Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
File:                     LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json)
Hash identifier:          8zqpmqVE3leTkq24v1CUAmqLcg5VRI+Y3XjB2rkS240=
Subject key identifier:   66:25:2E:F4:98:30:77:CA:3B:9A:BA:8E:DC:50:00:52:82:DD:3F:1E
Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63
Certificate issuer:       /CN=2d236b548ba59a2abb2582341d560ca893f49763
Certificate serial:       01975B3740769B86EC9F2F9562938A541F6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
Manifest number:          1324
Signing time:             Tue 10 Jun 2025 19:00:36 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:36 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:36 +0000
Files and hashes:         1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: OAiXDAhbmiT/EUKt2/mpj570DZn7qk0YpgJxy4uZE5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:40:76:9b:86:ec:9f:2f:95:62:93:8a:54:1f:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763
        Validity
            Not Before: Jun 10 19:00:36 2025 GMT
            Not After : Jun 11 19:00:36 2025 GMT
        Subject: CN=66252ef4983077ca3b9aba8edc50005282dd3f1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:92:c6:3f:3f:d5:ec:6b:6b:22:0c:3e:42:90:
                    c0:f6:ea:d8:09:ad:ef:b8:94:8e:f7:5b:1f:e3:19:
                    48:a6:82:62:0d:ed:c3:af:57:44:b5:36:14:54:de:
                    80:32:db:cc:68:fc:da:9a:f4:f7:56:33:f0:20:f1:
                    02:ce:a1:f9:13:64:75:70:36:76:e7:ba:3a:fb:c4:
                    33:ab:48:34:b0:94:02:2e:49:89:71:29:84:bf:09:
                    cf:46:af:a4:50:23:4d:75:39:83:bf:5c:9d:23:64:
                    a4:6e:77:6b:d6:2f:d5:ea:dc:79:87:74:35:65:55:
                    fb:77:ce:4b:ee:95:2a:62:c6:bd:bf:30:3f:a9:e5:
                    fb:bd:22:55:ee:de:6f:d9:54:ed:eb:6b:44:af:c7:
                    87:ac:de:26:e3:ff:36:f3:86:23:0e:46:4d:71:ae:
                    af:0e:0f:1a:54:9f:67:11:ab:e7:04:f5:4b:25:aa:
                    67:c9:98:39:9c:a3:27:51:b2:3a:eb:02:25:6c:cc:
                    a3:f5:6e:20:94:c8:0d:6e:fe:b5:72:66:e0:0b:7d:
                    7a:02:71:41:4e:56:da:67:2c:94:74:65:e1:8a:a8:
                    af:fe:b3:2d:9e:a5:9e:f7:bd:ae:a8:29:d9:e9:db:
                    a1:5f:4f:d7:0c:e7:5f:cc:bc:87:b8:7b:4e:6b:e0:
                    55:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:25:2E:F4:98:30:77:CA:3B:9A:BA:8E:DC:50:00:52:82:DD:3F:1E
            X509v3 Authority Key Identifier:
                keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:c8:7a:e0:78:e8:45:29:ae:8f:1c:38:2d:15:27:1e:33:ab:
         fd:fc:ee:28:ad:ae:33:cc:68:e5:7c:74:c0:77:b5:29:3f:13:
         b5:46:e7:35:08:ac:d1:20:cd:46:12:e2:a0:a8:73:16:bd:31:
         90:a6:eb:63:e8:a8:80:1b:5e:57:da:fc:72:97:f9:98:7e:4a:
         64:1e:83:61:49:d1:8e:b9:26:c7:8c:cb:49:19:63:f9:8c:97:
         b3:3e:ca:a4:32:bf:37:37:59:a3:7e:ac:d7:c6:14:18:3f:45:
         1e:3a:39:e7:e9:65:47:a2:0c:f1:dc:41:04:91:c9:09:a2:26:
         39:ea:c7:7a:7e:ea:86:e5:6f:17:1f:bb:48:6a:57:3e:cf:5c:
         aa:3d:fc:5b:51:8c:20:33:52:40:9e:d7:7e:69:69:de:e3:98:
         5d:01:af:e4:cd:5f:65:98:a8:f7:a1:28:d6:b0:b3:91:0b:09:
         c8:c1:61:31:59:c7:bf:c0:dc:28:25:c8:45:4b:87:9a:a2:03:
         08:89:93:ba:96:d6:e1:df:f4:ca:93:2f:f1:d2:a9:07:3f:e7:
         a2:98:f7:ca:86:1d:88:15:59:bf:f1:5c:85:ea:ca:ee:10:b8:
         c3:34:36:9f:8e:5d:ad:ee:1d:0e:68:84:e1:7b:b8:40:cb:79:
         6c:0d:4e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbN0B2m4bsny+VYpOKVB9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm
NDk3NjMwHhcNMjUwNjEwMTkwMDM2WhcNMjUwNjExMTkwMDM2WjAzMTEwLwYDVQQD
Eyg2NjI1MmVmNDk4MzA3N2NhM2I5YWJhOGVkYzUwMDA1MjgyZGQzZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpLGPz/V7GtrIgw+QpDA9urYCa3v
uJSO91sf4xlIpoJiDe3Dr1dEtTYUVN6AMtvMaPzamvT3VjPwIPECzqH5E2R1cDZ2
57o6+8Qzq0g0sJQCLkmJcSmEvwnPRq+kUCNNdTmDv1ydI2Skbndr1i/V6tx5h3Q1
ZVX7d85L7pUqYsa9vzA/qeX7vSJV7t5v2VTt62tEr8eHrN4m4/8284YjDkZNca6v
Dg8aVJ9nEavnBPVLJapnyZg5nKMnUbI66wIlbMyj9W4glMgNbv61cmbgC316AnFB
TlbaZyyUdGXhiqiv/rMtnqWe972uqCnZ6duhX0/XDOdfzLyHuHtOa+BVMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYlLvSYMHfKO5q6jtxQAFKC3T8eMB8GA1UdIwQY
MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt
MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi
LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8h64Hjo
RSmujxw4LRUnHjOr/fzuKK2uM8xo5Xx0wHe1KT8TtUbnNQis0SDNRhLioKhzFr0x
kKbrY+iogBteV9r8cpf5mH5KZB6DYUnRjrkmx4zLSRlj+YyXsz7KpDK/NzdZo36s
18YUGD9FHjo55+llR6IM8dxBBJHJCaImOerHen7qhuVvFx+7SGpXPs9cqj38W1GM
IDNSQJ7Xfmlp3uOYXQGv5M1fZZio96Eo1rCzkQsJyMFhMVnHv8DcKCXIRUuHmqID
CImTupbW4d/0ypMv8dKpBz/nopj3yoYdiBVZv/FcherK7hC4wzQ2n45dre4dDmiE
4Xu4QMt5bA1OKw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:01:42 2025 by rpki-client