Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
File:                     APfVbNN-MeClJfW7GluvX0meQG0.mft (raw, json)
Hash identifier:          iqtNDb2wgGMM4OUyVy8Sj7Yaa7BQdLxxM1Vob310gy4=
Subject key identifier:   D5:CB:A2:FF:06:04:0F:78:D8:55:50:3F:15:B5:06:61:F0:E1:F9:DD
Authority key identifier: 00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D
Certificate issuer:       /CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
Certificate serial:       01992255C8C060D92DAF20154C8DB120B268
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
Manifest number:          15C6
Signing time:             Sun 07 Sep 2025 04:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:11 +0000
Files and hashes:         1: APfVbNN-MeClJfW7GluvX0meQG0.crl (hash: riZuWIEliDVdjFKd349cYGp/G1WECCunpvapSHSaowY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:c8:c0:60:d9:2d:af:20:15:4c:8d:b1:20:b2:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
        Validity
            Not Before: Sep  7 04:01:11 2025 GMT
            Not After : Sep  8 04:01:11 2025 GMT
        Subject: CN=d5cba2ff06040f78d855503f15b50661f0e1f9dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ef:d4:e0:30:1f:b5:b4:e8:c9:4d:ea:96:6d:
                    ca:15:56:5d:58:97:04:17:db:20:55:bb:ae:63:f1:
                    d2:97:61:17:e1:4a:ed:97:0d:c3:66:c9:98:ca:a0:
                    6f:6a:97:ff:28:63:ca:f7:a4:dd:29:66:9c:97:3b:
                    7d:f6:60:15:86:a3:a2:3b:ec:16:cd:1b:68:df:21:
                    7a:0c:2e:b0:4f:c4:3c:b1:df:cc:52:9e:0d:3b:f1:
                    ee:35:b5:1e:9f:99:65:cb:7e:e7:1a:4d:3a:ae:93:
                    b8:01:6d:a3:2e:39:75:21:7e:2d:f0:8b:c8:52:a1:
                    12:a9:77:e7:54:b2:e9:2b:4e:b5:7b:51:54:75:42:
                    60:0f:4a:2d:ef:5a:6f:a9:16:3c:c9:ff:61:23:67:
                    5f:62:84:98:01:12:02:e7:2f:ac:ac:18:07:68:9b:
                    9a:7a:34:ac:91:54:57:df:c7:9b:22:0c:88:b6:03:
                    48:69:de:8b:17:04:7c:0d:c4:3b:9d:f5:e6:10:70:
                    80:4e:92:cf:08:e2:03:9f:35:bc:d9:08:9b:83:c3:
                    c4:43:34:3c:a2:83:d5:f5:75:7f:0a:e2:58:31:c1:
                    9a:af:e0:7f:f8:5f:3e:11:fe:29:5a:db:8f:a1:67:
                    92:54:9c:a0:19:11:26:61:9c:e0:5b:23:8f:01:81:
                    77:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:CB:A2:FF:06:04:0F:78:D8:55:50:3F:15:B5:06:61:F0:E1:F9:DD
            X509v3 Authority Key Identifier:
                keyid:00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:71:80:3e:ac:24:10:3d:4e:90:5f:c8:5b:f0:59:27:b5:1f:
         57:43:7b:8e:8a:47:48:53:6a:11:32:6b:91:9f:59:75:c8:38:
         3e:d5:c1:3b:13:7a:e3:d9:de:7e:75:a8:3a:df:8d:9d:25:22:
         bc:4e:2b:60:b1:cc:78:3f:88:47:23:f5:44:2e:3c:9c:11:c3:
         59:cb:5d:cc:73:ae:36:99:88:f0:de:2e:cd:7b:16:25:7e:b2:
         de:56:a7:db:aa:5e:f3:02:6b:4e:d0:9d:8f:a7:10:86:60:08:
         3b:35:e8:75:4f:51:2f:17:56:d3:c7:67:ef:e7:93:50:dc:f6:
         42:a8:8a:31:0f:2f:5a:d4:96:3b:14:39:57:e7:01:fb:7b:94:
         7b:d3:53:03:72:91:98:13:8c:b7:3c:72:e3:22:fa:14:3b:ee:
         95:81:1c:08:bc:1d:b2:d5:0f:89:c3:b4:30:7a:f4:76:97:dd:
         4e:bc:db:26:f0:03:35:c6:d8:86:5e:6f:a4:85:ae:25:bd:71:
         85:97:f4:5c:57:32:3a:59:36:b8:21:8c:2c:ed:f2:57:4b:a1:
         9d:c0:68:a3:aa:4d:94:d2:56:b1:3c:66:d8:2d:9e:74:bf:23:
         15:11:d7:3a:25:0e:ca:98:ae:54:9e:f4:4d:30:a6:9a:59:0c:
         a1:c3:0f:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVcjAYNktryAVTI2xILJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjdkNTZjZDM3ZTMxZTBhNTI1ZjViYjFhNWJhZjVmNDk5
ZTQwNmQwHhcNMjUwOTA3MDQwMTExWhcNMjUwOTA4MDQwMTExWjAzMTEwLwYDVQQD
EyhkNWNiYTJmZjA2MDQwZjc4ZDg1NTUwM2YxNWI1MDY2MWYwZTFmOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+/U4DAftbToyU3qlm3KFVZdWJcE
F9sgVbuuY/HSl2EX4Urtlw3DZsmYyqBvapf/KGPK96TdKWaclzt99mAVhqOiO+wW
zRto3yF6DC6wT8Q8sd/MUp4NO/HuNbUen5lly37nGk06rpO4AW2jLjl1IX4t8IvI
UqESqXfnVLLpK061e1FUdUJgD0ot71pvqRY8yf9hI2dfYoSYARIC5y+srBgHaJua
ejSskVRX38ebIgyItgNIad6LFwR8DcQ7nfXmEHCATpLPCOIDnzW82Qibg8PEQzQ8
ooPV9XV/CuJYMcGar+B/+F8+Ef4pWtuPoWeSVJygGREmYZzgWyOPAYF3GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXLov8GBA942FVQPxW1BmHw4fndMB8GA1UdIwQY
MBaAFAD31WzTfjHgpSX1uxpbr19JnkBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMt
MTNiMjllYWUxOWIzLzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMtMTNiMjllYWUxOWIz
LzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoXGAPqwk
ED1OkF/IW/BZJ7UfV0N7jopHSFNqETJrkZ9Zdcg4PtXBOxN649nefnWoOt+NnSUi
vE4rYLHMeD+IRyP1RC48nBHDWctdzHOuNpmI8N4uzXsWJX6y3lan26pe8wJrTtCd
j6cQhmAIOzXodU9RLxdW08dn7+eTUNz2QqiKMQ8vWtSWOxQ5V+cB+3uUe9NTA3KR
mBOMtzxy4yL6FDvulYEcCLwdstUPicO0MHr0dpfdTrzbJvADNcbYhl5vpIWuJb1x
hZf0XFcyOlk2uCGMLO3yV0uhncBoo6pNlNJWsTxm2C2edL8jFRHXOiUOypiuVJ70
TTCmmlkMocMPzw==
-----END CERTIFICATE-----