Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
File:                     APfVbNN-MeClJfW7GluvX0meQG0.mft (raw, json)
Hash identifier:          nnXL46wrGOxGBmZw1cBur6Kp+NCuJj/3JlTxAXv471c=
Subject key identifier:   B9:D0:F9:BF:97:CD:A8:3D:7A:B3:97:3F:EE:D1:20:D7:39:56:19:51
Authority key identifier: 00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D
Certificate issuer:       /CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
Certificate serial:       019E303BB8A0ED4B522A883E9065793FB955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
Manifest number:          1864
Signing time:             Sat 16 May 2026 10:01:20 +0000
Manifest this update:     Sat 16 May 2026 10:01:20 +0000
Manifest next update:     Sun 17 May 2026 10:01:20 +0000
Files and hashes:         1: APfVbNN-MeClJfW7GluvX0meQG0.crl (hash: 7//ZapBwrtbJ4pqL3a9Qjk/lgHtOUIiPCSg4trxHi7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 10:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:3b:b8:a0:ed:4b:52:2a:88:3e:90:65:79:3f:b9:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
        Validity
            Not Before: May 16 10:01:20 2026 GMT
            Not After : May 17 10:01:20 2026 GMT
        Subject: CN=b9d0f9bf97cda83d7ab3973feed120d739561951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:30:be:80:37:77:64:02:01:d5:ca:9f:4b:94:
                    94:62:0d:d3:b2:30:b4:fd:98:42:a0:a8:64:1a:ce:
                    ed:eb:9d:93:96:22:20:83:f3:36:26:0b:ed:11:90:
                    50:35:6f:f3:6c:f2:fd:bd:d9:52:20:81:ee:8b:99:
                    66:a4:d8:1a:06:bf:68:c0:34:e4:e0:80:63:18:e3:
                    a3:59:27:f8:dc:72:65:5f:0f:2a:7c:64:bf:db:05:
                    32:db:99:34:76:7c:45:2e:71:8e:c1:61:57:40:a2:
                    54:a9:d5:a9:51:f0:f2:f7:1d:61:b5:36:0a:43:34:
                    e4:03:9d:2e:b3:36:a6:c0:2c:d1:89:36:a9:b7:ac:
                    6c:5a:d5:3d:7f:6d:7a:ee:35:50:31:8e:3c:f7:4b:
                    91:92:a8:3c:81:1e:32:04:da:06:57:41:4b:3c:c3:
                    e3:a4:60:4b:f3:ef:e2:37:b0:e4:2d:52:70:f5:3d:
                    04:bc:bf:92:0d:ac:50:6a:9c:a9:fd:ba:0f:e6:5d:
                    6c:31:66:f9:20:27:38:38:df:0f:f7:be:7c:1d:92:
                    98:ba:56:bc:a8:1f:55:91:6d:7a:04:7b:12:ed:e7:
                    ca:e1:cf:e0:0a:7d:29:0d:9f:3c:9f:a9:05:c0:61:
                    65:b1:96:c7:c6:65:8b:e1:4e:b3:7a:4e:9d:b4:bb:
                    7c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D0:F9:BF:97:CD:A8:3D:7A:B3:97:3F:EE:D1:20:D7:39:56:19:51
            X509v3 Authority Key Identifier:
                keyid:00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:b0:13:2f:35:f1:a7:76:0d:48:e1:1d:82:61:60:65:47:52:
         a7:60:40:b8:36:b6:13:46:7f:c5:4c:16:b5:0f:59:ab:83:3f:
         82:3f:63:02:60:52:14:20:93:f4:ae:58:7f:27:e7:2b:93:74:
         39:62:0b:30:16:ba:dc:14:9a:8c:17:c1:5b:6b:4c:df:04:a5:
         53:29:28:dd:09:12:35:19:bc:39:53:fb:99:6e:60:db:13:33:
         58:ec:87:eb:d3:ce:f6:de:f9:6a:9e:7f:a4:0a:ef:6b:31:44:
         87:bf:1f:cf:1f:17:8d:0f:e3:56:bd:bb:84:d3:f1:53:74:97:
         f7:69:0f:b5:1d:f7:1c:cc:d6:60:7b:a2:41:ef:fe:a4:24:4d:
         37:71:6b:37:b8:91:58:57:25:bc:37:6c:00:60:1d:5e:ce:61:
         3c:0c:9a:62:1e:7d:a6:d7:0e:b2:53:31:80:45:da:6f:14:9f:
         39:39:9c:23:fc:ae:f6:28:52:35:0c:e5:c0:58:3a:2d:6c:4f:
         00:31:d8:47:49:db:2b:44:91:7d:3e:ca:eb:a9:93:fc:47:b1:
         6c:f8:d9:a1:f9:29:b5:2c:74:1a:24:d9:89:21:cc:b1:b2:6e:
         7e:76:da:66:23:9a:70:55:08:16:97:9c:e3:60:8f:a8:20:96:
         14:5a:e9:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO7ig7UtSKog+kGV5P7lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjdkNTZjZDM3ZTMxZTBhNTI1ZjViYjFhNWJhZjVmNDk5
ZTQwNmQwHhcNMjYwNTE2MTAwMTIwWhcNMjYwNTE3MTAwMTIwWjAzMTEwLwYDVQQD
EyhiOWQwZjliZjk3Y2RhODNkN2FiMzk3M2ZlZWQxMjBkNzM5NTYxOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDC+gDd3ZAIB1cqfS5SUYg3TsjC0
/ZhCoKhkGs7t652TliIgg/M2JgvtEZBQNW/zbPL9vdlSIIHui5lmpNgaBr9owDTk
4IBjGOOjWSf43HJlXw8qfGS/2wUy25k0dnxFLnGOwWFXQKJUqdWpUfDy9x1htTYK
QzTkA50uszamwCzRiTapt6xsWtU9f2167jVQMY4890uRkqg8gR4yBNoGV0FLPMPj
pGBL8+/iN7DkLVJw9T0EvL+SDaxQapyp/boP5l1sMWb5ICc4ON8P9758HZKYula8
qB9VkW16BHsS7efK4c/gCn0pDZ88n6kFwGFlsZbHxmWL4U6zek6dtLt8oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnQ+b+Xzag9erOXP+7RINc5VhlRMB8GA1UdIwQY
MBaAFAD31WzTfjHgpSX1uxpbr19JnkBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMt
MTNiMjllYWUxOWIzLzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMtMTNiMjllYWUxOWIz
LzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7ATLzXx
p3YNSOEdgmFgZUdSp2BAuDa2E0Z/xUwWtQ9Zq4M/gj9jAmBSFCCT9K5YfyfnK5N0
OWILMBa63BSajBfBW2tM3wSlUyko3QkSNRm8OVP7mW5g2xMzWOyH69PO9t75ap5/
pArvazFEh78fzx8XjQ/jVr27hNPxU3SX92kPtR33HMzWYHuiQe/+pCRNN3FrN7iR
WFclvDdsAGAdXs5hPAyaYh59ptcOslMxgEXabxSfOTmcI/yu9ihSNQzlwFg6LWxP
ADHYR0nbK0SRfT7K66mT/EexbPjZofkptSx0GiTZiSHMsbJufnbaZiOacFUIFpec
42CPqCCWFFrpTg==
-----END CERTIFICATE-----