Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
File:                     APfVbNN-MeClJfW7GluvX0meQG0.mft (raw, json)
Hash identifier:          6W/nlfzeEZIXntrJewNuldn2SR4NFznoZIhUjQWkoI0=
Subject key identifier:   9D:FE:5F:C0:6D:E9:57:17:FC:24:E4:01:78:8A:2C:87:8C:F1:C7:B0
Authority key identifier: 00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D
Certificate issuer:       /CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
Certificate serial:       01964C35204745F37A6708F1A6C3D945EA12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
Manifest number:          144E
Signing time:             Sat 19 Apr 2025 04:01:12 +0000
Manifest this update:     Sat 19 Apr 2025 04:01:12 +0000
Manifest next update:     Sun 20 Apr 2025 04:01:12 +0000
Files and hashes:         1: APfVbNN-MeClJfW7GluvX0meQG0.crl (hash: RMjClb4Too5WHnLxzqtZs54hRLnc5VZQsO0/cwPuga8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:35:20:47:45:f3:7a:67:08:f1:a6:c3:d9:45:ea:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
        Validity
            Not Before: Apr 19 04:01:12 2025 GMT
            Not After : Apr 20 04:01:12 2025 GMT
        Subject: CN=9dfe5fc06de95717fc24e401788a2c878cf1c7b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f6:31:a7:22:ee:d7:b8:72:f5:71:ce:fa:37:
                    d1:85:69:0c:0f:e2:98:cf:07:c6:39:f3:6f:a7:59:
                    27:a5:de:a1:9f:dd:45:bf:45:27:58:39:d5:17:f5:
                    a6:3b:3f:92:a6:26:4d:5c:ce:4f:66:43:ef:26:22:
                    84:59:1c:0b:2a:6a:03:46:03:bf:49:6e:33:0b:d0:
                    5e:c8:ad:a8:19:fb:4a:2d:a5:bc:7b:cf:d3:e0:c3:
                    48:3d:97:4e:2f:14:aa:c0:f5:7e:4f:5a:75:ff:0c:
                    b8:61:8a:1d:d7:bf:fe:84:f3:b8:a2:49:50:90:cf:
                    3d:5c:74:46:a9:67:d4:c4:46:51:32:a4:2f:9f:5e:
                    92:8b:eb:45:f9:96:ae:a0:bc:a1:60:e4:76:cd:86:
                    9a:f0:8a:dc:4f:10:ba:30:68:9c:cc:28:eb:72:2a:
                    b5:b8:c3:c0:a2:e9:92:a0:76:a8:6a:fc:97:79:14:
                    d4:86:8f:f3:87:75:88:0f:a1:a8:f9:37:8f:69:3b:
                    e7:3e:da:89:52:3f:51:fa:64:b5:26:98:0a:9e:96:
                    06:6c:9c:01:98:d3:42:34:91:8d:ec:44:96:b2:35:
                    cb:89:f5:02:bc:b0:56:e4:13:2e:65:81:32:99:f4:
                    98:22:56:81:77:43:e6:26:56:9a:29:01:3e:b5:3f:
                    d3:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:FE:5F:C0:6D:E9:57:17:FC:24:E4:01:78:8A:2C:87:8C:F1:C7:B0
            X509v3 Authority Key Identifier:
                keyid:00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:ce:45:87:04:22:da:99:0d:1b:cb:e0:c0:5a:68:27:29:35:
         c6:f1:04:ef:bb:01:14:dc:b8:44:a0:cf:89:30:08:9a:c6:3e:
         a9:b2:9a:e0:03:84:4e:79:10:7b:93:c6:1f:d0:62:74:ed:c8:
         41:c2:1d:95:d5:1c:f5:2a:d5:91:56:dd:51:07:b9:b6:ce:f8:
         15:f8:b2:b6:1c:46:08:f1:95:ae:03:15:36:d5:7c:73:f1:1e:
         45:fb:f4:cc:25:29:76:1e:6d:9e:5c:21:2b:77:30:fd:f0:c0:
         9a:75:09:88:2b:7c:1f:9a:b1:c0:e9:d5:e3:21:17:2e:59:08:
         7b:30:e2:51:26:1e:c6:de:2d:89:0f:50:94:bd:93:8b:4b:bd:
         62:d4:64:c4:da:b8:e0:90:7e:2a:33:ce:93:a4:0d:94:e6:7b:
         5d:40:37:ca:2d:4c:ab:20:84:a2:d1:b5:76:5b:26:1e:b3:2d:
         70:44:bd:12:47:06:17:7a:d1:ab:b7:4d:02:fe:66:59:6a:ec:
         91:cb:cd:a8:4c:f2:3e:b0:bf:12:4b:83:da:16:67:24:e3:68:
         9d:3e:52:ed:df:01:c6:60:fd:e1:d7:37:23:fd:d8:87:40:f5:
         e1:dd:63:bd:a7:f9:02:da:f0:bc:40:c6:a5:5d:a4:10:67:42:
         39:20:06:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMNSBHRfN6ZwjxpsPZReoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjdkNTZjZDM3ZTMxZTBhNTI1ZjViYjFhNWJhZjVmNDk5
ZTQwNmQwHhcNMjUwNDE5MDQwMTEyWhcNMjUwNDIwMDQwMTEyWjAzMTEwLwYDVQQD
Eyg5ZGZlNWZjMDZkZTk1NzE3ZmMyNGU0MDE3ODhhMmM4NzhjZjFjN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/YxpyLu17hy9XHO+jfRhWkMD+KY
zwfGOfNvp1knpd6hn91Fv0UnWDnVF/WmOz+SpiZNXM5PZkPvJiKEWRwLKmoDRgO/
SW4zC9BeyK2oGftKLaW8e8/T4MNIPZdOLxSqwPV+T1p1/wy4YYod17/+hPO4oklQ
kM89XHRGqWfUxEZRMqQvn16Si+tF+ZauoLyhYOR2zYaa8IrcTxC6MGiczCjrciq1
uMPAoumSoHaoavyXeRTUho/zh3WID6Go+TePaTvnPtqJUj9R+mS1JpgKnpYGbJwB
mNNCNJGN7ESWsjXLifUCvLBW5BMuZYEymfSYIlaBd0PmJlaaKQE+tT/TEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3+X8Bt6VcX/CTkAXiKLIeM8cewMB8GA1UdIwQY
MBaAFAD31WzTfjHgpSX1uxpbr19JnkBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMt
MTNiMjllYWUxOWIzLzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMtMTNiMjllYWUxOWIz
LzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUs5FhwQi
2pkNG8vgwFpoJyk1xvEE77sBFNy4RKDPiTAImsY+qbKa4AOETnkQe5PGH9BidO3I
QcIdldUc9SrVkVbdUQe5ts74FfiythxGCPGVrgMVNtV8c/EeRfv0zCUpdh5tnlwh
K3cw/fDAmnUJiCt8H5qxwOnV4yEXLlkIezDiUSYext4tiQ9QlL2Ti0u9YtRkxNq4
4JB+KjPOk6QNlOZ7XUA3yi1MqyCEotG1dlsmHrMtcES9EkcGF3rRq7dNAv5mWWrs
kcvNqEzyPrC/EkuD2hZnJONonT5S7d8BxmD94dc3I/3Yh0D14d1jvaf5AtrwvEDG
pV2kEGdCOSAGRA==
-----END CERTIFICATE-----