Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
File:                     tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json)
Hash identifier:          CLnd/Wb51qwky9OyegcwyORJk9B6Y8nWpDQsCc0X7c0=
Subject key identifier:   36:15:FC:F2:87:C3:F5:D1:F3:C5:0F:F4:B5:D8:4E:CE:48:7D:C5:B5
Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E
Certificate issuer:       /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
Certificate serial:       0197B88F6C31279A3BDCD447503E9515FB30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
Manifest number:          0C20
Signing time:             Sat 28 Jun 2025 22:01:36 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:36 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:36 +0000
Files and hashes:         1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: bTZ1Fnkm5yYPUDP/3FiRbQ7lZ7oEFnP2TmJdBfS0tRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:6c:31:27:9a:3b:dc:d4:47:50:3e:95:15:fb:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
        Validity
            Not Before: Jun 28 22:01:36 2025 GMT
            Not After : Jun 29 22:01:36 2025 GMT
        Subject: CN=3615fcf287c3f5d1f3c50ff4b5d84ece487dc5b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3a:18:31:72:7e:e5:28:4c:e5:ad:d4:de:0f:
                    43:9b:4f:9f:1b:7f:c8:8d:a7:2f:c9:7d:8c:64:8c:
                    4b:0a:db:90:8f:da:ca:66:63:db:8b:0d:5f:49:e2:
                    89:92:44:c2:76:3d:d7:1f:94:e0:24:ae:d4:7b:2a:
                    c3:fd:38:c9:5e:0a:51:cf:e0:3e:16:22:f1:10:97:
                    44:b6:99:4c:1e:7f:40:c3:e5:00:2a:6c:48:ce:60:
                    dc:d0:14:76:dc:28:32:17:9c:8b:26:43:37:b3:87:
                    60:84:3a:b9:16:82:0c:e5:4d:33:f9:73:24:0d:83:
                    02:f4:e9:14:fa:c8:cf:16:9f:ca:6b:94:d0:14:38:
                    f7:c1:7d:22:cf:a1:d4:61:e5:3a:db:2c:45:fd:45:
                    47:1f:8e:f7:a2:57:37:6d:8b:8d:ab:ce:f8:35:5c:
                    67:74:8d:a3:f4:5c:44:a9:cc:5e:f6:44:d5:cb:e9:
                    18:48:c4:5d:49:0a:88:9b:9d:b2:eb:dd:72:8e:01:
                    4b:f3:6a:3c:2a:fe:32:1b:bf:ed:9b:b5:ce:cb:f6:
                    85:2c:f1:b4:c8:82:0a:60:3c:57:1c:5d:a5:68:e4:
                    b4:e5:4e:6e:78:a6:e8:b0:80:2c:74:e2:55:dd:fb:
                    01:19:cf:74:17:91:2e:e6:12:f8:ae:14:e0:77:06:
                    b3:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:15:FC:F2:87:C3:F5:D1:F3:C5:0F:F4:B5:D8:4E:CE:48:7D:C5:B5
            X509v3 Authority Key Identifier:
                keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:eb:93:b1:65:4e:99:dc:63:aa:8d:94:1a:af:6c:e5:18:55:
         e0:8a:4a:e8:68:5b:89:40:78:ac:93:e1:ba:3e:d9:1c:9c:9c:
         ec:6f:5f:79:48:27:9a:84:f5:e7:3b:4a:d8:5d:28:89:30:ff:
         7d:ed:4c:c1:21:dc:85:c0:15:f3:e8:29:40:40:52:bb:42:a3:
         e9:4d:7f:cc:27:1c:37:6c:2d:55:aa:36:29:00:ed:ce:49:82:
         3e:9c:9a:ea:ed:17:17:9d:aa:e7:08:27:c9:51:fa:8b:a2:41:
         d8:27:84:9f:5a:e4:55:12:dd:5f:2c:21:a5:f1:63:ed:17:9f:
         50:f6:3c:49:f0:ee:c6:b4:c1:56:a6:c5:ca:3e:c9:44:95:fe:
         49:eb:00:80:b9:a3:5d:d5:93:57:02:38:e0:2b:78:51:69:67:
         f3:63:25:97:69:cd:f3:a6:5b:f0:e0:4d:f5:ec:d8:04:35:81:
         a9:42:81:7a:d4:b6:9b:bb:47:7e:73:fd:f9:53:1c:82:d8:ad:
         84:5f:cf:64:2b:45:13:24:d8:9f:5b:d9:9c:67:fb:67:76:31:
         2d:34:13:94:59:bf:a7:2d:85:8c:90:f3:ad:a1:7a:8a:cc:85:
         4e:1a:e8:73:1b:d2:31:08:7f:c9:c0:b8:81:3f:fe:36:3a:07:
         49:6c:b9:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j2wxJ5o73NRHUD6VFfswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm
ZDRkMmUwHhcNMjUwNjI4MjIwMTM2WhcNMjUwNjI5MjIwMTM2WjAzMTEwLwYDVQQD
EygzNjE1ZmNmMjg3YzNmNWQxZjNjNTBmZjRiNWQ4NGVjZTQ4N2RjNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDoYMXJ+5ShM5a3U3g9Dm0+fG3/I
jacvyX2MZIxLCtuQj9rKZmPbiw1fSeKJkkTCdj3XH5TgJK7UeyrD/TjJXgpRz+A+
FiLxEJdEtplMHn9Aw+UAKmxIzmDc0BR23CgyF5yLJkM3s4dghDq5FoIM5U0z+XMk
DYMC9OkU+sjPFp/Ka5TQFDj3wX0iz6HUYeU62yxF/UVHH473olc3bYuNq874NVxn
dI2j9FxEqcxe9kTVy+kYSMRdSQqIm52y691yjgFL82o8Kv4yG7/tm7XOy/aFLPG0
yIIKYDxXHF2laOS05U5ueKbosIAsdOJV3fsBGc90F5Eu5hL4rhTgdwazCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYV/PKHw/XR88UP9LXYTs5IfcW1MB8GA1UdIwQY
MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt
NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw
LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACOuTsWVO
mdxjqo2UGq9s5RhV4IpK6GhbiUB4rJPhuj7ZHJyc7G9feUgnmoT15ztK2F0oiTD/
fe1MwSHchcAV8+gpQEBSu0Kj6U1/zCccN2wtVao2KQDtzkmCPpya6u0XF52q5wgn
yVH6i6JB2CeEn1rkVRLdXywhpfFj7RefUPY8SfDuxrTBVqbFyj7JRJX+SesAgLmj
XdWTVwI44Ct4UWln82Mll2nN86Zb8OBN9ezYBDWBqUKBetS2m7tHfnP9+VMcgtit
hF/PZCtFEyTYn1vZnGf7Z3YxLTQTlFm/py2FjJDzraF6isyFThrocxvSMQh/ycC4
gT/+NjoHSWy5uA==
-----END CERTIFICATE-----