Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          UxjdMSeJHYbYSaY45NUYI11AHIydFyO4hggF23UCFy8=
Subject key identifier:   CE:DF:D7:DC:1F:D3:40:53:F3:3B:09:3A:73:68:A8:88:2C:86:2D:05
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       0197474302947130DBAD06E4D9E10E8C7977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 22:01:03 +0000
Manifest this update:     Fri 06 Jun 2025 22:01:03 +0000
Manifest next update:     Sat 07 Jun 2025 22:01:03 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: MFBoBX1Khv9p13AgnbYZrYX1PWREz3cOps+qaYUeXWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:43:02:94:71:30:db:ad:06:e4:d9:e1:0e:8c:79:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Jun  6 22:01:03 2025 GMT
            Not After : Jun  7 22:01:03 2025 GMT
        Subject: CN=cedfd7dc1fd34053f33b093a7368a8882c862d05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:aa:33:86:ff:09:ba:9e:7c:1b:fb:c9:c1:1b:
                    cd:84:a9:30:96:2f:9a:cd:8a:67:76:c9:68:7d:30:
                    96:05:dd:2f:09:d9:5e:83:b1:6c:8f:9f:3d:ce:21:
                    97:5a:04:df:37:c6:14:1e:fc:c0:55:e8:3b:db:41:
                    c4:ef:50:7c:e8:cb:d8:9a:c0:ce:f1:d8:28:50:d7:
                    56:bc:d3:39:1d:76:f8:3f:eb:f4:76:a8:38:95:27:
                    e4:ed:35:1b:03:23:34:32:47:26:92:5d:5a:5f:cd:
                    44:47:c5:a0:70:29:2e:4a:24:fb:1c:ab:7d:fa:48:
                    97:29:c3:0b:ea:c6:ab:32:b3:4d:49:61:f9:bb:ea:
                    d5:75:d2:68:e1:93:99:08:55:87:04:63:94:5d:03:
                    f5:23:92:d5:c8:c6:de:79:5a:8d:7e:ed:94:3d:e5:
                    fe:c3:0b:03:b9:f6:6e:9e:13:b1:bf:ea:8b:64:0f:
                    41:8c:3b:4d:78:09:2a:5c:79:91:3e:a6:86:cd:42:
                    7b:97:7f:ac:57:3b:55:36:a8:49:e2:62:c4:70:2c:
                    ad:e7:36:d8:48:eb:73:a8:ca:6a:c4:86:a2:c0:82:
                    e3:e7:bf:0b:2e:7a:cd:7b:c6:ce:71:20:06:14:12:
                    77:4c:8e:d7:bc:dc:19:60:7e:4a:52:20:5d:e4:c4:
                    c0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:DF:D7:DC:1F:D3:40:53:F3:3B:09:3A:73:68:A8:88:2C:86:2D:05
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:9a:37:07:21:e0:08:62:92:42:34:5c:a8:3c:09:e4:d8:53:
         ec:9b:6c:d1:00:55:94:71:ed:f6:45:e3:d9:d8:af:ca:b9:b2:
         e2:ce:95:ff:27:68:98:56:81:d3:d4:e5:f1:64:d0:c9:5c:9d:
         b2:b8:07:a2:a6:40:24:eb:72:46:00:3f:5d:42:f3:2b:df:42:
         8e:e0:04:77:4f:f4:4e:90:14:61:e2:ea:9f:aa:5b:fe:ef:ab:
         93:27:4a:97:85:98:90:b1:8b:72:ad:09:9f:dc:02:ba:98:f2:
         cf:92:8e:c5:ba:73:fa:de:ab:b6:98:ce:be:4d:73:0e:f5:a2:
         19:94:a0:e2:43:6d:4c:a6:87:51:92:58:7b:c6:da:c4:f2:6b:
         9c:7c:83:e2:0d:bc:38:aa:45:a3:17:53:f7:41:e4:ea:5e:09:
         9f:5e:19:04:ae:c6:34:72:fd:c9:18:da:8b:20:17:48:03:33:
         81:3c:31:a3:6d:34:4f:03:6f:97:51:8e:f8:61:d7:b7:11:2e:
         8c:6a:c2:ec:ce:94:ba:7d:3a:7d:b3:65:a5:70:4d:b8:03:81:
         99:16:e1:a8:41:ff:59:6d:23:82:e2:15:14:43:f5:4b:8a:7f:
         c9:ba:09:bc:a7:a0:14:27:ea:af:99:a7:79:96:ae:e3:7f:3f:
         6f:70:b6:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQwKUcTDbrQbk2eEOjHl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjUwNjA2MjIwMTAzWhcNMjUwNjA3MjIwMTAzWjAzMTEwLwYDVQQD
EyhjZWRmZDdkYzFmZDM0MDUzZjMzYjA5M2E3MzY4YTg4ODJjODYyZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6ozhv8Jup58G/vJwRvNhKkwli+a
zYpndslofTCWBd0vCdleg7Fsj589ziGXWgTfN8YUHvzAVeg720HE71B86MvYmsDO
8dgoUNdWvNM5HXb4P+v0dqg4lSfk7TUbAyM0Mkcmkl1aX81ER8WgcCkuSiT7HKt9
+kiXKcML6sarMrNNSWH5u+rVddJo4ZOZCFWHBGOUXQP1I5LVyMbeeVqNfu2UPeX+
wwsDufZunhOxv+qLZA9BjDtNeAkqXHmRPqaGzUJ7l3+sVztVNqhJ4mLEcCyt5zbY
SOtzqMpqxIaiwILj578LLnrNe8bOcSAGFBJ3TI7XvNwZYH5KUiBd5MTAHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7f19wf00BT8zsJOnNoqIgshi0FMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5o3ByHg
CGKSQjRcqDwJ5NhT7Jts0QBVlHHt9kXj2divyrmy4s6V/ydomFaB09Tl8WTQyVyd
srgHoqZAJOtyRgA/XULzK99CjuAEd0/0TpAUYeLqn6pb/u+rkydKl4WYkLGLcq0J
n9wCupjyz5KOxbpz+t6rtpjOvk1zDvWiGZSg4kNtTKaHUZJYe8baxPJrnHyD4g28
OKpFoxdT90Hk6l4Jn14ZBK7GNHL9yRjaiyAXSAMzgTwxo200TwNvl1GO+GHXtxEu
jGrC7M6Uun06fbNlpXBNuAOBmRbhqEH/WW0jguIVFEP1S4p/yboJvKegFCfqr5mn
eZau438/b3C2XQ==
-----END CERTIFICATE-----