Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          z0mNVdaB+1Wi/pQgBTFhH6WQlUNLI1r4mINCgR8/zfc=
Subject key identifier:   C0:D0:61:BF:4E:F6:B3:BC:9D:88:63:1A:2C:F5:1A:32:80:A6:55:02
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       01967C7C6EC27BE3238A1C72AFB5756FED98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          150E
Signing time:             Mon 28 Apr 2025 13:00:51 +0000
Manifest this update:     Mon 28 Apr 2025 13:00:51 +0000
Manifest next update:     Tue 29 Apr 2025 13:00:51 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: BEp4ut+hmBbkrBTrFujh0/sMJyQ/o/h1jBKXU22z8Ws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 13:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:7c:6e:c2:7b:e3:23:8a:1c:72:af:b5:75:6f:ed:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Apr 28 13:00:51 2025 GMT
            Not After : Apr 29 13:00:51 2025 GMT
        Subject: CN=c0d061bf4ef6b3bc9d88631a2cf51a3280a65502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:4d:27:d6:5c:8a:c2:a4:38:27:a7:73:d4:cc:
                    88:e1:79:c3:2c:cf:a3:3b:cb:f7:24:7c:b4:9c:f4:
                    db:19:9f:a9:5f:d5:76:95:a8:28:ea:43:98:49:99:
                    db:35:1d:a3:c3:17:11:39:a7:5c:e6:e8:cb:7b:e7:
                    83:89:d9:09:6e:00:34:65:96:9d:12:af:82:ac:c2:
                    9c:fc:8a:ed:02:c3:8b:98:a8:53:6f:44:48:e7:b1:
                    73:e2:d7:41:ef:14:b5:71:67:fa:4e:01:e9:1a:b6:
                    2c:83:39:7d:7f:79:88:ae:2c:10:78:05:d9:fa:c4:
                    17:a4:c2:92:05:77:0c:51:c8:5a:97:22:4c:7d:4d:
                    b2:38:6c:d7:91:ed:99:47:5b:49:b0:38:b6:8d:cf:
                    ea:82:93:7a:44:32:33:21:f5:26:53:4b:53:c6:bd:
                    72:96:3e:66:5f:5d:11:d6:b8:59:c7:b4:de:57:d4:
                    99:f9:2e:bc:70:d8:6e:d3:f7:d3:ba:fa:8f:f2:1b:
                    0b:69:ab:11:4b:9b:4b:b9:9b:d4:b7:d6:a9:af:b5:
                    fe:e7:99:2e:33:2c:fc:48:3b:94:64:71:5c:0f:5a:
                    24:b8:a6:c0:de:1c:f2:ca:fa:51:7d:99:56:52:23:
                    94:10:10:de:6a:fe:73:c3:8d:73:75:40:9c:ff:98:
                    6c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:D0:61:BF:4E:F6:B3:BC:9D:88:63:1A:2C:F5:1A:32:80:A6:55:02
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:d2:91:d6:6b:92:08:84:cf:37:6c:26:d5:43:ab:de:3f:3e:
         eb:f9:6f:74:a3:a9:15:8a:39:5d:17:fe:b3:16:84:19:52:d2:
         b5:1a:94:f6:55:2f:60:eb:90:63:0e:58:5e:81:61:e7:f8:0a:
         61:f4:5c:68:ca:a5:f0:21:75:cb:cc:e0:79:01:fd:ab:25:e9:
         bb:22:0e:af:b6:e2:aa:27:5a:eb:d0:6f:b6:81:ef:28:aa:f6:
         01:b2:f1:63:32:e6:80:26:fb:9c:f3:8d:26:e1:cf:31:20:e1:
         73:76:11:ab:60:30:9f:a4:b4:67:e5:c8:27:fb:ae:77:70:f1:
         99:99:33:c1:b4:0b:98:45:2c:3d:e7:f0:69:ef:43:a0:51:64:
         35:45:35:be:e0:1e:2e:ca:8d:3b:78:02:ec:d7:e5:d0:28:7f:
         23:a6:03:6b:8e:ed:35:ee:9f:51:11:a1:75:58:43:33:82:a8:
         ba:13:6c:c1:a5:df:b9:88:cf:b7:d7:02:2b:12:47:e0:be:be:
         3d:ef:cc:13:c3:7f:e4:fe:87:4b:b1:f9:53:73:f8:53:3d:5d:
         c8:38:4b:71:a7:12:a2:b2:c4:aa:51:ec:9d:2a:05:f7:33:b8:
         1a:10:3d:2b:9f:d3:f3:6d:b1:89:05:a6:6d:9c:56:6b:ac:2f:
         00:9e:89:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8fG7Ce+Mjihxyr7V1b+2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwNDI4MTMwMDUxWhcNMjUwNDI5MTMwMDUxWjAzMTEwLwYDVQQD
EyhjMGQwNjFiZjRlZjZiM2JjOWQ4ODYzMWEyY2Y1MWEzMjgwYTY1NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk0n1lyKwqQ4J6dz1MyI4XnDLM+j
O8v3JHy0nPTbGZ+pX9V2lago6kOYSZnbNR2jwxcROadc5ujLe+eDidkJbgA0ZZad
Eq+CrMKc/IrtAsOLmKhTb0RI57Fz4tdB7xS1cWf6TgHpGrYsgzl9f3mIriwQeAXZ
+sQXpMKSBXcMUchalyJMfU2yOGzXke2ZR1tJsDi2jc/qgpN6RDIzIfUmU0tTxr1y
lj5mX10R1rhZx7TeV9SZ+S68cNhu0/fTuvqP8hsLaasRS5tLuZvUt9apr7X+55ku
Myz8SDuUZHFcD1okuKbA3hzyyvpRfZlWUiOUEBDeav5zw41zdUCc/5hs6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDQYb9O9rO8nYhjGiz1GjKAplUCMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9KR1muS
CITPN2wm1UOr3j8+6/lvdKOpFYo5XRf+sxaEGVLStRqU9lUvYOuQYw5YXoFh5/gK
YfRcaMql8CF1y8zgeQH9qyXpuyIOr7biqida69BvtoHvKKr2AbLxYzLmgCb7nPON
JuHPMSDhc3YRq2Awn6S0Z+XIJ/uud3DxmZkzwbQLmEUsPefwae9DoFFkNUU1vuAe
LsqNO3gC7Nfl0Ch/I6YDa47tNe6fURGhdVhDM4KouhNswaXfuYjPt9cCKxJH4L6+
Pe/ME8N/5P6HS7H5U3P4Uz1dyDhLcacSorLEqlHsnSoF9zO4GhA9K5/T822xiQWm
bZxWa6wvAJ6JPA==
-----END CERTIFICATE-----