Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
File:                     r-iiApeGib2NX15X_MG_64Z8Mio.mft (raw, json)
Hash identifier:          MwEvZZOpHG98SrSLvfHRoPN477U6DOMxNgtK3y5oqUs=
Subject key identifier:   77:CE:96:30:68:66:B2:85:60:23:E8:08:8D:0B:1A:97:0A:DF:EA:DA
Authority key identifier: AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A
Certificate issuer:       /CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a
Certificate serial:       0197488CC9C9D7C5D46902EC0DF551575C62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 04:01:15 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:15 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:15 +0000
Files and hashes:         1: r-iiApeGib2NX15X_MG_64Z8Mio.crl (hash: qL8Y6bMHeDZFqCmMktL26gn3KYnoOOE5v3X65M++q/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:c9:c9:d7:c5:d4:69:02:ec:0d:f5:51:57:5c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a
        Validity
            Not Before: Jun  7 04:01:15 2025 GMT
            Not After : Jun  8 04:01:15 2025 GMT
        Subject: CN=77ce96306866b2856023e8088d0b1a970adfeada
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d1:ce:05:65:71:47:52:c3:64:b5:51:03:cf:
                    78:98:cc:ed:f2:21:5f:5e:57:75:55:ec:c5:3a:c4:
                    a9:1d:c8:13:dd:33:82:07:96:e5:59:82:cc:4c:22:
                    8b:d3:33:35:b0:8a:74:4d:e8:b2:f5:49:ea:6f:00:
                    29:92:18:1e:f0:03:08:f5:63:3e:65:8a:f7:cd:93:
                    fd:d2:1b:9f:85:ea:83:27:aa:15:19:7f:63:17:74:
                    ca:ac:ed:97:cb:16:5c:b4:2c:c7:d5:83:11:14:38:
                    fe:75:53:85:98:7c:a5:42:fe:86:1b:08:1d:37:60:
                    b1:b9:74:21:29:a2:53:65:3a:78:84:55:c0:14:64:
                    42:37:ec:89:00:a6:52:a6:3a:41:1c:93:04:96:e4:
                    ae:ff:35:92:42:3d:e7:a5:59:3b:99:a2:fc:57:22:
                    6b:d1:f2:5b:7d:a9:5b:11:52:2f:f7:63:34:5d:2e:
                    05:ef:07:e4:92:14:cc:ea:a8:62:16:71:2d:03:33:
                    3e:07:26:31:82:3e:22:53:65:3d:b1:86:93:86:8f:
                    86:10:a5:d3:77:f0:8f:56:fa:d5:d2:51:18:b4:d0:
                    d7:a1:5b:5c:91:fc:4f:a0:df:23:fe:cb:c2:ff:c5:
                    4d:89:d5:e8:21:35:5e:02:dc:5e:94:d6:3b:2a:44:
                    64:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:CE:96:30:68:66:B2:85:60:23:E8:08:8D:0B:1A:97:0A:DF:EA:DA
            X509v3 Authority Key Identifier:
                keyid:AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:83:08:d7:c6:9a:ff:dc:c6:d8:b2:6b:0e:c3:86:b9:cf:3e:
         fd:1a:57:63:29:26:0f:a0:64:e3:e3:7b:9e:51:1a:9e:61:3a:
         5e:60:ab:09:90:ec:4a:46:fe:fd:80:52:50:11:39:9a:d4:13:
         72:44:23:ee:9c:c2:eb:42:d7:e9:0e:65:03:10:62:38:05:ae:
         62:6d:91:80:52:89:25:f7:1b:32:9f:dd:5e:2f:29:1c:08:83:
         2c:12:5e:a0:d9:e9:68:60:69:55:ba:0f:78:d5:79:73:3b:16:
         d2:ea:16:87:20:fc:e9:a1:00:df:4b:61:57:fa:fd:26:40:e5:
         43:87:18:fc:bf:01:22:00:aa:5e:69:d1:c9:e4:48:23:72:df:
         b9:aa:20:d0:2b:61:04:55:0d:3a:ff:17:f1:a9:b0:0b:76:12:
         ea:24:2d:6f:9b:c2:0d:e2:aa:e6:bc:aa:0b:e1:ca:91:24:7e:
         a6:80:9d:cb:0d:ab:16:f5:54:4c:17:0a:27:dc:4e:97:40:4a:
         10:80:8b:1f:6c:14:12:b2:1f:ad:73:d6:28:41:62:d7:7f:cc:
         59:c7:c2:99:20:70:40:78:1e:35:7a:13:0c:b0:3e:46:c0:16:
         fc:22:d0:eb:c1:ec:43:c4:1d:64:b6:44:55:4e:3a:06:96:f3:
         70:6c:6d:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjMnJ18XUaQLsDfVRV1xiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZThhMjAyOTc4Njg5YmQ4ZDVmNWU1N2ZjYzFiZmViODY3
YzMyMmEwHhcNMjUwNjA3MDQwMTE1WhcNMjUwNjA4MDQwMTE1WjAzMTEwLwYDVQQD
Eyg3N2NlOTYzMDY4NjZiMjg1NjAyM2U4MDg4ZDBiMWE5NzBhZGZlYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdHOBWVxR1LDZLVRA894mMzt8iFf
Xld1VezFOsSpHcgT3TOCB5blWYLMTCKL0zM1sIp0Teiy9UnqbwApkhge8AMI9WM+
ZYr3zZP90hufheqDJ6oVGX9jF3TKrO2XyxZctCzH1YMRFDj+dVOFmHylQv6GGwgd
N2CxuXQhKaJTZTp4hFXAFGRCN+yJAKZSpjpBHJMEluSu/zWSQj3npVk7maL8VyJr
0fJbfalbEVIv92M0XS4F7wfkkhTM6qhiFnEtAzM+ByYxgj4iU2U9sYaTho+GEKXT
d/CPVvrV0lEYtNDXoVtckfxPoN8j/svC/8VNidXoITVeAtxelNY7KkRkNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfOljBoZrKFYCPoCI0LGpcK3+raMB8GA1UdIwQY
MBaAFK/oogKXhom9jV9eV/zBv+uGfDIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQt
ZDdiMDg5NDhmN2M3LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQtZDdiMDg5NDhmN2M3
LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACoMI18aa
/9zG2LJrDsOGuc8+/RpXYykmD6Bk4+N7nlEanmE6XmCrCZDsSkb+/YBSUBE5mtQT
ckQj7pzC60LX6Q5lAxBiOAWuYm2RgFKJJfcbMp/dXi8pHAiDLBJeoNnpaGBpVboP
eNV5czsW0uoWhyD86aEA30thV/r9JkDlQ4cY/L8BIgCqXmnRyeRII3Lfuaog0Cth
BFUNOv8X8amwC3YS6iQtb5vCDeKq5ryqC+HKkSR+poCdyw2rFvVUTBcKJ9xOl0BK
EICLH2wUErIfrXPWKEFi13/MWcfCmSBwQHgeNXoTDLA+RsAW/CLQ68HsQ8QdZLZE
VU46BpbzcGxtgw==
-----END CERTIFICATE-----