Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          e0EVCl2WyAD+z4IoXHg6X1GZpMxadZTazarvsP+4l1I=
Subject key identifier:   1B:45:53:B2:CC:2E:A5:E6:75:46:C2:55:2A:E3:0F:6F:C8:99:65:56
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       01976FD0DE4C9B6184BBB11F042890A17322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 19:00:48 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:48 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:48 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: QwBdcsG8MFKfMTWMuWuIyS/Hf1XgetghsDGBS2IJF6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:de:4c:9b:61:84:bb:b1:1f:04:28:90:a1:73:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Jun 14 19:00:48 2025 GMT
            Not After : Jun 15 19:00:48 2025 GMT
        Subject: CN=1b4553b2cc2ea5e67546c2552ae30f6fc8996556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:71:50:eb:fe:33:6d:3b:5b:3c:07:86:9a:d3:
                    e7:6c:46:ac:c4:80:57:1f:f7:3a:2b:7d:2d:f5:6a:
                    7f:c9:ab:fd:00:bf:1e:ac:01:f0:58:e5:09:c3:dd:
                    d9:41:d3:4a:2f:67:0c:90:d6:b4:34:ab:49:3f:0c:
                    2c:98:92:fa:a5:a9:d4:85:2d:26:ab:aa:72:5c:61:
                    f5:28:94:97:32:58:04:ed:98:6f:3e:ca:9d:fe:1f:
                    01:f8:43:83:54:c8:da:8c:b9:3a:aa:82:49:80:61:
                    d2:0b:2d:c8:c0:72:09:e0:6d:18:6a:c9:96:59:68:
                    93:7c:be:69:ab:d4:36:ca:bd:51:b2:6b:c5:c8:e9:
                    84:0b:54:a2:20:db:05:e1:d9:96:76:08:02:b3:80:
                    5e:d3:11:5b:06:01:f3:ba:46:f2:9c:d6:21:37:10:
                    da:94:ed:05:6c:ca:a2:f8:3e:4b:fb:e9:57:8e:75:
                    28:d3:98:09:c9:f7:91:1d:c5:97:68:51:96:ac:35:
                    67:e1:04:ff:8e:76:a0:75:d9:b9:f7:62:ae:05:96:
                    6f:e5:fd:86:d1:8c:9d:5d:ae:60:f3:34:95:0c:b0:
                    20:5c:22:5e:4f:6d:c9:af:e0:10:dd:eb:da:77:f1:
                    41:cf:e8:1f:87:50:34:08:88:99:fa:3d:c0:20:ce:
                    f6:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:45:53:B2:CC:2E:A5:E6:75:46:C2:55:2A:E3:0F:6F:C8:99:65:56
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:15:86:ab:00:75:ad:73:2e:5c:38:41:e7:92:90:10:cb:b3:
         f6:66:67:39:58:a3:1c:fe:75:2b:95:89:47:0c:ba:56:96:cb:
         d4:db:5c:2c:3f:c0:22:00:6a:bb:f3:68:85:25:d7:25:e7:48:
         56:ec:5c:e6:46:0b:2c:08:19:b3:85:5b:76:7f:50:31:b0:de:
         f8:9a:2f:1f:4d:71:5b:58:a8:95:47:d9:57:8b:cf:65:85:aa:
         6f:28:b0:95:f7:69:37:f6:da:7d:56:1b:0f:c3:02:8e:9d:78:
         87:a5:14:cf:d2:53:45:b1:7c:51:1c:53:ec:67:18:a8:59:e6:
         ab:56:ac:0e:61:ac:3e:c2:c7:a7:3b:3a:e0:71:75:f8:44:3d:
         87:6c:99:ae:52:aa:81:28:5e:75:14:85:9b:d8:ce:73:7a:6c:
         5c:7a:fb:a7:61:5e:97:0d:3b:d1:4f:5c:24:4e:a0:d0:09:1d:
         a2:ac:3c:b7:24:d5:d4:01:eb:6a:e2:9d:86:9b:71:69:f6:8f:
         b0:a6:56:4d:8b:2e:94:9b:c3:5d:52:00:2a:e9:77:eb:24:86:
         c8:fa:c4:35:85:52:b8:ef:3a:37:e2:dd:ed:c7:67:dc:64:ee:
         81:b4:c8:f2:01:61:95:36:84:16:3a:1b:4a:bc:04:fe:0b:4f:
         2d:0f:53:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0N5Mm2GEu7EfBCiQoXMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwNjE0MTkwMDQ4WhcNMjUwNjE1MTkwMDQ4WjAzMTEwLwYDVQQD
EygxYjQ1NTNiMmNjMmVhNWU2NzU0NmMyNTUyYWUzMGY2ZmM4OTk2NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HFQ6/4zbTtbPAeGmtPnbEasxIBX
H/c6K30t9Wp/yav9AL8erAHwWOUJw93ZQdNKL2cMkNa0NKtJPwwsmJL6panUhS0m
q6pyXGH1KJSXMlgE7ZhvPsqd/h8B+EODVMjajLk6qoJJgGHSCy3IwHIJ4G0YasmW
WWiTfL5pq9Q2yr1RsmvFyOmEC1SiINsF4dmWdggCs4Be0xFbBgHzukbynNYhNxDa
lO0FbMqi+D5L++lXjnUo05gJyfeRHcWXaFGWrDVn4QT/jnagddm592KuBZZv5f2G
0YydXa5g8zSVDLAgXCJeT23Jr+AQ3evad/FBz+gfh1A0CIiZ+j3AIM72rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtFU7LMLqXmdUbCVSrjD2/ImWVWMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORWGqwB1
rXMuXDhB55KQEMuz9mZnOVijHP51K5WJRwy6VpbL1NtcLD/AIgBqu/NohSXXJedI
Vuxc5kYLLAgZs4Vbdn9QMbDe+JovH01xW1iolUfZV4vPZYWqbyiwlfdpN/bafVYb
D8MCjp14h6UUz9JTRbF8URxT7GcYqFnmq1asDmGsPsLHpzs64HF1+EQ9h2yZrlKq
gShedRSFm9jOc3psXHr7p2Felw070U9cJE6g0Akdoqw8tyTV1AHrauKdhptxafaP
sKZWTYsulJvDXVIAKul36ySGyPrENYVSuO86N+Ld7cdn3GTugbTI8gFhlTaEFjob
SrwE/gtPLQ9Tkg==
-----END CERTIFICATE-----