Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          L1IWYIjzgwM6j427AaaiHwN/zPrpi35ra3JrylKFJGY=
Subject key identifier:   43:3D:A7:D4:F1:9B:93:1D:33:51:3C:CE:2B:B2:E3:FB:DE:2E:4A:57
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0197B745B7CF2BEC1F32CB2C6F9CD7C39C20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:28 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: GxAN2Q/Tqjo2nEw4/RhbrwAqsSIu39qK3jRTuEni6SA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:b7:cf:2b:ec:1f:32:cb:2c:6f:9c:d7:c3:9c:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Jun 28 16:01:28 2025 GMT
            Not After : Jun 29 16:01:28 2025 GMT
        Subject: CN=433da7d4f19b931d33513cce2bb2e3fbde2e4a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:35:85:06:a0:74:22:b3:a7:27:55:c1:28:cd:
                    a2:e5:91:8a:d5:f7:39:f1:9f:9a:52:a4:8c:0d:a9:
                    f5:cb:64:2a:85:b7:3c:77:c2:67:91:c4:df:77:ab:
                    b4:b4:5e:c1:d3:49:a3:bf:9f:a2:88:4d:1c:4f:03:
                    83:ae:3f:21:ea:37:f6:f5:59:eb:8d:96:f9:19:29:
                    17:bc:71:73:97:de:cd:e9:6b:86:51:79:ae:8b:56:
                    b1:cb:d1:0e:c7:bc:c2:0d:7e:4b:b3:85:d5:71:ed:
                    ab:22:6c:5c:b1:ed:69:8c:27:8e:48:e4:3d:8f:11:
                    f0:93:25:ef:3a:aa:02:69:75:61:d9:d1:af:b2:57:
                    52:a7:05:e8:21:b3:87:64:a4:5a:fe:ac:43:11:ac:
                    49:9b:3a:01:2f:4b:b0:2b:ab:7d:e2:a0:b0:46:8e:
                    75:b1:00:f6:bc:5a:d0:5f:82:d6:3c:2d:06:84:17:
                    c7:52:2d:6b:df:d2:77:e1:1d:85:87:75:45:d2:46:
                    63:58:3e:6c:01:85:7a:a6:bc:95:34:7d:7f:3b:91:
                    1e:71:62:bb:e6:c6:a0:b0:49:bc:29:3d:e7:6c:fd:
                    14:10:c5:7e:06:96:ca:93:aa:7a:0d:5b:93:54:d2:
                    55:63:f3:69:4a:62:b7:be:ab:7e:9b:d5:3e:25:8f:
                    7d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:3D:A7:D4:F1:9B:93:1D:33:51:3C:CE:2B:B2:E3:FB:DE:2E:4A:57
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:8e:db:28:38:23:24:52:0e:73:50:c7:fe:cd:16:19:37:bf:
         c6:2f:c0:39:31:9a:71:ce:f1:29:d9:bc:0f:58:0f:14:98:0e:
         c2:0c:d3:7b:ea:fb:70:67:cb:ad:cc:23:8f:e8:00:b0:5e:7d:
         84:20:cb:17:54:6e:53:d4:02:d0:58:ce:82:c7:4c:8f:6b:80:
         fb:de:f4:e8:fa:d0:d4:4b:a6:3f:cb:67:ed:d9:57:4b:d3:a9:
         d4:f5:f2:63:63:1f:27:d1:7a:1a:60:87:0e:d3:46:66:97:1c:
         0e:6d:28:20:7d:87:38:52:d6:88:6e:7e:6d:0c:92:83:f5:ab:
         fe:f5:61:90:8e:90:23:01:28:50:59:17:1d:79:a2:04:8f:cd:
         81:8c:bf:e0:b8:4f:d3:9d:55:11:f2:1f:40:35:f3:bd:1f:3d:
         7d:78:62:a8:38:9d:ee:1a:7e:31:99:ec:18:df:40:c7:8d:70:
         cc:41:2f:a4:a0:64:46:b9:b0:23:e3:d8:59:44:33:ff:40:22:
         e0:3a:cd:c8:a5:b0:11:8e:90:89:c0:d1:1e:a7:ce:d5:85:5f:
         5e:5d:43:b1:2e:c6:d5:11:2d:be:54:1b:8a:90:20:74:a3:d4:
         29:19:0e:e5:d7:40:ff:69:67:9a:63:0b:24:45:6d:d6:01:b6:
         29:bb:e8:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RbfPK+wfMsssb5zXw5wgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwNjI4MTYwMTI4WhcNMjUwNjI5MTYwMTI4WjAzMTEwLwYDVQQD
Eyg0MzNkYTdkNGYxOWI5MzFkMzM1MTNjY2UyYmIyZTNmYmRlMmU0YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTWFBqB0IrOnJ1XBKM2i5ZGK1fc5
8Z+aUqSMDan1y2Qqhbc8d8JnkcTfd6u0tF7B00mjv5+iiE0cTwODrj8h6jf29Vnr
jZb5GSkXvHFzl97N6WuGUXmui1axy9EOx7zCDX5Ls4XVce2rImxcse1pjCeOSOQ9
jxHwkyXvOqoCaXVh2dGvsldSpwXoIbOHZKRa/qxDEaxJmzoBL0uwK6t94qCwRo51
sQD2vFrQX4LWPC0GhBfHUi1r39J34R2Fh3VF0kZjWD5sAYV6pryVNH1/O5EecWK7
5sagsEm8KT3nbP0UEMV+BpbKk6p6DVuTVNJVY/NpSmK3vqt+m9U+JY99CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEM9p9Txm5MdM1E8ziuy4/veLkpXMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANY7bKDgj
JFIOc1DH/s0WGTe/xi/AOTGacc7xKdm8D1gPFJgOwgzTe+r7cGfLrcwjj+gAsF59
hCDLF1RuU9QC0FjOgsdMj2uA+9706PrQ1EumP8tn7dlXS9Op1PXyY2MfJ9F6GmCH
DtNGZpccDm0oIH2HOFLWiG5+bQySg/Wr/vVhkI6QIwEoUFkXHXmiBI/NgYy/4LhP
051VEfIfQDXzvR89fXhiqDid7hp+MZnsGN9Ax41wzEEvpKBkRrmwI+PYWUQz/0Ai
4DrNyKWwEY6QicDRHqfO1YVfXl1DsS7G1REtvlQbipAgdKPUKRkO5ddA/2lnmmML
JEVt1gG2Kbvomg==
-----END CERTIFICATE-----