Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
File:                     LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json)
Hash identifier:          XVyM4nArl85cE3S0K/9Jkw+MMpx2n8mzW2lElOautZw=
Subject key identifier:   72:DF:0B:55:DF:5B:0A:46:12:AC:B3:5B:7F:1B:BB:A6:8C:65:F2:C8
Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63
Certificate issuer:       /CN=2d236b548ba59a2abb2582341d560ca893f49763
Certificate serial:       0197556C0076611A8A498EB2273D8051F388
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
Manifest number:          1321
Signing time:             Mon 09 Jun 2025 16:00:30 +0000
Manifest this update:     Mon 09 Jun 2025 16:00:30 +0000
Manifest next update:     Tue 10 Jun 2025 16:00:30 +0000
Files and hashes:         1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: u8Pyuq0ZyJD9gOzA8NmVfqiEWhY5zxYh3KMCTKXjyN8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:6c:00:76:61:1a:8a:49:8e:b2:27:3d:80:51:f3:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763
        Validity
            Not Before: Jun  9 16:00:30 2025 GMT
            Not After : Jun 10 16:00:30 2025 GMT
        Subject: CN=72df0b55df5b0a4612acb35b7f1bbba68c65f2c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:64:6d:79:9e:45:04:c6:12:ea:56:c3:7b:ba:
                    77:2c:e4:b3:b0:b2:e4:7f:23:6e:ba:6c:b4:fc:df:
                    c9:25:85:eb:64:2b:bb:4a:da:3c:a5:a4:b5:cc:80:
                    17:c8:90:32:c1:29:ad:9f:54:02:67:6b:88:d8:de:
                    01:54:88:2f:2f:12:7e:3e:77:96:2e:bb:c5:30:06:
                    41:ba:74:46:89:d1:92:19:73:ee:7b:a8:e2:80:5b:
                    35:f7:f8:be:a2:43:4f:e4:4e:cb:ff:27:ae:97:ca:
                    41:23:51:d6:77:72:e4:3d:74:da:a1:40:38:4b:c9:
                    9c:7f:59:f6:d0:98:83:9f:42:c0:bc:ed:40:1b:3c:
                    eb:ed:99:97:c0:9c:da:bf:43:87:f8:2b:b5:d0:df:
                    f2:5b:94:79:9d:c7:8b:91:b4:f4:4f:c2:ce:e1:b4:
                    da:d2:5e:42:79:19:14:70:5d:d2:8d:f9:5e:e5:4e:
                    03:2c:b5:79:74:04:ad:6c:ac:18:c1:25:28:5e:f7:
                    bd:d5:1a:d7:89:7d:89:89:ff:cd:5b:e0:f0:23:96:
                    01:65:3e:03:cc:06:81:35:b9:e2:9b:35:e4:a0:c2:
                    4b:0e:1f:a6:2d:1c:f0:13:5c:e6:af:a8:b9:ae:0a:
                    cf:c7:2f:d0:d2:e2:ad:61:19:f1:3e:ab:a3:c4:ab:
                    5a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:DF:0B:55:DF:5B:0A:46:12:AC:B3:5B:7F:1B:BB:A6:8C:65:F2:C8
            X509v3 Authority Key Identifier:
                keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:e5:15:06:fc:ea:dc:ca:98:a0:8d:6b:25:0f:d3:7c:89:dd:
         ac:08:e5:50:e3:22:76:fc:c1:43:bd:c1:2c:8b:a9:62:e1:0e:
         4e:56:8d:1f:d3:56:35:72:8e:ce:2b:80:95:bd:98:ba:79:3a:
         7d:e2:53:45:0e:0f:3b:4e:5c:45:af:e8:d4:e1:14:c7:c6:81:
         91:85:0a:4c:35:e6:3f:50:c7:40:9e:a8:65:5c:b6:c4:91:09:
         b1:5e:22:32:dd:1a:2a:11:8e:94:cf:0e:78:8f:19:ce:dc:76:
         e8:e9:70:8e:03:65:25:bf:c0:6b:c3:06:b9:2b:03:82:8b:ab:
         32:11:74:a2:80:06:9c:ef:10:4d:83:ae:1b:d0:01:7b:51:b1:
         5b:53:01:9a:8e:49:ac:49:89:3b:50:fb:2f:2e:24:9b:f3:17:
         42:30:eb:f2:db:f7:46:a7:88:2a:7b:80:49:48:17:26:34:6b:
         48:3d:97:30:30:5e:b5:df:22:9c:d3:d4:97:91:80:90:ec:c2:
         0a:2f:83:20:9c:ff:95:44:de:ee:58:a3:3c:fe:8c:86:85:37:
         86:26:14:f5:20:43:78:99:93:99:c5:3b:ce:35:cf:d8:d1:b6:
         7a:e0:38:ad:59:19:fa:d6:01:75:b0:63:7c:a5:22:79:6b:86:
         66:1a:2b:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVbAB2YRqKSY6yJz2AUfOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm
NDk3NjMwHhcNMjUwNjA5MTYwMDMwWhcNMjUwNjEwMTYwMDMwWjAzMTEwLwYDVQQD
Eyg3MmRmMGI1NWRmNWIwYTQ2MTJhY2IzNWI3ZjFiYmJhNjhjNjVmMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WRteZ5FBMYS6lbDe7p3LOSzsLLk
fyNuumy0/N/JJYXrZCu7Sto8paS1zIAXyJAywSmtn1QCZ2uI2N4BVIgvLxJ+PneW
LrvFMAZBunRGidGSGXPue6jigFs19/i+okNP5E7L/yeul8pBI1HWd3LkPXTaoUA4
S8mcf1n20JiDn0LAvO1AGzzr7ZmXwJzav0OH+Cu10N/yW5R5nceLkbT0T8LO4bTa
0l5CeRkUcF3Sjfle5U4DLLV5dAStbKwYwSUoXve91RrXiX2Jif/NW+DwI5YBZT4D
zAaBNbnimzXkoMJLDh+mLRzwE1zmr6i5rgrPxy/Q0uKtYRnxPqujxKtaxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLfC1XfWwpGEqyzW38bu6aMZfLIMB8GA1UdIwQY
MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt
MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi
LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeUVBvzq
3MqYoI1rJQ/TfIndrAjlUOMidvzBQ73BLIupYuEOTlaNH9NWNXKOziuAlb2Yunk6
feJTRQ4PO05cRa/o1OEUx8aBkYUKTDXmP1DHQJ6oZVy2xJEJsV4iMt0aKhGOlM8O
eI8Zztx26OlwjgNlJb/Aa8MGuSsDgourMhF0ooAGnO8QTYOuG9ABe1GxW1MBmo5J
rEmJO1D7Ly4km/MXQjDr8tv3RqeIKnuASUgXJjRrSD2XMDBetd8inNPUl5GAkOzC
Ci+DIJz/lUTe7lijPP6MhoU3hiYU9SBDeJmTmcU7zjXP2NG2euA4rVkZ+tYBdbBj
fKUieWuGZhorsg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:23:00 2025 by rpki-client