Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
File:                     apc35u85FOD8zAaQI76XGYuRN5E.mft (raw, json)
Hash identifier:          u+tYcspgpRmx6zkxwHm4hTCavhJI9/TTdn4Kq8/GXco=
Subject key identifier:   9C:F5:93:71:9B:39:5B:FA:52:15:22:4E:41:42:A4:7F:E1:72:27:CC
Authority key identifier: 6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91
Certificate issuer:       /CN=6a9737e6ef3914e0fccc069023be97198b913791
Certificate serial:       0197469D93F796A3F4D31A1C9EEB7BBEE29C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 19:00:21 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:21 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:21 +0000
Files and hashes:         1: apc35u85FOD8zAaQI76XGYuRN5E.crl (hash: uvgOIDTpciinmslwrBgWyP6Sv1vVWq0sTKt9GR+HpC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:93:f7:96:a3:f4:d3:1a:1c:9e:eb:7b:be:e2:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9737e6ef3914e0fccc069023be97198b913791
        Validity
            Not Before: Jun  6 19:00:21 2025 GMT
            Not After : Jun  7 19:00:21 2025 GMT
        Subject: CN=9cf593719b395bfa5215224e4142a47fe17227cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:19:66:37:bb:c6:29:18:3c:54:35:ed:57:c7:
                    17:ca:3e:56:13:85:16:6d:7d:a4:e0:d1:8b:8b:6a:
                    80:33:7b:13:76:89:b6:bb:bf:c3:cb:14:e0:b7:1f:
                    63:e0:e2:d1:ff:19:28:56:cb:03:48:36:0c:01:c4:
                    1d:3b:84:09:4d:92:01:32:05:8f:97:8a:66:24:57:
                    93:8a:0a:ed:18:34:57:84:9a:05:1d:a8:a5:06:73:
                    60:84:3b:51:b3:16:3c:08:69:fd:84:30:5a:8e:cf:
                    14:69:c0:64:9d:d4:c4:b8:1a:31:4a:b8:2f:1a:23:
                    d3:59:86:f5:05:c2:77:4a:ed:3f:2b:2e:4f:15:51:
                    29:95:ec:28:59:1a:5e:cd:0e:d8:88:d8:2d:df:b8:
                    56:dc:b8:0f:5e:2e:e5:2b:7e:9e:00:37:08:74:34:
                    76:f7:4f:be:33:d8:a7:a9:d0:10:94:e5:78:ba:13:
                    28:5b:48:d1:c9:a7:07:89:d6:b4:27:ff:cf:3a:09:
                    90:b3:dd:d1:c4:d4:29:65:0e:ac:25:3b:b6:a4:69:
                    9b:d4:6b:1e:05:6a:57:e0:81:e7:1e:3a:e2:f5:63:
                    31:50:74:c2:98:61:d4:4f:1c:af:a0:44:f9:7e:00:
                    8c:f8:6a:9f:9f:3f:4e:01:b9:57:49:26:1b:e7:04:
                    57:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:F5:93:71:9B:39:5B:FA:52:15:22:4E:41:42:A4:7F:E1:72:27:CC
            X509v3 Authority Key Identifier:
                keyid:6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:9c:07:d2:1d:da:74:d5:12:3b:25:f0:b1:9e:45:0d:43:39:
         2d:da:0b:6e:72:ce:ad:cb:2a:72:59:43:a5:8e:64:f1:10:76:
         d2:f6:af:13:5d:d9:3b:f2:c6:1f:8a:df:26:f1:a0:71:ca:e7:
         34:d6:12:24:51:1e:bb:03:d7:dc:8d:50:28:72:9f:13:cf:f3:
         48:fe:83:3d:61:1f:72:eb:34:ef:93:6f:43:68:cc:4e:da:a3:
         fa:80:7e:ea:34:2e:24:88:4a:fd:a7:53:e5:0e:4b:5b:09:e7:
         d2:97:90:f6:0b:d6:bf:0e:81:5e:dc:0d:b3:4e:a7:e8:b4:21:
         36:8f:6b:f2:45:07:c3:56:7e:4f:c0:50:f4:82:24:06:59:4c:
         e6:c5:40:02:21:c5:7a:80:c4:5b:a1:7d:9c:9e:cc:4b:38:51:
         73:1c:a4:8e:4e:a7:7d:9d:c9:07:db:f6:75:70:50:4c:08:38:
         67:ba:37:b0:06:e3:e5:7a:7e:d3:9f:c8:df:02:29:4b:c6:bb:
         63:e2:cf:e1:4d:e2:bb:f1:a4:77:80:9f:76:86:9c:82:a4:57:
         a5:05:8a:d3:98:1f:8f:13:8f:60:0a:ae:3e:89:54:17:cc:b1:
         b2:c7:a2:a3:93:13:1b:cf:d5:08:62:8e:f2:de:0a:a1:35:fb:
         2c:ca:e4:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnZP3lqP00xocnut7vuKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOTczN2U2ZWYzOTE0ZTBmY2NjMDY5MDIzYmU5NzE5OGI5
MTM3OTEwHhcNMjUwNjA2MTkwMDIxWhcNMjUwNjA3MTkwMDIxWjAzMTEwLwYDVQQD
Eyg5Y2Y1OTM3MTliMzk1YmZhNTIxNTIyNGU0MTQyYTQ3ZmUxNzIyN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxlmN7vGKRg8VDXtV8cXyj5WE4UW
bX2k4NGLi2qAM3sTdom2u7/DyxTgtx9j4OLR/xkoVssDSDYMAcQdO4QJTZIBMgWP
l4pmJFeTigrtGDRXhJoFHailBnNghDtRsxY8CGn9hDBajs8UacBkndTEuBoxSrgv
GiPTWYb1BcJ3Su0/Ky5PFVEplewoWRpezQ7YiNgt37hW3LgPXi7lK36eADcIdDR2
90++M9inqdAQlOV4uhMoW0jRyacHida0J//POgmQs93RxNQpZQ6sJTu2pGmb1Gse
BWpX4IHnHjri9WMxUHTCmGHUTxyvoET5fgCM+Gqfnz9OAblXSSYb5wRXSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJz1k3GbOVv6UhUiTkFCpH/hcifMMB8GA1UdIwQY
MBaAFGqXN+bvORTg/MwGkCO+lxmLkTeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTIt
MDE1ZmRlNDVkMGVhLzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTItMDE1ZmRlNDVkMGVh
LzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJwH0h3a
dNUSOyXwsZ5FDUM5LdoLbnLOrcsqcllDpY5k8RB20vavE13ZO/LGH4rfJvGgccrn
NNYSJFEeuwPX3I1QKHKfE8/zSP6DPWEfcus075NvQ2jMTtqj+oB+6jQuJIhK/adT
5Q5LWwnn0peQ9gvWvw6BXtwNs06n6LQhNo9r8kUHw1Z+T8BQ9IIkBllM5sVAAiHF
eoDEW6F9nJ7MSzhRcxykjk6nfZ3JB9v2dXBQTAg4Z7o3sAbj5Xp+05/I3wIpS8a7
Y+LP4U3iu/Gkd4CfdoacgqRXpQWK05gfjxOPYAquPolUF8yxsseio5MTG8/VCGKO
8t4KoTX7LMrkGg==
-----END CERTIFICATE-----