Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          rx0v7EztrpG91RcwMZYl0QaoLyyeo92MwRxj4v3AheA=
Subject key identifier:   E6:63:77:B2:7B:C2:4A:1A:2F:58:22:C1:AE:F4:1D:E6:2A:5F:47:65
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       01975045FC5D3F4ED159A3FC07F829F601C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          1163
Signing time:             Sun 08 Jun 2025 16:00:53 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:53 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:53 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: /eQWLgeL2+sWZmCdIguGTnLw1BKS5IhyiNdSwaDHU14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:fc:5d:3f:4e:d1:59:a3:fc:07:f8:29:f6:01:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Jun  8 16:00:53 2025 GMT
            Not After : Jun  9 16:00:53 2025 GMT
        Subject: CN=e66377b27bc24a1a2f5822c1aef41de62a5f4765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:67:22:55:2e:db:f4:d5:bb:89:c4:5e:03:f2:
                    2e:8b:54:52:58:a9:03:37:59:77:55:65:93:8f:d9:
                    45:13:59:c2:ce:ff:8c:7f:85:8c:6e:42:56:3b:22:
                    dd:14:02:23:50:4a:76:0e:2d:75:f0:92:5f:dd:6b:
                    98:03:43:54:98:43:58:1b:a1:70:b9:ab:a1:51:61:
                    62:00:ae:3b:72:10:b9:58:c2:2e:aa:17:0b:be:6e:
                    eb:4e:f6:3d:80:80:cc:74:5e:fe:69:86:e2:12:a4:
                    2c:95:d5:f7:55:93:eb:0b:da:1e:a4:91:e2:0b:9c:
                    e2:59:75:d7:73:83:3c:3f:a2:ca:43:11:22:13:3c:
                    a7:ef:ce:45:41:ee:df:72:af:39:88:2c:2e:5f:f0:
                    2f:53:40:c0:55:c3:83:25:2a:3a:dd:5e:b2:7f:97:
                    5a:2d:34:7f:98:28:a1:4a:e7:d1:8e:b5:93:39:8b:
                    e9:40:63:dd:21:f7:d9:38:c6:5d:f2:e0:73:3a:2c:
                    f2:79:56:bd:b2:5f:77:22:d0:63:f8:44:15:81:db:
                    9a:95:87:6e:b5:9e:c0:41:4d:f9:f7:e1:7b:df:6e:
                    2d:36:30:55:0e:62:f1:19:2a:d9:1e:82:e2:7d:65:
                    e1:e5:01:24:3a:8a:ae:47:ed:01:d2:fa:f1:4a:15:
                    30:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:63:77:B2:7B:C2:4A:1A:2F:58:22:C1:AE:F4:1D:E6:2A:5F:47:65
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:bd:10:16:e5:b0:9a:92:a5:7c:df:fa:e0:90:ec:05:df:5c:
         57:a8:31:9f:86:7f:12:02:8a:00:d3:11:e3:b9:02:07:9d:0c:
         1c:6e:c0:4b:25:a8:d8:04:00:e5:60:34:62:24:ca:00:ad:89:
         3e:ed:60:12:99:aa:d7:42:a8:27:21:22:2d:c3:78:92:ac:2b:
         f1:e1:09:8b:08:04:90:55:75:34:dc:64:e7:00:59:f5:63:59:
         de:1c:97:ab:04:9c:f4:f6:ae:88:b7:27:c9:87:dd:7e:8f:40:
         8c:98:98:26:04:a1:c8:60:e7:b5:b0:7b:16:66:86:bf:b7:f4:
         ae:dc:ee:90:cc:eb:50:c5:70:8b:5d:70:14:22:54:1a:1d:82:
         9f:9b:64:0a:15:96:27:95:41:ce:67:e4:fe:31:71:d3:27:62:
         f1:ff:b0:2b:d7:4f:c0:9a:7a:3b:72:eb:e8:eb:1e:3b:0a:6c:
         5d:8d:fa:c5:30:18:a5:11:12:1d:25:c4:45:0e:c6:4c:ad:79:
         07:46:ce:4b:48:93:e7:61:d9:a2:34:28:8b:e6:29:ea:51:8a:
         a5:00:41:4e:71:f0:69:ce:bd:12:30:d3:35:b0:30:9b:c8:91:
         7f:cd:82:ae:47:f6:5d:87:79:5a:08:3a:aa:7f:d4:85:d8:d8:
         62:61:52:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRfxdP07RWaP8B/gp9gHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjUwNjA4MTYwMDUzWhcNMjUwNjA5MTYwMDUzWjAzMTEwLwYDVQQD
EyhlNjYzNzdiMjdiYzI0YTFhMmY1ODIyYzFhZWY0MWRlNjJhNWY0NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmciVS7b9NW7icReA/Iui1RSWKkD
N1l3VWWTj9lFE1nCzv+Mf4WMbkJWOyLdFAIjUEp2Di118JJf3WuYA0NUmENYG6Fw
uauhUWFiAK47chC5WMIuqhcLvm7rTvY9gIDMdF7+aYbiEqQsldX3VZPrC9oepJHi
C5ziWXXXc4M8P6LKQxEiEzyn785FQe7fcq85iCwuX/AvU0DAVcODJSo63V6yf5da
LTR/mCihSufRjrWTOYvpQGPdIffZOMZd8uBzOizyeVa9sl93ItBj+EQVgdualYdu
tZ7AQU359+F7324tNjBVDmLxGSrZHoLifWXh5QEkOoquR+0B0vrxShUwoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZjd7J7wkoaL1giwa70HeYqX0dlMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnb0QFuWw
mpKlfN/64JDsBd9cV6gxn4Z/EgKKANMR47kCB50MHG7ASyWo2AQA5WA0YiTKAK2J
Pu1gEpmq10KoJyEiLcN4kqwr8eEJiwgEkFV1NNxk5wBZ9WNZ3hyXqwSc9PauiLcn
yYfdfo9AjJiYJgShyGDntbB7FmaGv7f0rtzukMzrUMVwi11wFCJUGh2Cn5tkChWW
J5VBzmfk/jFx0ydi8f+wK9dPwJp6O3Lr6OseOwpsXY36xTAYpRESHSXERQ7GTK15
B0bOS0iT52HZojQoi+Yp6lGKpQBBTnHwac69EjDTNbAwm8iRf82Crkf2XYd5Wgg6
qn/UhdjYYmFS9g==
-----END CERTIFICATE-----