Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
File:                     APfVbNN-MeClJfW7GluvX0meQG0.mft (raw, json)
Hash identifier:          vKN2c4gAxNBLXpITB2c/syIlI0/N2olh3LsyqV0IBWw=
Subject key identifier:   E0:B5:20:B8:A8:68:AF:90:7A:21:9F:28:D6:F7:83:08:1E:50:6E:62
Authority key identifier: 00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D
Certificate issuer:       /CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
Certificate serial:       019F17F9B11B309A3FC8240C7FD578716481
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
Manifest number:          18DC
Signing time:             Tue 30 Jun 2026 10:01:07 +0000
Manifest this update:     Tue 30 Jun 2026 10:01:07 +0000
Manifest next update:     Wed 01 Jul 2026 10:01:07 +0000
Files and hashes:         1: APfVbNN-MeClJfW7GluvX0meQG0.crl (hash: 8ppLkl0kTuh039adA8x4ZePV8m5egEoi4WhM1iqthLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:b1:1b:30:9a:3f:c8:24:0c:7f:d5:78:71:64:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
        Validity
            Not Before: Jun 30 10:01:07 2026 GMT
            Not After : Jul  1 10:01:07 2026 GMT
        Subject: CN=e0b520b8a868af907a219f28d6f783081e506e62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:45:30:b7:6f:e8:ff:28:eb:ea:66:00:9c:16:
                    aa:47:1c:41:49:29:bc:63:de:42:9d:42:cb:6f:53:
                    6c:27:52:db:23:4e:d5:dc:b8:fa:99:d3:c3:19:20:
                    71:93:30:f5:f6:7d:fc:3f:24:be:dc:36:b2:3f:4c:
                    c8:b4:64:3a:6a:5e:01:b5:c6:02:eb:cf:4c:d3:72:
                    72:42:04:f8:a1:bb:9c:51:33:11:1b:a8:d6:7b:35:
                    08:0b:55:e1:29:0a:d2:7f:36:2e:ef:c9:1a:0e:47:
                    eb:4a:5a:35:c8:a8:14:c4:f1:ee:73:9c:9e:3f:86:
                    c8:33:6c:cd:32:65:77:c0:fc:07:2e:f8:d8:1a:7f:
                    a6:63:59:31:b7:63:b8:f3:ec:25:e5:e6:f2:14:b6:
                    b8:c5:aa:05:83:29:6b:74:58:c3:69:ba:22:38:0f:
                    1d:9a:e4:45:f1:ea:59:04:5b:39:f2:ee:b9:b3:3b:
                    0a:a7:b9:8e:f4:ad:f2:08:fb:7c:2f:d9:2d:16:b0:
                    16:6f:d3:d5:dd:36:33:3e:0f:df:07:a1:98:96:80:
                    cc:4a:1d:4b:84:8f:60:e3:62:13:ac:39:7e:e4:67:
                    2f:ba:0c:12:1a:f3:79:d8:02:f4:4f:ce:a4:0d:d7:
                    42:f6:c1:2d:e9:8b:d7:d1:ea:99:4a:84:2d:0e:1c:
                    9b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B5:20:B8:A8:68:AF:90:7A:21:9F:28:D6:F7:83:08:1E:50:6E:62
            X509v3 Authority Key Identifier:
                keyid:00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:c9:b3:6f:ab:ab:4e:b5:32:ea:e7:4c:f1:ee:58:c2:ab:4b:
         08:a1:b6:53:19:45:92:b0:db:a0:ca:0b:3b:39:24:bc:56:87:
         02:4a:a7:4c:2c:c0:62:a3:bb:2a:c0:7f:1c:56:ae:70:6d:f7:
         f5:76:29:3e:a1:68:0d:8b:74:3a:fb:a5:d0:4c:74:16:80:af:
         8f:5d:55:67:70:3c:f5:87:ba:e1:6d:d1:6b:40:d4:2b:64:20:
         15:dd:49:d2:0b:ce:2e:14:db:b9:b3:72:45:96:ce:5d:fc:00:
         74:db:62:d6:30:54:2d:ea:a0:73:f6:4b:7e:d7:0a:f9:23:ff:
         84:ee:fc:75:4e:8e:cf:d5:33:68:a3:fe:b7:07:fc:15:51:8e:
         53:f2:8b:7e:f7:aa:6d:01:ce:3c:f8:d4:56:4f:51:79:cd:99:
         3d:34:c7:84:47:c2:27:ce:f1:27:48:25:ab:f8:6d:dd:93:51:
         1d:b5:4d:70:bd:57:4a:e1:22:7b:29:99:ff:3f:28:aa:4b:fd:
         c0:03:6a:a0:fa:ce:cb:3f:5c:3d:28:b8:56:2b:75:72:7c:59:
         ec:54:29:a9:22:ce:3e:a1:22:0f:f4:8c:07:13:03:66:11:0c:
         5a:d5:ba:5d:b8:35:3e:79:c4:88:21:2a:d4:85:35:fe:1a:a2:
         83:b6:85:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+bEbMJo/yCQMf9V4cWSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjdkNTZjZDM3ZTMxZTBhNTI1ZjViYjFhNWJhZjVmNDk5
ZTQwNmQwHhcNMjYwNjMwMTAwMTA3WhcNMjYwNzAxMTAwMTA3WjAzMTEwLwYDVQQD
EyhlMGI1MjBiOGE4NjhhZjkwN2EyMTlmMjhkNmY3ODMwODFlNTA2ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkUwt2/o/yjr6mYAnBaqRxxBSSm8
Y95CnULLb1NsJ1LbI07V3Lj6mdPDGSBxkzD19n38PyS+3DayP0zItGQ6al4BtcYC
689M03JyQgT4obucUTMRG6jWezUIC1XhKQrSfzYu78kaDkfrSlo1yKgUxPHuc5ye
P4bIM2zNMmV3wPwHLvjYGn+mY1kxt2O48+wl5ebyFLa4xaoFgylrdFjDaboiOA8d
muRF8epZBFs58u65szsKp7mO9K3yCPt8L9ktFrAWb9PV3TYzPg/fB6GYloDMSh1L
hI9g42ITrDl+5GcvugwSGvN52AL0T86kDddC9sEt6YvX0eqZSoQtDhyb8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC1ILioaK+QeiGfKNb3gwgeUG5iMB8GA1UdIwQY
MBaAFAD31WzTfjHgpSX1uxpbr19JnkBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMt
MTNiMjllYWUxOWIzLzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMtMTNiMjllYWUxOWIz
LzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAicmzb6ur
TrUy6udM8e5YwqtLCKG2UxlFkrDboMoLOzkkvFaHAkqnTCzAYqO7KsB/HFaucG33
9XYpPqFoDYt0Ovul0Ex0FoCvj11VZ3A89Ye64W3Ra0DUK2QgFd1J0gvOLhTbubNy
RZbOXfwAdNti1jBULeqgc/ZLftcK+SP/hO78dU6Oz9UzaKP+twf8FVGOU/KLfveq
bQHOPPjUVk9Rec2ZPTTHhEfCJ87xJ0glq/ht3ZNRHbVNcL1XSuEieymZ/z8oqkv9
wANqoPrOyz9cPSi4Vit1cnxZ7FQpqSLOPqEiD/SMBxMDZhEMWtW6Xbg1PnnEiCEq
1IU1/hqig7aFPg==
-----END CERTIFICATE-----