Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
File:                     APkIwDKKjpc_pArFL8M359PE_tA.mft (raw, json)
Hash identifier:          69scctD6CA7ZqthxOOvNxKjqhlcDZbY8Z+uo/AkUT9g=
Subject key identifier:   7F:E9:37:57:36:4F:79:E7:82:F2:C2:A9:7D:97:08:5B:4F:66:FE:EC
Authority key identifier: 00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0
Certificate issuer:       /CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
Certificate serial:       01975046BED4DBADDAC3FAC0CBD038594C4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 16:01:42 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:42 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:42 +0000
Files and hashes:         1: APkIwDKKjpc_pArFL8M359PE_tA.crl (hash: D7td7NUwit6xn55QM230cTnVIjlqmFWx5Bfj2+BYR70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:be:d4:db:ad:da:c3:fa:c0:cb:d0:38:59:4c:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
        Validity
            Not Before: Jun  8 16:01:42 2025 GMT
            Not After : Jun  9 16:01:42 2025 GMT
        Subject: CN=7fe93757364f79e782f2c2a97d97085b4f66feec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1c:de:59:87:4f:44:03:2b:d6:5b:56:06:93:
                    a6:7b:40:cf:3a:46:31:a2:2e:ad:45:c5:aa:07:2d:
                    01:3b:f4:03:45:77:90:30:c8:3a:b7:3a:76:22:74:
                    c3:8a:54:63:7a:7d:d8:d0:ee:e8:64:dd:b9:66:02:
                    46:85:bd:e3:b3:a4:23:98:dc:0a:b3:a7:c1:be:1d:
                    c9:11:55:f9:b2:ef:e6:07:10:31:77:a2:cb:46:24:
                    6f:0d:da:ae:11:e0:20:35:ce:5d:b0:02:ab:76:a7:
                    9d:e6:ad:f2:25:6f:83:1e:5a:f8:4e:2b:48:c0:8b:
                    cf:bb:e9:e1:f0:e1:8f:9a:7c:b3:7d:cf:00:f9:0f:
                    9d:c9:f5:a6:21:5b:19:d2:94:4c:9f:0d:10:66:17:
                    99:b4:48:69:91:05:e5:d9:33:1b:71:f5:c6:57:08:
                    a3:07:7e:2a:a1:6d:70:40:99:fe:14:91:2c:c5:69:
                    8e:ce:a8:cc:6e:88:e4:85:cc:5d:ac:43:30:ab:b8:
                    57:a5:7d:85:3a:84:28:7d:d3:62:2c:2c:42:90:bd:
                    08:18:67:f3:c3:24:b8:a8:c0:f1:e3:61:78:81:b2:
                    36:21:ee:7b:b4:48:95:e7:34:5f:7a:5b:01:fd:6a:
                    48:35:47:71:ce:a2:a7:49:39:e8:90:a4:eb:e6:e6:
                    d1:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E9:37:57:36:4F:79:E7:82:F2:C2:A9:7D:97:08:5B:4F:66:FE:EC
            X509v3 Authority Key Identifier:
                keyid:00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:b5:3a:27:4a:4e:bc:d9:ba:84:d4:2a:b8:f5:d1:67:c2:37:
         58:01:76:79:40:c7:69:a5:b8:a8:b4:de:14:8d:37:09:65:70:
         5b:4b:47:1c:60:54:88:ac:51:b7:24:29:8a:27:d2:64:01:07:
         63:85:4b:70:0c:fd:d8:59:56:d7:68:fd:a8:5a:f0:a9:19:65:
         83:b0:04:44:6e:db:cd:90:69:4e:6c:dd:f5:6b:e5:85:9c:df:
         a0:5c:91:cf:a1:42:9d:6a:78:05:3a:8b:57:dc:68:8f:34:20:
         6c:28:2b:39:4e:46:5b:28:c6:9b:26:3a:df:37:b3:99:76:91:
         f8:d7:7e:55:0d:fa:2c:9d:45:6c:b1:d8:d3:28:b7:f6:1f:f2:
         15:96:4b:df:29:3d:8d:10:35:9d:c3:47:45:34:14:84:dc:00:
         03:c3:91:0c:6f:a4:80:de:db:4e:80:6b:00:04:71:c2:8b:42:
         f6:c9:7d:5f:e9:65:9f:d4:12:7c:4c:ca:de:d5:3e:45:50:e4:
         20:5d:ab:6b:3b:c5:eb:a4:90:26:3e:5a:ca:1a:d7:58:a0:72:
         21:ed:78:ba:02:ac:dd:3d:a6:8b:76:6d:9b:f6:76:99:ad:24:
         99:65:bc:f2:76:a9:0c:a3:8c:17:43:33:bd:91:ac:89:40:08:
         e2:48:2a:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRr7U263aw/rAy9A4WUxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjkwOGMwMzI4YThlOTczZmE0MGFjNTJmYzMzN2U3ZDNj
NGZlZDAwHhcNMjUwNjA4MTYwMTQyWhcNMjUwNjA5MTYwMTQyWjAzMTEwLwYDVQQD
Eyg3ZmU5Mzc1NzM2NGY3OWU3ODJmMmMyYTk3ZDk3MDg1YjRmNjZmZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBzeWYdPRAMr1ltWBpOme0DPOkYx
oi6tRcWqBy0BO/QDRXeQMMg6tzp2InTDilRjen3Y0O7oZN25ZgJGhb3js6QjmNwK
s6fBvh3JEVX5su/mBxAxd6LLRiRvDdquEeAgNc5dsAKrdqed5q3yJW+DHlr4TitI
wIvPu+nh8OGPmnyzfc8A+Q+dyfWmIVsZ0pRMnw0QZheZtEhpkQXl2TMbcfXGVwij
B34qoW1wQJn+FJEsxWmOzqjMbojkhcxdrEMwq7hXpX2FOoQofdNiLCxCkL0IGGfz
wyS4qMDx42F4gbI2Ie57tEiV5zRfelsB/WpINUdxzqKnSTnokKTr5ubRFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/pN1c2T3nngvLCqX2XCFtPZv7sMB8GA1UdIwQY
MBaAFAD5CMAyio6XP6QKxS/DN+fTxP7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEt
N2RlY2YxZTQ3ODY1LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEtN2RlY2YxZTQ3ODY1
LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULU6J0pO
vNm6hNQquPXRZ8I3WAF2eUDHaaW4qLTeFI03CWVwW0tHHGBUiKxRtyQpiifSZAEH
Y4VLcAz92FlW12j9qFrwqRllg7AERG7bzZBpTmzd9WvlhZzfoFyRz6FCnWp4BTqL
V9xojzQgbCgrOU5GWyjGmyY63zezmXaR+Nd+VQ36LJ1FbLHY0yi39h/yFZZL3yk9
jRA1ncNHRTQUhNwAA8ORDG+kgN7bToBrAARxwotC9sl9X+lln9QSfEzK3tU+RVDk
IF2razvF66SQJj5ayhrXWKByIe14ugKs3T2mi3Ztm/Z2ma0kmWW88napDKOMF0Mz
vZGsiUAI4kgqOQ==
-----END CERTIFICATE-----