Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
File:                     LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json)
Hash identifier:          hPRRZXYNKZIR7o2lxKhlTRxgCJtzDjmM7gpuK19o8C0=
Subject key identifier:   EE:9E:B1:33:7C:27:07:AD:00:57:84:83:C3:04:05:D3:AC:D8:9A:25
Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63
Certificate issuer:       /CN=2d236b548ba59a2abb2582341d560ca893f49763
Certificate serial:       01975F14082D400E72F432753304E45E4704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
Manifest number:          1326
Signing time:             Wed 11 Jun 2025 13:00:37 +0000
Manifest this update:     Wed 11 Jun 2025 13:00:37 +0000
Manifest next update:     Thu 12 Jun 2025 13:00:37 +0000
Files and hashes:         1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: j6ao7sajPDn+d33xl+3VrchD89zoing5KJaOrP7BKeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 13:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:14:08:2d:40:0e:72:f4:32:75:33:04:e4:5e:47:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763
        Validity
            Not Before: Jun 11 13:00:37 2025 GMT
            Not After : Jun 12 13:00:37 2025 GMT
        Subject: CN=ee9eb1337c2707ad00578483c30405d3acd89a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:bb:5e:33:28:c3:4a:16:a8:aa:1a:72:e8:07:
                    17:f7:ab:ae:c8:13:41:5c:37:36:35:35:68:88:05:
                    29:7c:af:0b:53:07:fa:8a:5d:67:5d:c7:4e:a7:d8:
                    11:f0:be:41:d4:5c:3a:d9:8a:c1:ee:6d:f0:07:32:
                    1d:97:4f:0d:f0:86:e7:1e:f0:3c:86:7e:d4:f1:a4:
                    e8:ef:52:77:14:8b:e1:fc:4f:e4:e6:95:d7:10:9f:
                    98:4a:19:db:35:9a:44:13:a2:eb:fa:28:fb:d2:97:
                    90:df:7b:87:92:a6:64:5c:4b:63:63:1a:db:00:a9:
                    89:b4:e0:84:76:5f:42:46:9b:1e:cc:cf:a4:2d:42:
                    4b:9f:13:19:8f:41:38:26:a9:27:71:39:d3:75:25:
                    3d:82:c6:95:c5:94:6f:8b:6d:e1:2e:bb:9c:10:bc:
                    ce:1e:1c:6f:cc:56:2e:c8:bc:a4:e5:f2:71:ce:6c:
                    a7:16:8f:ed:9b:0d:e6:11:5e:31:a4:ba:24:fe:db:
                    3c:4a:50:6a:bd:a8:e5:ad:d1:bc:b8:10:13:d7:cf:
                    ee:63:9d:82:9c:f3:91:c9:35:c3:0b:3f:43:29:a5:
                    42:63:e2:f0:a2:5d:03:04:53:c7:c4:61:d0:06:71:
                    e8:f6:55:08:c2:c0:c4:14:47:a4:25:4f:01:fc:45:
                    0e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:9E:B1:33:7C:27:07:AD:00:57:84:83:C3:04:05:D3:AC:D8:9A:25
            X509v3 Authority Key Identifier:
                keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:5d:39:aa:c9:d2:b5:88:36:18:b3:de:45:63:f6:dd:91:8d:
         f9:cb:38:19:5a:b3:64:80:14:47:e5:28:18:b2:43:76:a0:6f:
         6c:a3:6d:91:aa:5e:d6:80:d8:76:ec:e1:ba:77:98:48:9a:d7:
         00:b9:f3:90:3b:b6:40:94:e6:98:84:68:7d:75:24:de:b1:dd:
         a8:84:fd:04:f6:23:91:7b:6b:6c:e3:9c:60:66:44:65:8c:e6:
         18:51:09:64:94:36:2c:0a:2e:e4:75:59:96:f3:dd:2f:79:e8:
         5b:c4:36:cf:a6:98:93:17:8a:67:2c:48:de:65:d3:e3:3a:6c:
         32:e8:42:5e:2b:e6:6e:9e:7e:0e:2a:b0:5f:a1:1f:62:3c:75:
         2c:af:96:f4:29:d1:bc:2a:02:1c:b9:15:41:68:d0:e0:41:70:
         f1:e4:d4:ba:b9:25:8d:b0:40:4c:3a:78:d9:96:7f:57:37:23:
         31:db:fb:34:db:8b:f8:08:11:61:46:7b:65:1c:b6:1d:27:24:
         ac:01:73:9c:ee:1b:94:1f:3c:00:15:4d:c9:0e:60:d9:ad:da:
         9f:8e:94:4a:86:4c:0b:31:4e:8a:12:5e:b4:25:6d:7a:3f:fc:
         73:1e:9d:d8:84:d7:04:a6:0f:cd:60:c0:32:7d:c2:a6:ec:33:
         e1:f7:36:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFAgtQA5y9DJ1MwTkXkcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm
NDk3NjMwHhcNMjUwNjExMTMwMDM3WhcNMjUwNjEyMTMwMDM3WjAzMTEwLwYDVQQD
EyhlZTllYjEzMzdjMjcwN2FkMDA1Nzg0ODNjMzA0MDVkM2FjZDg5YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbteMyjDShaoqhpy6AcX96uuyBNB
XDc2NTVoiAUpfK8LUwf6il1nXcdOp9gR8L5B1Fw62YrB7m3wBzIdl08N8IbnHvA8
hn7U8aTo71J3FIvh/E/k5pXXEJ+YShnbNZpEE6Lr+ij70peQ33uHkqZkXEtjYxrb
AKmJtOCEdl9CRpsezM+kLUJLnxMZj0E4JqkncTnTdSU9gsaVxZRvi23hLrucELzO
HhxvzFYuyLyk5fJxzmynFo/tmw3mEV4xpLok/ts8SlBqvajlrdG8uBAT18/uY52C
nPORyTXDCz9DKaVCY+Lwol0DBFPHxGHQBnHo9lUIwsDEFEekJU8B/EUOMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6esTN8JwetAFeEg8MEBdOs2JolMB8GA1UdIwQY
MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt
MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi
LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZV05qsnS
tYg2GLPeRWP23ZGN+cs4GVqzZIAUR+UoGLJDdqBvbKNtkape1oDYduzhuneYSJrX
ALnzkDu2QJTmmIRofXUk3rHdqIT9BPYjkXtrbOOcYGZEZYzmGFEJZJQ2LAou5HVZ
lvPdL3noW8Q2z6aYkxeKZyxI3mXT4zpsMuhCXivmbp5+DiqwX6EfYjx1LK+W9CnR
vCoCHLkVQWjQ4EFw8eTUurkljbBATDp42ZZ/VzcjMdv7NNuL+AgRYUZ7ZRy2HSck
rAFznO4blB88ABVNyQ5g2a3an46USoZMCzFOihJetCVtej/8cx6d2ITXBKYPzWDA
Mn3Cpuwz4fc2sg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:50:35 2025 by rpki-client