Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
File:                     APfVbNN-MeClJfW7GluvX0meQG0.mft (raw, json)
Hash identifier:          vCWjoQRtqYktF/L/m+0XssEOoIh3vG0YXbJGqyJqVkk=
Subject key identifier:   5A:02:33:04:44:1F:EC:74:CD:FB:62:D6:E8:30:FA:FD:ED:DC:BA:2C
Authority key identifier: 00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D
Certificate issuer:       /CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
Certificate serial:       0197B7450E6AAE334C1B77B032F173954E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
Manifest number:          150A
Signing time:             Sat 28 Jun 2025 16:00:45 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:45 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:45 +0000
Files and hashes:         1: APfVbNN-MeClJfW7GluvX0meQG0.crl (hash: 7LNFL1Hpewwfq2cyJuP2Ohpz+WdF6rlOQJsZAlUyn40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:0e:6a:ae:33:4c:1b:77:b0:32:f1:73:95:4e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f7d56cd37e31e0a525f5bb1a5baf5f499e406d
        Validity
            Not Before: Jun 28 16:00:45 2025 GMT
            Not After : Jun 29 16:00:45 2025 GMT
        Subject: CN=5a023304441fec74cdfb62d6e830fafdeddcba2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:62:c8:01:94:39:8d:79:ec:3b:3b:84:e8:07:
                    fd:86:02:33:d6:ee:88:07:34:b8:0b:9e:94:a9:d2:
                    c5:5a:d6:8d:10:61:0a:dc:56:3d:c2:db:2e:bf:bd:
                    d7:8d:da:9a:18:52:cb:a3:65:56:19:be:1f:33:73:
                    cd:da:d9:c0:db:10:47:5e:d0:aa:e3:ee:7a:7c:0a:
                    9a:3e:cc:42:6d:b7:b7:a3:f4:ff:22:50:fa:87:44:
                    bb:51:63:3a:a0:09:32:16:a9:d7:57:de:6e:07:10:
                    a8:51:e7:f4:fe:3a:75:b8:b3:49:8f:7c:a5:80:e8:
                    ad:8f:f8:20:45:d9:23:cc:39:72:44:86:ee:a5:ee:
                    a8:eb:7a:9f:89:08:9f:76:5b:75:95:7a:ef:a6:65:
                    df:62:f7:30:b8:80:4c:80:bf:83:f4:c4:6c:e9:70:
                    cb:a8:55:8c:7d:e4:20:ff:1c:fa:be:23:04:78:8b:
                    84:af:db:e2:f1:9b:aa:a1:be:c0:81:2c:a0:51:22:
                    0d:75:5e:43:18:bc:79:d1:c4:d5:0f:84:3b:40:1a:
                    5b:61:58:d7:71:11:45:30:61:01:13:c4:b0:97:f8:
                    ac:20:b4:46:47:6b:36:50:1f:41:70:09:c8:d3:5f:
                    ed:9c:d0:d7:ed:6a:08:e3:ea:65:bd:32:63:62:16:
                    cd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:02:33:04:44:1F:EC:74:CD:FB:62:D6:E8:30:FA:FD:ED:DC:BA:2C
            X509v3 Authority Key Identifier:
                keyid:00:F7:D5:6C:D3:7E:31:E0:A5:25:F5:BB:1A:5B:AF:5F:49:9E:40:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APfVbNN-MeClJfW7GluvX0meQG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8cb7ea-d75d-46f6-a5c3-13b29eae19b3/1/APfVbNN-MeClJfW7GluvX0meQG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:0f:a4:39:b5:36:d3:c7:57:55:96:8e:46:b3:e7:82:27:9e:
         b7:9b:6e:28:83:75:8a:a4:e6:55:76:87:6d:af:fc:6f:ea:4b:
         e7:2e:12:b1:bc:87:6b:19:f1:6f:12:c2:da:c6:df:8d:a9:68:
         a4:45:af:c0:97:3a:2f:49:fd:09:bd:cc:0d:e1:6e:6c:40:a8:
         6d:a8:2c:14:ba:71:2e:1a:a1:fb:05:b8:1c:58:db:e3:a1:4e:
         bb:d1:8f:90:51:5e:e4:c8:a2:5c:e2:67:88:65:cb:32:67:32:
         b9:5f:4f:36:c1:f0:b2:90:b9:00:de:6e:7e:c8:0e:fe:98:59:
         bb:c9:7b:07:b3:b2:bf:6b:44:18:47:07:9d:a8:1f:a0:c3:34:
         3e:56:08:77:42:51:7c:15:7e:dc:20:ce:76:d4:7c:ff:6f:78:
         06:0c:64:61:91:3f:11:4d:2d:d2:46:80:49:ab:78:eb:f5:f9:
         df:67:61:33:ac:25:e1:b6:a3:b8:66:02:ca:72:f0:ca:ab:cb:
         75:ad:70:9b:b5:b0:6d:c9:d9:12:6a:b4:9a:59:3c:68:0f:a7:
         d3:7c:b2:27:fc:36:0e:fb:72:05:de:4c:66:b8:6a:7f:36:4c:
         c3:c6:39:a1:b5:a9:5f:37:58:dd:c1:b4:89:74:c9:b5:84:92:
         38:31:fd:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RQ5qrjNMG3ewMvFzlU5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjdkNTZjZDM3ZTMxZTBhNTI1ZjViYjFhNWJhZjVmNDk5
ZTQwNmQwHhcNMjUwNjI4MTYwMDQ1WhcNMjUwNjI5MTYwMDQ1WjAzMTEwLwYDVQQD
Eyg1YTAyMzMwNDQ0MWZlYzc0Y2RmYjYyZDZlODMwZmFmZGVkZGNiYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52LIAZQ5jXnsOzuE6Af9hgIz1u6I
BzS4C56UqdLFWtaNEGEK3FY9wtsuv73XjdqaGFLLo2VWGb4fM3PN2tnA2xBHXtCq
4+56fAqaPsxCbbe3o/T/IlD6h0S7UWM6oAkyFqnXV95uBxCoUef0/jp1uLNJj3yl
gOitj/ggRdkjzDlyRIbupe6o63qfiQifdlt1lXrvpmXfYvcwuIBMgL+D9MRs6XDL
qFWMfeQg/xz6viMEeIuEr9vi8Zuqob7AgSygUSINdV5DGLx50cTVD4Q7QBpbYVjX
cRFFMGEBE8Swl/isILRGR2s2UB9BcAnI01/tnNDX7WoI4+plvTJjYhbNVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoCMwREH+x0zfti1ugw+v3t3LosMB8GA1UdIwQY
MBaAFAD31WzTfjHgpSX1uxpbr19JnkBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMt
MTNiMjllYWUxOWIzLzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84Y2I3ZWEtZDc1ZC00NmY2LWE1YzMtMTNiMjllYWUxOWIz
LzEvQVBmVmJOTi1NZUNsSmZXN0dsdXZYMG1lUUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhg+kObU2
08dXVZaORrPngieet5tuKIN1iqTmVXaHba/8b+pL5y4SsbyHaxnxbxLC2sbfjalo
pEWvwJc6L0n9Cb3MDeFubECobagsFLpxLhqh+wW4HFjb46FOu9GPkFFe5MiiXOJn
iGXLMmcyuV9PNsHwspC5AN5ufsgO/phZu8l7B7Oyv2tEGEcHnagfoMM0PlYId0JR
fBV+3CDOdtR8/294BgxkYZE/EU0t0kaASat46/X532dhM6wl4bajuGYCynLwyqvL
da1wm7WwbcnZEmq0mlk8aA+n03yyJ/w2DvtyBd5MZrhqfzZMw8Y5obWpXzdY3cG0
iXTJtYSSODH9vw==
-----END CERTIFICATE-----