Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          6yrRWhDJf7WX5ECZQcZAa3Ly4SpP6Z0RvtsUllPdtUM=
Subject key identifier:   78:66:17:3B:46:D5:5B:B1:D3:EC:A6:F9:71:FE:07:D8:64:F9:19:90
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       0197469EC507C6D4813759CC315EDF332FD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          1578
Signing time:             Fri 06 Jun 2025 19:01:39 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:39 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:39 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: BrRd/9V2t3Gbx3xdbNn29A1n5jEhyXGtDz/+AQMmhps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:c5:07:c6:d4:81:37:59:cc:31:5e:df:33:2f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Jun  6 19:01:39 2025 GMT
            Not After : Jun  7 19:01:39 2025 GMT
        Subject: CN=7866173b46d55bb1d3eca6f971fe07d864f91990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fc:61:ad:25:ac:d4:e4:7b:92:39:f0:0b:5d:
                    2b:86:02:82:a6:14:ae:79:2f:e6:e9:1e:f4:eb:9f:
                    c1:1b:ff:5d:58:cc:02:69:ac:06:4a:82:3b:eb:e7:
                    17:94:17:0a:d0:87:c2:0f:a2:44:c7:44:36:03:bd:
                    00:0a:a6:f4:8f:e0:10:36:51:66:04:13:e6:d8:89:
                    84:fd:6e:32:09:4b:42:12:65:c6:90:a1:e2:58:5a:
                    7a:7f:55:96:e1:22:dd:1c:3c:68:4e:f5:77:62:99:
                    b9:d6:29:10:26:00:80:39:51:28:eb:e9:25:79:1b:
                    33:78:46:c0:a0:51:57:bf:5c:e9:d8:72:63:f0:91:
                    d9:eb:e0:a2:1e:fb:76:0e:1f:10:a1:19:98:69:fd:
                    ea:ec:db:95:51:bd:a0:44:fc:6d:13:5b:3b:b4:f6:
                    97:88:23:1a:15:97:3c:01:01:1c:f1:a1:4a:66:a3:
                    a4:3a:fe:50:b7:88:20:e5:b7:d0:64:97:db:91:66:
                    fd:62:3b:f6:12:5b:71:5f:da:26:f2:d2:40:6f:ac:
                    4d:3d:8c:28:5e:c5:09:54:d4:6e:7f:24:2d:8b:aa:
                    cd:65:97:79:95:ab:5e:0e:58:f6:8f:80:d5:65:71:
                    17:b1:2b:68:40:c0:c3:35:ae:af:56:02:0e:30:ad:
                    b6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:66:17:3B:46:D5:5B:B1:D3:EC:A6:F9:71:FE:07:D8:64:F9:19:90
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:a3:2c:a6:c6:0e:d2:c0:94:8c:f9:56:62:40:05:d5:12:6b:
         23:26:44:32:40:c7:5a:84:fa:06:dd:66:c5:4b:e4:ca:62:ac:
         55:50:1a:9e:d5:54:7d:79:47:d4:80:47:01:1e:08:da:b7:2b:
         6f:a5:f3:df:d4:89:84:5f:aa:be:6e:bb:3b:24:05:ad:ce:3f:
         bb:2b:a6:df:82:d3:09:47:8e:2b:b3:78:0a:fa:db:1a:09:e5:
         e0:57:d1:9e:b5:dc:fd:e1:b8:e4:c6:56:fb:fa:3c:6a:be:f4:
         e7:38:bb:91:8a:bd:87:d0:98:c5:78:a0:8a:5e:70:ad:2a:3b:
         d2:c5:14:70:df:89:f3:b5:b6:19:e3:d2:63:72:06:29:a7:bb:
         0a:0e:c6:92:53:e1:65:6e:43:7c:47:65:ae:db:01:9c:23:c7:
         8a:07:ce:33:33:ea:51:3d:62:13:6c:3b:23:de:38:86:9e:13:
         a0:a3:7d:89:25:59:bb:be:35:8e:e4:ce:b8:db:53:81:75:cc:
         52:c2:f0:5b:ed:c6:7e:f2:87:6f:6b:6f:c8:1e:c4:17:ff:b3:
         65:5c:6a:78:6b:5a:8f:97:e8:6d:98:55:ff:c6:3e:db:26:80:
         6a:ce:52:8e:e1:b7:f5:41:50:99:cd:c5:0f:4f:1e:3e:58:6b:
         f4:a1:b9:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnsUHxtSBN1nMMV7fMy/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjUwNjA2MTkwMTM5WhcNMjUwNjA3MTkwMTM5WjAzMTEwLwYDVQQD
Eyg3ODY2MTczYjQ2ZDU1YmIxZDNlY2E2Zjk3MWZlMDdkODY0ZjkxOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfxhrSWs1OR7kjnwC10rhgKCphSu
eS/m6R7065/BG/9dWMwCaawGSoI76+cXlBcK0IfCD6JEx0Q2A70ACqb0j+AQNlFm
BBPm2ImE/W4yCUtCEmXGkKHiWFp6f1WW4SLdHDxoTvV3Ypm51ikQJgCAOVEo6+kl
eRszeEbAoFFXv1zp2HJj8JHZ6+CiHvt2Dh8QoRmYaf3q7NuVUb2gRPxtE1s7tPaX
iCMaFZc8AQEc8aFKZqOkOv5Qt4gg5bfQZJfbkWb9Yjv2EltxX9om8tJAb6xNPYwo
XsUJVNRufyQti6rNZZd5lateDlj2j4DVZXEXsStoQMDDNa6vVgIOMK22ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhmFztG1Vux0+ym+XH+B9hk+RmQMB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKMspsYO
0sCUjPlWYkAF1RJrIyZEMkDHWoT6Bt1mxUvkymKsVVAantVUfXlH1IBHAR4I2rcr
b6Xz39SJhF+qvm67OyQFrc4/uyum34LTCUeOK7N4CvrbGgnl4FfRnrXc/eG45MZW
+/o8ar705zi7kYq9h9CYxXigil5wrSo70sUUcN+J87W2GePSY3IGKae7Cg7GklPh
ZW5DfEdlrtsBnCPHigfOMzPqUT1iE2w7I944hp4ToKN9iSVZu741juTOuNtTgXXM
UsLwW+3GfvKHb2tvyB7EF/+zZVxqeGtaj5fobZhV/8Y+2yaAas5SjuG39UFQmc3F
D08ePlhr9KG5Qg==
-----END CERTIFICATE-----