Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          pMxS2/VI+8IJILotGGxbxH0pw8Q9Msr/SXMEMkPU0Y8=
Subject key identifier:   CE:C6:7A:AC:14:79:E4:3D:96:BA:A1:0A:33:43:15:76:00:8F:50:13
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       019A725C59EE2C40C586BC855CEA7AAA2F35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 10:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:46 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: vD1p9ATmjoPUq7CUIgmxc7A8SuPzl6h2mNNNg7lQ1xM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:59:ee:2c:40:c5:86:bc:85:5c:ea:7a:aa:2f:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Nov 11 10:00:46 2025 GMT
            Not After : Nov 12 10:00:46 2025 GMT
        Subject: CN=cec67aac1479e43d96baa10a33431576008f5013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:0b:49:bf:ec:ee:e4:e9:75:81:e1:ec:f1:53:
                    36:41:1e:86:5a:f8:07:94:19:3f:06:ae:8f:f1:da:
                    99:93:ae:84:f5:da:1e:65:2e:d1:f5:c6:9d:36:63:
                    23:33:94:58:cc:0f:26:71:82:a7:78:33:31:8b:ac:
                    21:fc:24:86:4c:d4:93:1c:c5:5d:2f:20:e8:c0:e4:
                    5f:45:f1:af:61:fa:22:4b:db:9b:56:d0:53:29:03:
                    24:a4:03:5e:5e:2c:67:d7:55:69:11:56:ca:dc:e7:
                    78:67:bc:99:57:1f:cd:84:28:55:aa:59:ac:23:66:
                    0b:83:ad:3f:2b:05:c5:33:f5:ed:f4:40:4a:6c:2e:
                    3e:74:e1:6c:71:6b:ad:64:3f:f0:40:f0:00:62:83:
                    82:b4:c3:30:92:76:e7:fa:e1:60:3c:1c:94:cc:59:
                    22:a9:52:21:ff:ea:86:d5:46:59:cd:9f:31:58:ff:
                    74:ed:e4:19:35:72:94:79:08:d2:69:da:88:e9:05:
                    de:82:91:2e:ea:70:cb:87:44:0b:a7:1a:07:f0:c5:
                    fa:c0:38:dd:9d:31:3b:81:87:b9:ef:87:54:18:a2:
                    15:f1:6d:ed:ce:38:50:eb:45:bc:d4:19:0f:83:9a:
                    e1:1d:f6:e2:eb:56:51:90:3d:fb:0f:38:80:e8:73:
                    e0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:C6:7A:AC:14:79:E4:3D:96:BA:A1:0A:33:43:15:76:00:8F:50:13
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:4f:47:69:af:f2:15:85:0e:2e:9b:ae:9d:52:ed:da:7d:f1:
         2f:98:27:37:7d:f4:c3:3c:95:26:35:1e:2f:f4:99:4f:94:4b:
         73:8a:0f:fb:8c:0c:51:db:e3:39:9f:b8:7f:a4:fa:81:ec:89:
         07:1f:f7:87:57:f3:aa:e7:b6:c1:72:a1:17:64:70:af:5c:ba:
         f1:52:38:76:d1:4f:61:9e:00:53:db:12:b8:63:b1:71:07:da:
         90:e0:4b:f1:09:98:e9:c8:df:d9:5a:92:55:a3:0c:71:45:99:
         b8:36:53:b5:24:6e:36:63:0f:cd:55:89:d9:a4:19:6c:36:42:
         36:56:e8:b0:c1:57:71:8f:4f:52:11:cd:fd:ba:3c:58:b4:9f:
         ff:51:28:bd:71:6c:af:ca:41:cc:5f:63:4b:1b:ff:88:bd:64:
         5a:7d:6d:cf:2e:df:6d:b2:74:78:d1:d2:2b:69:00:6f:a7:9f:
         00:a2:a5:f3:9c:b3:b5:7f:3a:ee:76:f5:70:d8:30:6c:65:b3:
         36:b7:0e:04:a7:cf:6c:2c:84:3a:9c:3f:b0:56:2e:87:62:c9:
         41:28:06:39:a0:30:b3:f6:28:10:10:8b:d2:bb:06:7f:9c:97:
         ea:36:48:fb:6b:6d:e2:cf:58:87:7c:4a:f8:ba:ca:ad:73:3b:
         c4:ee:c5:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXFnuLEDFhryFXOp6qi81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUxMTExMTAwMDQ2WhcNMjUxMTEyMTAwMDQ2WjAzMTEwLwYDVQQD
EyhjZWM2N2FhYzE0NzllNDNkOTZiYWExMGEzMzQzMTU3NjAwOGY1MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wtJv+zu5Ol1geHs8VM2QR6GWvgH
lBk/Bq6P8dqZk66E9doeZS7R9cadNmMjM5RYzA8mcYKneDMxi6wh/CSGTNSTHMVd
LyDowORfRfGvYfoiS9ubVtBTKQMkpANeXixn11VpEVbK3Od4Z7yZVx/NhChVqlms
I2YLg60/KwXFM/Xt9EBKbC4+dOFscWutZD/wQPAAYoOCtMMwknbn+uFgPByUzFki
qVIh/+qG1UZZzZ8xWP907eQZNXKUeQjSadqI6QXegpEu6nDLh0QLpxoH8MX6wDjd
nTE7gYe574dUGKIV8W3tzjhQ60W81BkPg5rhHfbi61ZRkD37DziA6HPgfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7GeqwUeeQ9lrqhCjNDFXYAj1ATMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY09Haa/y
FYUOLpuunVLt2n3xL5gnN330wzyVJjUeL/SZT5RLc4oP+4wMUdvjOZ+4f6T6geyJ
Bx/3h1fzque2wXKhF2Rwr1y68VI4dtFPYZ4AU9sSuGOxcQfakOBL8QmY6cjf2VqS
VaMMcUWZuDZTtSRuNmMPzVWJ2aQZbDZCNlbosMFXcY9PUhHN/bo8WLSf/1EovXFs
r8pBzF9jSxv/iL1kWn1tzy7fbbJ0eNHSK2kAb6efAKKl85yztX867nb1cNgwbGWz
NrcOBKfPbCyEOpw/sFYuh2LJQSgGOaAws/YoEBCL0rsGf5yX6jZI+2tt4s9Yh3xK
+LrKrXM7xO7FFg==
-----END CERTIFICATE-----