Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
File:                     LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json)
Hash identifier:          EkIT2cJuSDXUV3NslnTiVD0DNEbneiCU0SN6b9D/dI0=
Subject key identifier:   31:4F:8F:62:AD:18:EE:18:0D:03:45:1E:B6:5D:01:A6:70:7C:F1:5F
Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63
Certificate issuer:       /CN=2d236b548ba59a2abb2582341d560ca893f49763
Certificate serial:       01976C9877F487841F1B393FCBBA9336D24A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
Manifest number:          132D
Signing time:             Sat 14 Jun 2025 04:00:20 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:20 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:20 +0000
Files and hashes:         1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: SBr1h9HhlrN5q3S0ZEdV0Tnt1IbX3pFiJYl79gnheqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:77:f4:87:84:1f:1b:39:3f:cb:ba:93:36:d2:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763
        Validity
            Not Before: Jun 14 04:00:20 2025 GMT
            Not After : Jun 15 04:00:20 2025 GMT
        Subject: CN=314f8f62ad18ee180d03451eb65d01a6707cf15f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:df:44:d8:3a:e2:32:d0:3a:94:58:7a:d1:20:
                    ad:2e:ce:6c:20:5f:7b:2d:8a:f8:07:b4:65:7a:36:
                    ea:a0:9a:7c:fe:0a:f6:20:c4:5e:28:92:01:c5:8f:
                    bf:c4:ce:f0:0b:0e:cd:1c:eb:52:7c:96:aa:5f:84:
                    1a:74:f5:05:bf:f6:d6:74:f8:b0:50:b4:ea:c6:dd:
                    f9:3a:ed:e1:8e:6c:8e:3d:98:7b:a8:4c:bb:f5:4d:
                    aa:79:bc:f2:5a:67:9e:4b:33:d8:33:31:4a:8a:d2:
                    f8:6c:9d:4f:38:7d:27:19:8a:a1:6d:35:0f:a8:cd:
                    cf:76:e5:44:f6:30:76:b9:73:72:ba:44:91:e9:d4:
                    b0:c7:f8:b6:45:be:1c:5c:d0:1d:e7:70:b0:7f:50:
                    2c:7b:2f:79:4a:27:c1:a2:dc:a0:19:56:5b:b7:a4:
                    94:05:a2:5c:27:80:8a:20:24:40:e2:1c:78:c2:60:
                    e6:69:65:52:48:ac:59:e7:68:21:a9:24:61:cc:6e:
                    2d:24:2e:41:51:c3:ab:c1:dd:b6:46:f2:60:8d:5f:
                    34:f3:bd:1f:ef:cd:58:06:1e:2f:f0:cd:e1:94:a5:
                    62:b8:18:a5:13:5b:e4:10:3b:d4:4f:38:dd:a9:7b:
                    33:df:c9:69:34:0f:51:94:e5:24:51:66:c4:b3:ef:
                    cb:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:4F:8F:62:AD:18:EE:18:0D:03:45:1E:B6:5D:01:A6:70:7C:F1:5F
            X509v3 Authority Key Identifier:
                keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:23:b6:1c:b5:b1:fa:ed:68:d6:81:39:aa:31:bd:9b:89:7c:
         55:61:53:48:9a:97:7b:03:4d:dc:f6:d3:35:34:62:41:fb:f4:
         59:bd:97:21:ba:12:47:fc:c8:49:13:d4:03:df:e0:f8:92:81:
         fc:2d:d8:85:64:cb:b1:07:07:b7:55:0a:3b:c3:c9:bd:b8:e1:
         b0:28:0e:70:6e:a5:8b:50:22:5a:41:24:c2:62:cc:a9:bc:52:
         da:0d:d8:97:e8:8a:0b:2b:0a:57:ab:58:bf:08:89:4c:16:d4:
         47:ad:52:12:7a:96:41:7b:b8:c5:30:bd:dd:fe:32:d6:09:09:
         0e:6e:83:bf:6d:af:22:be:ff:d9:0e:94:ef:28:c6:20:dc:ad:
         d9:fa:b5:58:19:a7:0d:68:35:13:76:d7:96:b3:2d:a3:d9:96:
         6e:ca:04:1a:6d:57:88:15:29:ab:a9:b6:ac:69:b0:79:44:bc:
         93:cb:f9:41:53:18:d5:97:e7:d5:b3:9a:fa:57:ea:eb:77:d9:
         be:26:f7:87:01:01:e5:5b:a6:ea:a4:1c:9b:01:72:25:0d:d5:
         fa:25:ce:ea:d4:63:1a:e1:af:b1:73:58:57:2d:96:6d:97:da:
         53:7e:33:f0:98:3f:3a:ec:d6:d9:3f:44:88:ef:6f:60:1a:db:
         e2:cd:a9:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmHf0h4QfGzk/y7qTNtJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm
NDk3NjMwHhcNMjUwNjE0MDQwMDIwWhcNMjUwNjE1MDQwMDIwWjAzMTEwLwYDVQQD
EygzMTRmOGY2MmFkMThlZTE4MGQwMzQ1MWViNjVkMDFhNjcwN2NmMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd9E2DriMtA6lFh60SCtLs5sIF97
LYr4B7RlejbqoJp8/gr2IMReKJIBxY+/xM7wCw7NHOtSfJaqX4QadPUFv/bWdPiw
ULTqxt35Ou3hjmyOPZh7qEy79U2qebzyWmeeSzPYMzFKitL4bJ1POH0nGYqhbTUP
qM3PduVE9jB2uXNyukSR6dSwx/i2Rb4cXNAd53Cwf1Asey95SifBotygGVZbt6SU
BaJcJ4CKICRA4hx4wmDmaWVSSKxZ52ghqSRhzG4tJC5BUcOrwd22RvJgjV80870f
781YBh4v8M3hlKViuBilE1vkEDvUTzjdqXsz38lpNA9RlOUkUWbEs+/LawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFPj2KtGO4YDQNFHrZdAaZwfPFfMB8GA1UdIwQY
MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt
MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi
LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSO2HLWx
+u1o1oE5qjG9m4l8VWFTSJqXewNN3PbTNTRiQfv0Wb2XIboSR/zISRPUA9/g+JKB
/C3YhWTLsQcHt1UKO8PJvbjhsCgOcG6li1AiWkEkwmLMqbxS2g3Yl+iKCysKV6tY
vwiJTBbUR61SEnqWQXu4xTC93f4y1gkJDm6Dv22vIr7/2Q6U7yjGINyt2fq1WBmn
DWg1E3bXlrMto9mWbsoEGm1XiBUpq6m2rGmweUS8k8v5QVMY1Zfn1bOa+lfq63fZ
vib3hwEB5Vum6qQcmwFyJQ3V+iXO6tRjGuGvsXNYVy2WbZfaU34z8Jg/OuzW2T9E
iO9vYBrb4s2p6A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 08:28:18 2025 by rpki-client