Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
File:                     20iBY9r1DbZG3k3yTTTLrJk_RX8.mft (raw, json)
Hash identifier:          g9rx4Snfm9Haa9ot49ekNGvkzbEyeaCuCFwzXNkdswA=
Subject key identifier:   DA:4A:32:B5:E2:05:01:AC:C3:F4:F3:D2:74:C4:57:23:F1:D5:3A:15
Authority key identifier: DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F
Certificate issuer:       /CN=db488163daf50db646de4df24d34cbac993f457f
Certificate serial:       019749D584F056138D36696475879FADE320
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 10:00:19 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:19 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:19 +0000
Files and hashes:         1: 20iBY9r1DbZG3k3yTTTLrJk_RX8.crl (hash: lZArYb879BoaicOdYceHfp7Iba/yK9msDt6qFB6Vf4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:84:f0:56:13:8d:36:69:64:75:87:9f:ad:e3:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db488163daf50db646de4df24d34cbac993f457f
        Validity
            Not Before: Jun  7 10:00:19 2025 GMT
            Not After : Jun  8 10:00:19 2025 GMT
        Subject: CN=da4a32b5e20501acc3f4f3d274c45723f1d53a15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9c:7e:45:61:41:f6:e4:0d:34:77:b7:46:b8:
                    f1:52:41:55:05:71:b9:47:ac:85:68:bd:5d:5c:fc:
                    9d:af:ea:88:a8:3a:9c:65:ed:eb:b1:b7:1f:59:80:
                    77:d1:6c:5a:1a:89:8a:3b:06:3e:58:cc:ce:a4:28:
                    a2:f6:d5:c8:68:a8:73:de:02:df:f2:fc:44:01:c6:
                    62:6d:b6:cd:ea:65:14:a3:01:8c:ec:31:ec:34:02:
                    d4:0f:3c:71:ff:61:6b:11:56:1f:45:de:4b:e2:bf:
                    ac:75:ba:fa:e9:8b:c6:fb:96:a3:b0:30:cf:59:59:
                    d6:67:c6:2d:8b:4e:62:fe:52:c5:5e:c6:59:2f:9e:
                    1f:a5:c4:1a:8b:b1:20:38:15:3f:8e:76:d3:cb:d0:
                    44:82:e0:39:cd:e2:2b:36:71:d4:91:9f:0c:9a:ea:
                    35:58:5b:ba:a1:a7:92:58:0f:81:e8:8a:27:3e:47:
                    be:5d:45:d8:75:02:e4:d8:67:8f:35:a7:bd:3d:54:
                    d6:44:c7:fd:89:2d:47:f4:fc:54:12:67:25:29:8f:
                    76:48:69:fd:20:6a:ef:a4:0f:b6:1d:2c:92:95:c1:
                    50:da:eb:ac:75:bb:82:dd:43:1a:fd:51:12:de:e1:
                    79:73:32:b7:17:ca:0b:b4:77:95:1c:80:83:cf:5c:
                    b4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4A:32:B5:E2:05:01:AC:C3:F4:F3:D2:74:C4:57:23:F1:D5:3A:15
            X509v3 Authority Key Identifier:
                keyid:DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:80:12:91:5c:3d:95:83:8e:ca:60:ac:6f:2c:8a:68:31:34:
         71:2d:78:66:53:69:af:2e:c0:8f:36:6e:f8:d9:4b:f3:40:0c:
         9c:75:fd:66:c3:a6:91:32:f1:f0:24:c3:91:06:0c:0f:6f:80:
         39:eb:ac:a6:b4:4b:7b:49:cb:18:64:d4:9b:54:32:6e:7c:0d:
         07:05:80:57:a3:2b:41:0d:72:1c:94:98:ac:68:36:e4:bb:52:
         bb:f9:17:16:95:71:a5:01:fc:ce:fb:5e:2f:f8:86:fb:82:c1:
         c9:94:27:9d:e1:60:c9:2a:0a:66:c5:6f:a1:43:dd:e8:ff:f8:
         19:33:f7:77:0f:6c:b1:1b:e5:d7:3c:14:98:82:96:36:e3:4d:
         d5:4f:14:41:0a:19:64:fd:dd:b4:35:91:72:bc:21:88:0e:fb:
         33:ea:fc:6f:39:c1:d6:d5:18:07:9c:36:ca:93:bd:a2:6f:0a:
         44:10:21:d8:e7:22:09:d6:e0:28:bd:e8:ea:ce:17:04:e9:bc:
         f0:b9:9e:df:4f:e4:c2:35:0a:04:ce:34:16:ac:14:7c:9f:9e:
         c1:ff:c2:cf:49:38:1f:9a:55:8e:07:7c:aa:4b:89:90:8d:3a:
         60:05:0f:6c:3b:2c:91:e0:16:de:6b:9c:12:be:54:40:51:d8:
         68:83:3a:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1YTwVhONNmlkdYefreMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDg4MTYzZGFmNTBkYjY0NmRlNGRmMjRkMzRjYmFjOTkz
ZjQ1N2YwHhcNMjUwNjA3MTAwMDE5WhcNMjUwNjA4MTAwMDE5WjAzMTEwLwYDVQQD
EyhkYTRhMzJiNWUyMDUwMWFjYzNmNGYzZDI3NGM0NTcyM2YxZDUzYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspx+RWFB9uQNNHe3RrjxUkFVBXG5
R6yFaL1dXPydr+qIqDqcZe3rsbcfWYB30WxaGomKOwY+WMzOpCii9tXIaKhz3gLf
8vxEAcZibbbN6mUUowGM7DHsNALUDzxx/2FrEVYfRd5L4r+sdbr66YvG+5ajsDDP
WVnWZ8Yti05i/lLFXsZZL54fpcQai7EgOBU/jnbTy9BEguA5zeIrNnHUkZ8Mmuo1
WFu6oaeSWA+B6IonPke+XUXYdQLk2GePNae9PVTWRMf9iS1H9PxUEmclKY92SGn9
IGrvpA+2HSySlcFQ2uusdbuC3UMa/VES3uF5czK3F8oLtHeVHICDz1y0LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpKMrXiBQGsw/Tz0nTEVyPx1ToVMB8GA1UdIwQY
MBaAFNtIgWPa9Q22Rt5N8k00y6yZP0V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAt
MTlkNTdmZjFmYmQ5LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAtMTlkNTdmZjFmYmQ5
LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4ASkVw9
lYOOymCsbyyKaDE0cS14ZlNpry7AjzZu+NlL80AMnHX9ZsOmkTLx8CTDkQYMD2+A
OeusprRLe0nLGGTUm1QybnwNBwWAV6MrQQ1yHJSYrGg25LtSu/kXFpVxpQH8zvte
L/iG+4LByZQnneFgySoKZsVvoUPd6P/4GTP3dw9ssRvl1zwUmIKWNuNN1U8UQQoZ
ZP3dtDWRcrwhiA77M+r8bznB1tUYB5w2ypO9om8KRBAh2OciCdbgKL3o6s4XBOm8
8Lme30/kwjUKBM40FqwUfJ+ewf/Cz0k4H5pVjgd8qkuJkI06YAUPbDsskeAW3muc
Er5UQFHYaIM6/Q==
-----END CERTIFICATE-----