Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          VDYMe70uDhXy3gd3dLolH6exKEmgMDdyyoMSoXcraAk=
Subject key identifier:   5C:01:99:B8:B5:0D:9A:C8:B0:69:A2:0A:9F:B1:35:E3:C4:CD:20:C1
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0196BA48CA2CBA3AD6824A42DAA92E094654
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          152E
Signing time:             Sat 10 May 2025 13:00:54 +0000
Manifest this update:     Sat 10 May 2025 13:00:54 +0000
Manifest next update:     Sun 11 May 2025 13:00:54 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: wZe5AHlWQVcQBKt/sK2rUPIeUDfTFmJozTLkf/+pyv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:48:ca:2c:ba:3a:d6:82:4a:42:da:a9:2e:09:46:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: May 10 13:00:54 2025 GMT
            Not After : May 11 13:00:54 2025 GMT
        Subject: CN=5c0199b8b50d9ac8b069a20a9fb135e3c4cd20c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:23:84:be:2e:05:62:fe:40:c3:ad:6d:db:
                    4e:cb:07:ab:5a:51:08:bc:08:d7:2e:ce:55:6f:0d:
                    b6:28:51:78:be:80:4c:14:fb:ca:e6:a6:fd:07:49:
                    7e:d6:51:64:8d:14:e3:50:58:01:f2:3f:61:9b:6a:
                    93:d0:bb:be:01:28:53:95:b9:70:cd:10:8f:4e:ff:
                    90:ec:e0:2c:cf:d5:3f:03:d2:3d:4b:be:53:e5:ad:
                    ad:5b:27:48:01:ce:3a:ad:2d:b4:c3:1a:70:04:92:
                    36:ac:14:23:51:eb:af:04:06:5e:34:b2:c3:93:7f:
                    f2:18:64:75:f1:a1:aa:f3:5d:6e:45:04:98:73:85:
                    86:58:de:b5:5f:bb:b1:1f:51:bb:50:a9:7e:43:71:
                    a7:c2:bf:55:98:4c:65:db:61:df:16:15:73:00:53:
                    fd:11:a3:09:c4:f3:ab:15:d3:53:02:97:84:b9:9f:
                    57:f8:5e:01:3f:9c:57:50:de:47:a3:eb:2a:77:ae:
                    0f:7b:d4:61:93:df:8d:0b:12:4c:24:98:df:35:c2:
                    fd:f6:8a:2a:e6:52:7a:44:53:59:c3:00:cd:6e:a4:
                    82:ca:1d:a3:4d:d9:9f:aa:c3:c0:00:4e:74:03:e7:
                    2d:91:bd:3a:8a:8f:c3:63:8f:ec:31:04:fa:4c:79:
                    46:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:01:99:B8:B5:0D:9A:C8:B0:69:A2:0A:9F:B1:35:E3:C4:CD:20:C1
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:ba:0e:e3:f1:dd:8a:24:cd:8a:2c:98:e1:5a:39:cf:0b:b5:
         58:9d:1d:28:43:c8:57:2a:ec:02:d5:4f:be:18:1f:0a:b5:0e:
         7f:96:a7:35:fe:71:56:73:79:f0:05:fb:8a:34:33:d6:14:72:
         04:64:cf:54:26:10:80:60:3a:13:1c:ff:78:45:6a:28:a8:45:
         0b:7b:df:b8:2f:51:fa:17:10:bb:aa:3f:8a:bc:c4:f9:a6:39:
         ac:4f:ee:fb:8a:0d:95:f7:c5:d5:97:fc:22:89:55:16:48:57:
         67:7f:5f:45:18:67:a8:e5:4f:9b:db:8a:64:3d:78:95:b9:1f:
         d3:60:29:0b:8c:f4:5e:1b:73:1d:6f:20:fe:a5:66:07:c1:d9:
         7e:42:94:aa:d9:b1:da:00:c9:ab:1e:c0:c7:36:58:f0:98:25:
         84:82:66:1b:c1:26:ec:38:e8:8d:3c:4e:80:1d:fe:e0:55:4f:
         88:3e:ec:86:8b:0f:68:0a:31:1b:20:77:92:cb:a9:bb:b2:dd:
         d6:f9:cc:2e:c6:c7:93:a7:e9:ad:24:4e:d2:95:aa:03:66:5e:
         35:77:ef:f6:a9:f8:73:46:19:4c:76:0a:d6:7d:d7:60:a8:e0:
         7d:6f:81:9b:70:b7:f0:3a:41:ab:7d:03:e5:72:64:cc:56:cd:
         e4:08:43:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6SMosujrWgkpC2qkuCUZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwNTEwMTMwMDU0WhcNMjUwNTExMTMwMDU0WjAzMTEwLwYDVQQD
Eyg1YzAxOTliOGI1MGQ5YWM4YjA2OWEyMGE5ZmIxMzVlM2M0Y2QyMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/IjhL4uBWL+QMOtbdtOywerWlEI
vAjXLs5Vbw22KFF4voBMFPvK5qb9B0l+1lFkjRTjUFgB8j9hm2qT0Lu+AShTlblw
zRCPTv+Q7OAsz9U/A9I9S75T5a2tWydIAc46rS20wxpwBJI2rBQjUeuvBAZeNLLD
k3/yGGR18aGq811uRQSYc4WGWN61X7uxH1G7UKl+Q3Gnwr9VmExl22HfFhVzAFP9
EaMJxPOrFdNTApeEuZ9X+F4BP5xXUN5Ho+sqd64Pe9Rhk9+NCxJMJJjfNcL99ooq
5lJ6RFNZwwDNbqSCyh2jTdmfqsPAAE50A+ctkb06io/DY4/sMQT6THlGfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwBmbi1DZrIsGmiCp+xNePEzSDBMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACroO4/Hd
iiTNiiyY4Vo5zwu1WJ0dKEPIVyrsAtVPvhgfCrUOf5anNf5xVnN58AX7ijQz1hRy
BGTPVCYQgGA6Exz/eEVqKKhFC3vfuC9R+hcQu6o/irzE+aY5rE/u+4oNlffF1Zf8
IolVFkhXZ39fRRhnqOVPm9uKZD14lbkf02ApC4z0XhtzHW8g/qVmB8HZfkKUqtmx
2gDJqx7AxzZY8JglhIJmG8Em7DjojTxOgB3+4FVPiD7shosPaAoxGyB3ksupu7Ld
1vnMLsbHk6fprSRO0pWqA2ZeNXfv9qn4c0YZTHYK1n3XYKjgfW+Bm3C38DpBq30D
5XJkzFbN5AhDhg==
-----END CERTIFICATE-----