                    41:63:25:2b:cc:b9:15:c8:4c:04:bc:11:e2:62:8f:
                    16:78:a2:63:0a:14:24:9c:d5:9b:b9:95:f6:f6:c7:
                    11:d9:1a:13:fe:0f:e8:93:34:ca:ab:88:47:59:5e:
                    b8:20:f0:b6:5e:f5:21:84:5c:b2:ae:fe:d2:a8:f3:
                    83:89:21:3a:d5:eb:90:c6:43:1e:26:07:3a:3d:60:
                    31:dc:2e:92:24:46:fc:d6:72:b9:fd:8e:96:d4:a0:
                    b1:e3:8a:b5:5e:2f:3e:18:9d:bd:49:e4:4b:21:fe:
                    7d:c0:8e:39:98:53:85:53:bc:72:3b:72:c1:29:b7:
                    cd:79:36:34:bf:67:8d:6a:c7:9b:ec:ce:51:f8:3d:
                    6e:82:09:87:f5:09:e6:e2:e0:0a:fe:84:7a:5e:a0:
                    08:07:ed:24:c6:9b:d1:24:8c:5f:a1:cf:de:50:c8:
                    9c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:25:75:E5:63:FA:D6:A7:9B:FE:A5:E4:19:2A:89:58:8E:27:0E:07
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:ae:6a:bb:2a:12:68:43:e8:c7:80:3e:39:7a:63:03:6f:c9:
         b2:1f:16:41:e3:77:2f:9b:32:4d:89:cf:ca:d1:43:9a:b1:dd:
         2d:ec:9d:79:ca:c0:9c:e4:09:99:1f:5e:3a:aa:c3:f6:7f:0b:
         f8:93:e9:0e:30:d3:55:3c:d8:fe:b2:49:20:0b:38:6b:03:b5:
         b6:27:6f:5e:c9:e5:e7:80:8d:a0:eb:9a:f6:67:fe:45:11:f2:
         44:5d:b6:65:a5:79:d2:54:4f:8a:de:99:5d:72:73:3a:c4:68:
         2f:94:7c:c2:a1:d6:5a:72:39:8e:8e:5f:cd:4f:05:91:e0:9a:
         43:c5:fe:5f:32:f0:8c:9c:7a:ed:32:24:d0:85:c2:14:00:00:
         79:2b:65:bb:85:a1:2e:11:74:96:17:c3:ef:34:25:a5:0f:ac:
         3a:f6:9b:89:de:53:c9:45:a5:f8:29:1c:75:8b:44:73:e6:38:
         dd:ae:34:a8:46:ff:23:60:4a:fb:ad:5f:d8:a7:55:0f:4b:d4:
         9f:ab:87:f8:4a:e1:ba:75:3f:83:d7:ae:3d:60:84:cf:b4:af:
         1b:ce:06:04:0a:ae:4e:76:f7:29:de:f0:ae:66:9c:70:df:b6:
         99:eb:94:ba:90:a4:6c:b0:b3:0c:31:a9:4b:c2:e7:bc:0d:07:
         7d:b3:9d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sPjKoBXaA0baRGvOzG0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjUwNDI3MTAwMDMxWhcNMjUwNDI4MTAwMDMxWjAzMTEwLwYDVQQD
EyhhNzI1NzVlNTYzZmFkNmE3OWJmZWE1ZTQxOTJhODk1ODhlMjcwZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVLYkEhYeeDhbXVMWQcbK3rowDG1
D3LCYRDZnEm9zEv8nxqc+qHw/HHGRp5DIs+eF1XBlbLCwFEgrE/exUe60G0r4t4p
G5uIMiqoJ4Lpr3c/a4TrjnoDaKhBYyUrzLkVyEwEvBHiYo8WeKJjChQknNWbuZX2
9scR2RoT/g/okzTKq4hHWV64IPC2XvUhhFyyrv7SqPODiSE61euQxkMeJgc6PWAx
3C6SJEb81nK5/Y6W1KCx44q1Xi8+GJ29SeRLIf59wI45mFOFU7xyO3LBKbfNeTY0
v2eNaseb7M5R+D1uggmH9Qnm4uAK/oR6XqAIB+0kxpvRJIxfoc/eUMicRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKcldeVj+tanm/6l5BkqiViOJw4HMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf65quyoS
aEPox4A+OXpjA2/Jsh8WQeN3L5syTYnPytFDmrHdLeydecrAnOQJmR9eOqrD9n8L
+JPpDjDTVTzY/rJJIAs4awO1tidvXsnl54CNoOua9mf+RRHyRF22ZaV50lRPit6Z
XXJzOsRoL5R8wqHWWnI5jo5fzU8FkeCaQ8X+XzLwjJx67TIk0IXCFAAAeStlu4Wh
LhF0lhfD7zQlpQ+sOvabid5TyUWl+CkcdYtEc+Y43a40qEb/I2BK+61f2KdVD0vU
n6uH+ErhunU/g9euPWCEz7SvG84GBAquTnb3Kd7wrmaccN+2meuUupCkbLCzDDGp
S8LnvA0HfbOdBg==
-----END CERTIFICATE-----