Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          qPplzMdGe/f8m/qrKHC5XU/D4OZ9dqQeWI3fy04dsVk=
Subject key identifier:   4D:01:80:77:2A:E4:21:FD:71:40:1A:4F:39:89:F1:6E:C0:D3:C3:4C
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0199FC8F44719636603994CD0C971318FF40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 13:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:11 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: jKSAN7nNOE7OWzP3WODPxX3OSJsE1c+ibqzp+BWAipw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:44:71:96:36:60:39:94:cd:0c:97:13:18:ff:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Oct 19 13:01:11 2025 GMT
            Not After : Oct 20 13:01:11 2025 GMT
        Subject: CN=4d0180772ae421fd71401a4f3989f16ec0d3c34c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:8a:90:52:fa:15:d1:ca:5e:4a:80:25:66:2e:
                    52:59:cd:20:48:34:48:c4:65:73:62:39:64:0c:0d:
                    33:5c:3d:f9:72:4a:4a:3b:40:63:cf:b4:00:13:17:
                    77:3d:0a:c1:48:9c:90:7c:18:74:fa:26:00:ac:e7:
                    86:18:d3:fd:96:c4:c8:b2:d0:27:fc:33:a8:2a:9e:
                    a5:56:54:d4:a8:36:e9:b7:ee:31:5a:79:a4:87:36:
                    6b:df:a9:e1:a5:4d:95:28:34:c0:6c:75:1f:98:7f:
                    79:f3:49:c0:39:e4:1d:ba:fc:18:95:da:e3:04:3d:
                    0c:5f:81:ea:bc:32:56:1d:46:d1:5f:e7:f8:53:41:
                    32:6c:6d:f1:fe:f3:0f:70:d2:1e:72:cb:18:bf:9b:
                    ca:f2:25:70:72:49:e1:e0:ec:45:49:1e:cb:1f:d5:
                    cd:cd:68:bd:0e:a8:d4:dc:c3:fa:d5:07:dd:25:43:
                    b1:92:99:9d:6d:08:f2:63:25:15:65:84:1a:62:96:
                    83:55:00:f9:b3:f5:d9:63:6a:7a:6b:51:3a:85:6d:
                    23:e2:71:6b:64:b7:71:6b:0b:79:68:5b:67:78:96:
                    28:71:c9:ee:0d:3f:1b:3a:cc:85:b2:99:83:52:39:
                    fc:af:18:75:a4:1f:7f:16:58:ae:94:42:ba:de:a5:
                    8c:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:01:80:77:2A:E4:21:FD:71:40:1A:4F:39:89:F1:6E:C0:D3:C3:4C
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:09:72:76:df:a0:f7:71:62:c8:3d:da:1d:62:31:45:8b:1e:
         94:14:f1:26:b1:33:3e:38:a3:eb:4a:05:31:04:4b:33:8f:82:
         f6:18:dc:e5:2f:93:a2:f7:e0:52:71:33:e2:6c:24:61:7c:ff:
         8d:d1:83:92:88:58:e8:79:d0:d1:1d:22:db:50:4b:48:a6:98:
         10:e6:fd:3d:ba:c7:9c:b6:61:4d:48:a4:f2:88:21:9b:02:fb:
         cc:a1:17:68:a4:e1:95:fd:d6:cb:92:97:e9:27:ee:35:5f:5f:
         79:b7:cc:97:c2:ab:2d:3b:d5:60:84:ae:d1:66:00:03:b0:cc:
         10:a4:c2:66:cf:6a:98:47:de:62:f9:8b:ac:72:06:13:d9:f7:
         64:0a:fc:f1:28:19:57:12:77:dd:9e:46:4e:94:7e:78:7a:ea:
         12:d6:97:75:b4:44:93:a1:d7:e8:61:14:e4:7c:ca:e6:71:af:
         d1:3d:9d:dd:c8:ae:59:ce:c8:82:ba:76:1a:81:47:48:dc:2a:
         11:76:11:77:ee:ea:6d:25:38:7d:6c:b8:98:13:3b:13:59:83:
         79:d8:b6:ab:54:24:fd:61:07:bc:90:30:21:56:ba:e5:cd:d9:
         3b:82:44:52:83:61:4b:31:f9:5e:3b:55:c1:ba:ed:e3:2b:cc:
         cf:59:98:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j0RxljZgOZTNDJcTGP9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUxMDE5MTMwMTExWhcNMjUxMDIwMTMwMTExWjAzMTEwLwYDVQQD
Eyg0ZDAxODA3NzJhZTQyMWZkNzE0MDFhNGYzOTg5ZjE2ZWMwZDNjMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YqQUvoV0cpeSoAlZi5SWc0gSDRI
xGVzYjlkDA0zXD35ckpKO0Bjz7QAExd3PQrBSJyQfBh0+iYArOeGGNP9lsTIstAn
/DOoKp6lVlTUqDbpt+4xWnmkhzZr36nhpU2VKDTAbHUfmH9580nAOeQduvwYldrj
BD0MX4HqvDJWHUbRX+f4U0EybG3x/vMPcNIecssYv5vK8iVwcknh4OxFSR7LH9XN
zWi9DqjU3MP61QfdJUOxkpmdbQjyYyUVZYQaYpaDVQD5s/XZY2p6a1E6hW0j4nFr
ZLdxawt5aFtneJYoccnuDT8bOsyFspmDUjn8rxh1pB9/FliulEK63qWMCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0BgHcq5CH9cUAaTzmJ8W7A08NMMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQlydt+g
93FiyD3aHWIxRYselBTxJrEzPjij60oFMQRLM4+C9hjc5S+TovfgUnEz4mwkYXz/
jdGDkohY6HnQ0R0i21BLSKaYEOb9PbrHnLZhTUik8oghmwL7zKEXaKThlf3Wy5KX
6SfuNV9febfMl8KrLTvVYISu0WYAA7DMEKTCZs9qmEfeYvmLrHIGE9n3ZAr88SgZ
VxJ33Z5GTpR+eHrqEtaXdbREk6HX6GEU5HzK5nGv0T2d3ciuWc7Igrp2GoFHSNwq
EXYRd+7qbSU4fWy4mBM7E1mDedi2q1Qk/WEHvJAwIVa65c3ZO4JEUoNhSzH5XjtV
wbrt4yvMz1mYpw==
-----END CERTIFICATE-----