Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          1zZfDsHilg2tdZI8oRVpTYx2vTMQDBeLP1+4jryN1p0=
Subject key identifier:   7B:EB:4F:07:38:02:15:F4:F3:11:DC:29:DC:BB:73:D0:76:DD:DF:41
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       01964E2341DE8C1D42B3FD46064CBDA7F75A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 13:00:55 +0000
Manifest this update:     Sat 19 Apr 2025 13:00:55 +0000
Manifest next update:     Sun 20 Apr 2025 13:00:55 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: i1a6b73fzNx7PaOPokq3GX15tyMBG5Icpr2t43PAs1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:41:de:8c:1d:42:b3:fd:46:06:4c:bd:a7:f7:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Apr 19 13:00:55 2025 GMT
            Not After : Apr 20 13:00:55 2025 GMT
        Subject: CN=7beb4f07380215f4f311dc29dcbb73d076dddf41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:19:e2:f6:23:25:da:2f:6a:a0:db:c4:4f:ae:
                    87:4b:90:fd:80:3b:ad:6a:9a:8e:4a:b7:4e:76:4f:
                    08:0d:ee:a2:e7:6f:40:ff:ee:3c:18:44:17:4a:66:
                    5e:7f:b7:b5:98:cf:0e:b4:65:e5:b5:65:b3:8f:77:
                    c7:81:07:b9:79:0d:ca:ff:3f:ca:6c:ed:37:95:cf:
                    fd:be:d3:e8:b2:b2:b6:9a:77:80:01:39:38:86:7a:
                    13:4b:c1:e0:11:f5:e1:a2:1c:8b:d6:9f:dc:f5:a0:
                    dd:59:71:85:4c:3c:5e:67:85:8b:9a:ef:cb:8a:20:
                    b7:7a:a1:21:55:3a:91:d7:33:40:6c:a1:81:5b:d2:
                    f4:a5:16:59:38:43:5f:15:aa:3d:09:5e:a9:30:60:
                    9d:76:3d:66:54:54:82:a8:ae:86:e9:d9:e2:97:a0:
                    41:49:86:41:bf:67:f0:ca:c7:57:4b:af:86:6e:15:
                    2c:e0:99:3e:44:12:31:19:57:61:70:5f:10:ad:b0:
                    4c:2f:bb:df:ff:be:1a:48:34:a9:47:a0:1c:85:ea:
                    86:3d:49:36:ca:c0:47:1f:4b:d8:f2:62:7e:af:a0:
                    8a:cb:5a:61:21:e8:20:71:e3:1d:1b:a4:f6:76:15:
                    37:02:f6:83:bc:9d:ed:1f:9c:db:a6:01:47:82:94:
                    70:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EB:4F:07:38:02:15:F4:F3:11:DC:29:DC:BB:73:D0:76:DD:DF:41
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:29:60:07:45:fb:7e:49:d7:21:b3:7a:02:47:36:5c:fe:10:
         ee:00:35:c2:d2:29:5a:ab:66:30:f1:25:78:7e:66:db:e0:f0:
         8c:fa:91:67:f1:35:fd:bc:cb:c1:b0:85:eb:aa:c9:ce:3b:08:
         72:7c:cb:68:8e:a4:b4:5e:33:da:65:14:68:ec:b5:fe:66:db:
         0e:be:26:f4:00:c4:9d:b0:03:5e:58:64:79:5d:03:c0:6f:ff:
         df:cc:ee:c1:db:f4:c6:9e:5f:c4:c2:a3:d5:f3:bc:9a:a9:61:
         8d:d5:55:dd:9b:31:08:80:e7:a4:9f:1a:20:05:2f:ca:43:6f:
         cf:9b:07:56:0b:2f:2f:60:6c:fe:a3:27:cb:ec:ff:6c:eb:ea:
         7d:2d:9d:29:23:a8:07:89:be:d6:b0:da:95:67:af:61:2d:e5:
         9a:dc:8c:f3:7b:65:3d:10:7f:7e:b0:1d:9a:33:16:e8:17:d9:
         f4:79:59:71:83:4b:8a:9f:9e:22:7b:80:88:dc:88:d2:7a:59:
         3f:0b:31:3d:4a:f7:35:02:0f:1a:c8:60:d6:5c:5a:4d:eb:14:
         f8:af:69:ec:10:14:a6:73:55:9d:9f:03:7d:aa:36:85:fb:a4:
         f6:c5:42:7e:68:f9:63:21:17:a4:c5:8f:97:8f:ab:bb:14:c3:
         8e:c8:f2:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOI0HejB1Cs/1GBky9p/daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjUwNDE5MTMwMDU1WhcNMjUwNDIwMTMwMDU1WjAzMTEwLwYDVQQD
Eyg3YmViNGYwNzM4MDIxNWY0ZjMxMWRjMjlkY2JiNzNkMDc2ZGRkZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxni9iMl2i9qoNvET66HS5D9gDut
apqOSrdOdk8IDe6i529A/+48GEQXSmZef7e1mM8OtGXltWWzj3fHgQe5eQ3K/z/K
bO03lc/9vtPosrK2mneAATk4hnoTS8HgEfXhohyL1p/c9aDdWXGFTDxeZ4WLmu/L
iiC3eqEhVTqR1zNAbKGBW9L0pRZZOENfFao9CV6pMGCddj1mVFSCqK6G6dnil6BB
SYZBv2fwysdXS6+GbhUs4Jk+RBIxGVdhcF8QrbBML7vf/74aSDSpR6AcheqGPUk2
ysBHH0vY8mJ+r6CKy1phIeggceMdG6T2dhU3AvaDvJ3tH5zbpgFHgpRwxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvrTwc4AhX08xHcKdy7c9B23d9BMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnilgB0X7
fknXIbN6Akc2XP4Q7gA1wtIpWqtmMPEleH5m2+DwjPqRZ/E1/bzLwbCF66rJzjsI
cnzLaI6ktF4z2mUUaOy1/mbbDr4m9ADEnbADXlhkeV0DwG//38zuwdv0xp5fxMKj
1fO8mqlhjdVV3ZsxCIDnpJ8aIAUvykNvz5sHVgsvL2Bs/qMny+z/bOvqfS2dKSOo
B4m+1rDalWevYS3lmtyM83tlPRB/frAdmjMW6BfZ9HlZcYNLip+eInuAiNyI0npZ
PwsxPUr3NQIPGshg1lxaTesU+K9p7BAUpnNVnZ8Dfao2hfuk9sVCfmj5YyEXpMWP
l4+ruxTDjsjyag==
-----END CERTIFICATE-----