Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          taSXDL/MAif65Ntw3W3aMVBpHK3HWmzfDQoDA/FAFYg=
Subject key identifier:   E5:1F:51:C2:46:22:EE:6C:FE:27:3E:7A:2F:58:33:70:0B:47:B4:FF
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       01958EF387AD461968D9187416171805689F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1493
Signing time:             Thu 13 Mar 2025 10:01:19 +0000
Manifest this update:     Thu 13 Mar 2025 10:01:19 +0000
Manifest next update:     Fri 14 Mar 2025 10:01:19 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: 7fXzA1rRaxRsjS0CvxqWqzh6Aqr2UWcdmvGkBroCmI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:f3:87:ad:46:19:68:d9:18:74:16:17:18:05:68:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Mar 13 10:01:19 2025 GMT
            Not After : Mar 14 10:01:19 2025 GMT
        Subject: CN=e51f51c24622ee6cfe273e7a2f5833700b47b4ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:30:62:7c:ab:d7:45:df:db:5f:53:67:14:10:
                    0c:ab:e7:10:3c:ed:6b:aa:6f:1d:03:91:cc:7c:69:
                    83:76:bd:01:46:de:49:7d:8a:5d:59:84:2a:00:db:
                    3e:f0:93:e9:74:6e:f5:2f:b7:b4:8b:dc:f8:5d:4f:
                    55:d4:d3:95:e9:ef:e6:78:2a:1c:18:27:8c:94:6c:
                    68:48:94:7e:64:fa:bd:d0:91:21:04:5f:a7:a6:eb:
                    27:e5:09:a5:49:8d:99:62:98:b7:c4:87:45:61:e8:
                    08:bb:0b:e9:fa:67:70:9e:2a:3a:06:d6:9c:f5:e9:
                    c2:37:ee:75:e4:2c:30:8d:c7:4a:02:4f:2e:37:15:
                    48:bf:3e:ad:d5:f4:20:8e:30:2c:bd:78:d5:01:67:
                    ab:44:09:63:00:81:da:38:1a:01:91:45:8a:15:d7:
                    7c:48:c5:21:6e:bb:69:b2:61:c6:bb:4e:f5:6d:a2:
                    11:d4:f7:fa:82:c8:e1:c7:1e:90:25:f5:40:05:e1:
                    57:21:c5:cd:60:29:f3:24:7c:a4:e5:b5:0e:9e:87:
                    96:93:2b:cb:07:7e:7a:0d:a7:84:5d:ba:21:02:4a:
                    db:b5:5a:36:00:ba:e1:4b:a6:fb:7d:f8:7d:35:d9:
                    03:05:76:cc:57:0c:5a:6f:9d:fd:40:b8:48:ff:b9:
                    36:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:1F:51:C2:46:22:EE:6C:FE:27:3E:7A:2F:58:33:70:0B:47:B4:FF
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:52:66:cb:03:cd:b7:a0:ed:c6:88:3e:dc:da:22:b2:e5:35:
         8a:49:52:b5:5b:0a:ea:cf:74:e2:db:8e:df:6d:ba:b9:40:fa:
         cd:4c:e1:74:84:81:46:8e:ba:e7:c4:3f:d6:39:fd:98:fa:17:
         41:f6:b2:7b:9d:da:5b:3c:5f:9e:f8:38:d2:8e:38:ed:be:de:
         70:03:60:55:91:bd:9e:b5:0f:0f:6d:d7:f9:89:d2:03:4f:1c:
         08:7d:f6:81:b5:94:c3:9d:d1:e1:49:75:f0:93:6a:4e:fa:7b:
         a1:f0:52:69:4c:34:2b:1f:f7:7e:d7:12:33:c4:cc:68:df:87:
         6c:b5:80:d9:25:28:cf:86:d0:15:08:cd:73:e3:f3:b5:30:22:
         49:e6:5c:8e:a6:75:e6:ec:12:c8:44:a5:8f:0b:42:23:50:03:
         7d:f5:04:bd:0e:73:f1:e9:5f:8e:45:70:ff:a1:c2:bd:5b:96:
         c3:76:5c:af:a2:bf:79:77:14:a3:d5:3a:d5:c7:65:b9:9c:02:
         28:d6:a3:e0:69:55:fb:3f:6c:3d:55:17:9a:2f:2d:c6:d5:56:
         93:c5:cf:9f:64:ff:59:2a:bc:57:eb:49:74:ca:1c:03:60:20:
         49:f9:a5:b5:c2:9f:2e:3e:a5:4c:42:2a:d2:05:e9:7f:51:c0:
         60:b1:21:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO84etRhlo2Rh0FhcYBWifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwMzEzMTAwMTE5WhcNMjUwMzE0MTAwMTE5WjAzMTEwLwYDVQQD
EyhlNTFmNTFjMjQ2MjJlZTZjZmUyNzNlN2EyZjU4MzM3MDBiNDdiNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDBifKvXRd/bX1NnFBAMq+cQPO1r
qm8dA5HMfGmDdr0BRt5JfYpdWYQqANs+8JPpdG71L7e0i9z4XU9V1NOV6e/meCoc
GCeMlGxoSJR+ZPq90JEhBF+npusn5QmlSY2ZYpi3xIdFYegIuwvp+mdwnio6Btac
9enCN+515CwwjcdKAk8uNxVIvz6t1fQgjjAsvXjVAWerRAljAIHaOBoBkUWKFdd8
SMUhbrtpsmHGu071baIR1Pf6gsjhxx6QJfVABeFXIcXNYCnzJHyk5bUOnoeWkyvL
B356DaeEXbohAkrbtVo2ALrhS6b7ffh9NdkDBXbMVwxab539QLhI/7k21wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUfUcJGIu5s/ic+ei9YM3ALR7T/MB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1JmywPN
t6Dtxog+3NoisuU1iklStVsK6s904tuO3226uUD6zUzhdISBRo6658Q/1jn9mPoX
Qfaye53aWzxfnvg40o447b7ecANgVZG9nrUPD23X+YnSA08cCH32gbWUw53R4Ul1
8JNqTvp7ofBSaUw0Kx/3ftcSM8TMaN+HbLWA2SUoz4bQFQjNc+PztTAiSeZcjqZ1
5uwSyESljwtCI1ADffUEvQ5z8elfjkVw/6HCvVuWw3Zcr6K/eXcUo9U61cdluZwC
KNaj4GlV+z9sPVUXmi8txtVWk8XPn2T/WSq8V+tJdMocA2AgSfmltcKfLj6lTEIq
0gXpf1HAYLEheQ==
-----END CERTIFICATE-----