Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          F1SxzMoNjW/G9cY5MeZ1w393AEE/CQB/p38t8NlXh4U=
Subject key identifier:   4A:AD:52:1E:04:C6:EF:25:33:B9:C1:6A:4D:08:49:0F:1F:49:14:F9
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       019EB76A34E870AE484871BD829782ACA648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1951
Signing time:             Thu 11 Jun 2026 16:00:51 +0000
Manifest this update:     Thu 11 Jun 2026 16:00:51 +0000
Manifest next update:     Fri 12 Jun 2026 16:00:51 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: ZPdDIiFJGWx+egZrnQjN+HHWzE8WKiunf9sG4NqnMMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 16:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b7:6a:34:e8:70:ae:48:48:71:bd:82:97:82:ac:a6:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Jun 11 16:00:51 2026 GMT
            Not After : Jun 12 16:00:51 2026 GMT
        Subject: CN=4aad521e04c6ef2533b9c16a4d08490f1f4914f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e0:4c:e3:eb:56:ef:61:d5:4d:04:5a:e7:50:
                    3f:e4:ea:43:25:63:4f:be:21:1c:fb:0b:04:3a:42:
                    15:80:ec:e7:d0:69:a8:09:63:d7:26:b8:69:96:a4:
                    2d:40:7f:ac:6a:a9:a2:42:cd:93:66:43:a0:5d:5d:
                    bc:03:bb:f7:77:7f:9b:e0:e8:36:0f:cb:a1:5b:1e:
                    15:ca:88:aa:3a:e9:ce:51:1b:38:8c:f4:a7:3c:9e:
                    8d:d3:a0:7f:e3:1e:5d:98:94:fe:51:2a:63:44:6a:
                    e4:e0:73:75:21:9f:92:56:80:9f:6d:be:58:70:66:
                    20:25:fe:4f:58:d7:60:26:5e:8f:d0:87:5e:bd:da:
                    3e:2f:0d:58:57:1b:dc:61:52:e4:2d:d1:0e:3b:45:
                    aa:c5:0e:d8:e7:16:be:d0:15:84:33:8c:ec:56:84:
                    b0:fa:44:77:c6:c4:1e:8c:12:1a:d0:16:23:d4:e3:
                    9d:d3:1f:43:ca:7c:ae:94:48:f7:cd:58:c9:c0:8c:
                    f7:50:97:e8:5d:ab:fb:53:06:f1:e5:de:f5:4e:04:
                    ee:e8:73:d0:fd:4f:21:a5:e5:ed:27:0d:39:c0:dd:
                    d8:f1:21:fb:c3:b6:1d:ff:08:13:82:64:47:5b:79:
                    6c:8a:69:99:f6:37:be:b9:c5:8c:a5:05:90:4a:86:
                    7e:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:AD:52:1E:04:C6:EF:25:33:B9:C1:6A:4D:08:49:0F:1F:49:14:F9
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:b6:c5:9c:e2:7a:c7:9f:35:1a:d9:e3:b8:24:0c:2b:c6:b6:
         57:18:3e:ca:a2:ae:05:62:03:f7:f3:0e:ae:d6:07:d5:3c:0f:
         2a:e4:ba:c1:af:d1:13:7c:87:00:9b:26:e5:ed:62:9c:ab:40:
         cf:dc:25:15:2f:36:9c:65:10:fd:0d:98:d9:3c:e5:40:67:3c:
         86:9e:e3:3f:3b:0a:a9:46:e9:39:fc:46:6d:fb:61:e6:7f:79:
         50:eb:b4:99:7c:e3:ef:bd:c0:a7:78:15:94:20:72:d2:ea:8b:
         a8:45:36:a0:e6:9b:0e:e2:3f:3e:1e:1b:89:75:f4:a6:4f:24:
         a3:b8:89:b2:82:90:0e:c2:c4:bf:01:dc:49:a1:d9:8b:ea:d1:
         e0:d0:05:95:ba:ed:54:7c:4c:01:c4:70:db:07:98:d5:d4:f1:
         6e:f6:63:55:fe:cc:73:7b:6a:14:8b:a4:79:c7:05:23:b0:d3:
         6c:e5:93:39:e3:ec:38:75:a6:7e:d3:0c:3b:45:12:dd:e6:28:
         88:1c:c0:08:f6:51:0c:7f:d1:e8:43:a0:1d:56:ae:68:67:04:
         d9:57:eb:f1:c5:32:fc:55:c8:57:b3:58:68:47:11:e0:eb:35:
         fe:36:bf:00:4b:36:1e:ba:33:d1:f7:3e:68:e4:a6:fb:1e:84:
         48:1d:c5:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ63ajTocK5ISHG9gpeCrKZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjYwNjExMTYwMDUxWhcNMjYwNjEyMTYwMDUxWjAzMTEwLwYDVQQD
Eyg0YWFkNTIxZTA0YzZlZjI1MzNiOWMxNmE0ZDA4NDkwZjFmNDkxNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uBM4+tW72HVTQRa51A/5OpDJWNP
viEc+wsEOkIVgOzn0GmoCWPXJrhplqQtQH+saqmiQs2TZkOgXV28A7v3d3+b4Og2
D8uhWx4VyoiqOunOURs4jPSnPJ6N06B/4x5dmJT+USpjRGrk4HN1IZ+SVoCfbb5Y
cGYgJf5PWNdgJl6P0Idevdo+Lw1YVxvcYVLkLdEOO0WqxQ7Y5xa+0BWEM4zsVoSw
+kR3xsQejBIa0BYj1OOd0x9DynyulEj3zVjJwIz3UJfoXav7Uwbx5d71TgTu6HPQ
/U8hpeXtJw05wN3Y8SH7w7Yd/wgTgmRHW3lsimmZ9je+ucWMpQWQSoZ+/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqtUh4Exu8lM7nBak0ISQ8fSRT5MB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbbFnOJ6
x581GtnjuCQMK8a2Vxg+yqKuBWID9/MOrtYH1TwPKuS6wa/RE3yHAJsm5e1inKtA
z9wlFS82nGUQ/Q2Y2TzlQGc8hp7jPzsKqUbpOfxGbfth5n95UOu0mXzj773Ap3gV
lCBy0uqLqEU2oOabDuI/Ph4biXX0pk8ko7iJsoKQDsLEvwHcSaHZi+rR4NAFlbrt
VHxMAcRw2weY1dTxbvZjVf7Mc3tqFIukeccFI7DTbOWTOePsOHWmftMMO0US3eYo
iBzACPZRDH/R6EOgHVauaGcE2Vfr8cUy/FXIV7NYaEcR4Os1/ja/AEs2Hroz0fc+
aOSm+x6ESB3FHw==
-----END CERTIFICATE-----