Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          pUCs6N6wHpA5ZWOHmUf+2pTx2QGnxYcKZwRL83K1zEc=
Subject key identifier:   11:88:F1:39:7B:3F:C7:7B:DA:DE:13:45:B6:CB:D0:99:3A:6A:95:8C
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       0197B7457E6F9A07C84AE27D5F2F576785A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 16:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:14 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: bRjuZchQEL3NRfUtjdcYFD+qhNE8qUg9L5Z/v1icphM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:7e:6f:9a:07:c8:4a:e2:7d:5f:2f:57:67:85:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Jun 28 16:01:14 2025 GMT
            Not After : Jun 29 16:01:14 2025 GMT
        Subject: CN=1188f1397b3fc77bdade1345b6cbd0993a6a958c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:63:2e:3f:d8:83:24:9c:78:d6:4c:85:44:56:
                    26:88:3c:ce:97:71:27:c7:65:a9:64:37:d8:c1:7f:
                    3b:ff:5d:dc:72:a7:32:68:7d:f2:69:6d:41:0b:f5:
                    62:bb:fe:17:5f:0e:ee:e9:07:00:d9:b4:61:c2:32:
                    30:42:d7:6b:3a:90:14:36:da:d3:c5:27:a3:a5:9f:
                    f8:6a:37:94:b0:36:61:40:35:74:0e:a3:40:d6:ec:
                    81:63:12:cc:8a:80:2e:3f:c7:57:26:8b:d1:37:ce:
                    76:e4:0b:b4:d5:60:60:32:f5:91:6a:74:24:e2:6b:
                    ca:a2:f1:65:b6:ba:d3:22:25:27:cd:7f:61:4e:bc:
                    ab:5d:c1:b2:ae:e6:97:99:2c:12:24:b4:2e:ca:58:
                    21:b6:5b:bb:08:ec:19:be:c7:5a:14:7f:36:ac:c1:
                    65:65:80:27:6c:bf:0d:46:7f:2a:34:07:1e:f8:25:
                    86:54:d5:07:2e:92:60:ad:60:a3:e3:92:9c:0d:a8:
                    17:5b:80:f3:7b:f6:d8:9e:b5:6d:b0:d7:5a:4a:30:
                    9a:bb:e2:71:ca:7b:90:ff:51:c3:f8:98:c8:d8:c0:
                    6a:9c:32:31:0b:0f:69:13:c8:de:45:74:35:ef:75:
                    3b:31:74:98:10:1c:fa:3d:78:b8:be:73:33:22:18:
                    ee:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:88:F1:39:7B:3F:C7:7B:DA:DE:13:45:B6:CB:D0:99:3A:6A:95:8C
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:4e:c2:21:d3:ee:fa:0d:c5:4c:3a:1c:6d:76:53:5c:db:1c:
         78:50:2a:3f:f6:3b:d5:9a:85:b7:bb:93:10:b8:60:49:3b:e7:
         2c:3a:27:4a:5c:44:43:e7:e3:f7:a4:5e:eb:8d:9d:92:0e:ff:
         ea:a6:23:9e:19:51:19:b4:09:77:dd:35:33:7b:a2:0d:f3:18:
         07:02:a0:d3:c0:e1:f8:61:3c:00:cc:4e:91:0a:7e:d5:2d:cf:
         3a:22:4e:a2:be:ce:54:11:87:47:26:40:d8:4f:58:8d:85:1d:
         3a:2c:2b:ab:10:b6:a8:23:f8:db:14:84:02:41:c5:31:ed:1b:
         f1:b2:51:c7:eb:ab:b4:2b:eb:21:48:f8:43:08:8a:94:61:37:
         ba:5e:88:ed:f9:81:66:6a:7b:ec:8c:b6:ec:93:ca:f0:3c:d4:
         f6:9a:a5:c0:bb:16:6a:18:31:d5:9d:b7:28:29:32:df:77:a9:
         13:10:fa:65:38:93:f2:d0:35:06:cc:2a:98:f5:03:1e:42:67:
         1d:30:21:bb:6a:b2:f6:23:65:dd:3d:76:50:b8:0f:98:1b:e9:
         4b:88:28:27:d3:99:dd:71:b0:93:8a:00:3d:23:17:47:82:45:
         38:1a:80:50:3a:69:3d:d0:70:fd:32:bc:e5:42:70:8c:7b:af:
         36:5f:c3:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RX5vmgfISuJ9Xy9XZ4WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjUwNjI4MTYwMTE0WhcNMjUwNjI5MTYwMTE0WjAzMTEwLwYDVQQD
EygxMTg4ZjEzOTdiM2ZjNzdiZGFkZTEzNDViNmNiZDA5OTNhNmE5NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGMuP9iDJJx41kyFRFYmiDzOl3En
x2WpZDfYwX87/13ccqcyaH3yaW1BC/Viu/4XXw7u6QcA2bRhwjIwQtdrOpAUNtrT
xSejpZ/4ajeUsDZhQDV0DqNA1uyBYxLMioAuP8dXJovRN8525Au01WBgMvWRanQk
4mvKovFltrrTIiUnzX9hTryrXcGyruaXmSwSJLQuylghtlu7COwZvsdaFH82rMFl
ZYAnbL8NRn8qNAce+CWGVNUHLpJgrWCj45KcDagXW4Dze/bYnrVtsNdaSjCau+Jx
ynuQ/1HD+JjI2MBqnDIxCw9pE8jeRXQ173U7MXSYEBz6PXi4vnMzIhjuBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGI8Tl7P8d72t4TRbbL0Jk6apWMMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT07CIdPu
+g3FTDocbXZTXNsceFAqP/Y71ZqFt7uTELhgSTvnLDonSlxEQ+fj96Re642dkg7/
6qYjnhlRGbQJd901M3uiDfMYBwKg08Dh+GE8AMxOkQp+1S3POiJOor7OVBGHRyZA
2E9YjYUdOiwrqxC2qCP42xSEAkHFMe0b8bJRx+urtCvrIUj4QwiKlGE3ul6I7fmB
Zmp77Iy27JPK8DzU9pqlwLsWahgx1Z23KCky33epExD6ZTiT8tA1BswqmPUDHkJn
HTAhu2qy9iNl3T12ULgPmBvpS4goJ9OZ3XGwk4oAPSMXR4JFOBqAUDppPdBw/TK8
5UJwjHuvNl/Dag==
-----END CERTIFICATE-----