Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          JX4LSvWGCyM3aUujBww0cGvnCw3RdVrEg1MV+K5zw7A=
Subject key identifier:   69:9E:D6:12:AF:E3:54:9A:96:93:DA:CE:2A:E1:89:54:47:B3:34:F9
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0194BA844981B14D8871DA67528338604F89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1425
Signing time:             Fri 31 Jan 2025 04:00:19 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:19 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:19 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: WeqrNEIHo+i7J5IS1xe5Qiy5FDlqBAqh9HhbbKB+MQo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:49:81:b1:4d:88:71:da:67:52:83:38:60:4f:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Jan 31 04:00:19 2025 GMT
            Not After : Feb  1 04:00:19 2025 GMT
        Subject: CN=699ed612afe3549a9693dace2ae1895447b334f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:67:ec:33:cb:7c:52:71:85:4a:b0:99:6e:4c:
                    7f:d3:05:c0:01:19:70:ec:0e:b1:40:a8:9d:62:1c:
                    c4:21:f2:30:d4:78:65:1f:08:69:bb:f2:cf:b1:66:
                    53:03:ed:a2:70:d2:48:ca:a3:41:3b:04:2d:1f:fc:
                    df:f3:87:ac:ba:d0:c8:9b:a1:c7:ae:ae:f6:44:05:
                    f6:44:9f:3b:6b:4a:82:0b:f6:0d:80:3c:93:46:db:
                    d5:e0:4c:37:3e:f9:65:e5:22:d6:67:9c:8e:12:d1:
                    3b:3a:d2:d2:26:01:bf:45:60:1e:b7:2f:99:ea:2d:
                    24:92:6d:24:c5:06:8e:9b:48:a3:e8:77:e0:d6:82:
                    d4:0f:4e:dd:f7:d6:d6:e5:4e:47:c0:7f:b8:78:39:
                    06:7d:d3:3e:69:c3:b8:3b:1e:58:cc:f5:03:82:a8:
                    1d:57:7d:74:d3:30:2f:ef:ca:eb:33:c2:7d:1a:cd:
                    43:85:4d:95:42:f7:a7:31:70:db:44:8d:ad:63:f6:
                    77:ba:42:df:37:6b:65:28:89:9e:4f:ad:d2:48:da:
                    e5:bd:d1:db:cb:75:3f:42:f1:70:d7:2d:41:af:97:
                    68:d1:75:89:cd:cf:99:2c:49:e3:2e:c6:49:15:c2:
                    9b:14:16:b3:cd:b9:08:d0:73:96:bf:4d:f2:6c:ef:
                    95:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:9E:D6:12:AF:E3:54:9A:96:93:DA:CE:2A:E1:89:54:47:B3:34:F9
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:c5:f9:14:e3:d7:f5:38:41:64:8d:8a:d4:39:f9:31:3a:e7:
         11:96:0c:48:78:f1:f7:57:f3:de:bb:6d:b7:0e:51:cb:45:ea:
         a0:37:ec:8d:d8:93:d5:fa:07:6e:6e:a5:46:89:31:0c:40:75:
         f6:07:50:9c:b1:97:97:e8:49:76:4a:fb:e9:bd:79:9b:21:1a:
         2f:aa:61:3d:d9:9c:34:c6:be:1f:44:80:61:2d:98:f0:97:85:
         8b:51:25:a2:a4:35:7a:01:23:ce:62:f5:26:21:be:d5:77:07:
         3d:67:7d:18:bb:b9:b8:81:59:33:b8:7d:04:20:58:bd:37:d2:
         ac:16:89:0b:26:2e:03:23:01:d9:71:2d:40:2d:64:06:53:30:
         77:fa:29:36:fc:65:48:0b:98:97:7c:f4:e5:55:d6:1e:de:e6:
         c7:09:16:dd:c9:39:af:da:ac:76:96:13:30:ab:21:40:d3:dd:
         d5:ff:b1:e8:0d:66:7d:88:2a:22:c6:5b:64:41:df:2e:41:53:
         48:2a:a6:84:3b:5a:e8:ad:35:02:08:e9:2b:5b:ec:48:66:1f:
         9d:0e:7d:1e:8b:12:8c:c7:f4:28:a0:b0:22:ff:12:7d:e8:2b:
         20:a6:d3:db:f0:a3:42:41:a0:0b:ae:4a:40:b4:5a:d1:38:d4:
         4b:5a:18:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hEmBsU2IcdpnUoM4YE+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwMTMxMDQwMDE5WhcNMjUwMjAxMDQwMDE5WjAzMTEwLwYDVQQD
Eyg2OTllZDYxMmFmZTM1NDlhOTY5M2RhY2UyYWUxODk1NDQ3YjMzNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GfsM8t8UnGFSrCZbkx/0wXAARlw
7A6xQKidYhzEIfIw1HhlHwhpu/LPsWZTA+2icNJIyqNBOwQtH/zf84esutDIm6HH
rq72RAX2RJ87a0qCC/YNgDyTRtvV4Ew3Pvll5SLWZ5yOEtE7OtLSJgG/RWAety+Z
6i0kkm0kxQaOm0ij6Hfg1oLUD07d99bW5U5HwH+4eDkGfdM+acO4Ox5YzPUDgqgd
V3100zAv78rrM8J9Gs1DhU2VQvenMXDbRI2tY/Z3ukLfN2tlKImeT63SSNrlvdHb
y3U/QvFw1y1Br5do0XWJzc+ZLEnjLsZJFcKbFBazzbkI0HOWv03ybO+VeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGme1hKv41SalpPazirhiVRHszT5MB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVsX5FOPX
9ThBZI2K1Dn5MTrnEZYMSHjx91fz3rtttw5Ry0XqoDfsjdiT1foHbm6lRokxDEB1
9gdQnLGXl+hJdkr76b15myEaL6phPdmcNMa+H0SAYS2Y8JeFi1EloqQ1egEjzmL1
JiG+1XcHPWd9GLu5uIFZM7h9BCBYvTfSrBaJCyYuAyMB2XEtQC1kBlMwd/opNvxl
SAuYl3z05VXWHt7mxwkW3ck5r9qsdpYTMKshQNPd1f+x6A1mfYgqIsZbZEHfLkFT
SCqmhDta6K01AgjpK1vsSGYfnQ59HosSjMf0KKCwIv8SfegrIKbT2/CjQkGgC65K
QLRa0TjUS1oYSw==
-----END CERTIFICATE-----