Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
File:                     LDfpq5czmfAvAyfJgRoYdQDEtsk.mft (raw, json)
Hash identifier:          nySRZRJGUxgbylv2gnC5LS+/PapmSsiVpkGOm//78HY=
Subject key identifier:   1E:E9:36:B4:82:5E:C9:30:7D:AC:80:0E:FA:2A:D4:50:84:BF:C3:D2
Authority key identifier: 2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9
Certificate issuer:       /CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
Certificate serial:       019754FE678A9693DEC72887BF6C0643448F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
Manifest number:          03BA
Signing time:             Mon 09 Jun 2025 14:00:48 +0000
Manifest this update:     Mon 09 Jun 2025 14:00:48 +0000
Manifest next update:     Tue 10 Jun 2025 14:00:48 +0000
Files and hashes:         1: LDfpq5czmfAvAyfJgRoYdQDEtsk.crl (hash: mVPVXJ3fn4+53cMDxcxl+urxqmgfZrmokSjSgu1HGc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:fe:67:8a:96:93:de:c7:28:87:bf:6c:06:43:44:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
        Validity
            Not Before: Jun  9 14:00:48 2025 GMT
            Not After : Jun 10 14:00:48 2025 GMT
        Subject: CN=1ee936b4825ec9307dac800efa2ad45084bfc3d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:65:c9:3d:19:6e:66:df:cb:58:83:c8:17:95:
                    04:b9:15:4f:21:3f:2d:16:07:8b:d4:95:23:e3:b4:
                    2c:e1:44:b1:a3:62:3a:0f:c2:99:f2:8d:62:3d:a0:
                    10:80:8c:2d:06:e1:a6:35:bc:c4:bf:0b:41:ce:50:
                    6d:c7:fd:58:4b:8c:a9:55:9b:8e:57:2e:6e:ef:fc:
                    e5:00:c4:1a:06:c2:16:03:97:80:10:2c:22:15:a6:
                    1d:87:15:d5:ec:c0:c5:c2:36:97:65:15:2d:43:22:
                    97:c3:08:ec:a4:c5:59:b1:50:bb:ad:35:5a:ed:0d:
                    09:7e:24:f9:98:32:5c:60:8f:33:30:f8:79:32:de:
                    d5:3f:8a:48:0b:42:a8:9f:7f:2b:69:5f:e0:31:ab:
                    e0:20:53:cb:60:56:ff:33:79:00:02:53:63:a0:21:
                    c9:1a:56:ce:56:4b:dd:5b:7b:b8:f3:68:f9:c8:34:
                    6f:d2:e9:45:aa:ce:4e:13:76:d4:97:4b:0c:70:91:
                    b3:8e:41:7c:59:c2:9e:10:8a:5a:75:a4:0e:f3:05:
                    1c:09:bf:61:e4:7c:88:dc:78:ed:d1:8f:77:01:bb:
                    9d:5e:3c:13:97:dd:f1:21:da:00:c3:26:43:c6:30:
                    b4:9c:bd:2d:77:24:f0:d9:ff:34:db:2c:cc:10:f6:
                    af:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E9:36:B4:82:5E:C9:30:7D:AC:80:0E:FA:2A:D4:50:84:BF:C3:D2
            X509v3 Authority Key Identifier:
                keyid:2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:29:27:26:11:7a:f8:b1:bb:eb:a5:66:47:a7:db:c7:b8:ae:
         e4:79:2f:cd:91:5f:3c:96:8b:23:16:d3:e8:f8:aa:9d:0f:80:
         a6:26:3e:5a:50:52:9e:24:93:ca:bf:21:64:9c:3f:81:ce:ac:
         fc:9c:7d:4f:40:de:f1:36:3f:63:4b:9c:4e:39:d0:93:e6:b3:
         d3:16:53:fe:5a:0e:a6:c7:58:01:ec:b2:b7:fa:a1:bd:d9:61:
         75:e1:be:fc:d5:9e:b3:80:f8:10:cf:b2:5b:7c:10:9b:40:9e:
         77:20:00:10:b6:b2:58:da:ba:76:19:76:c4:52:d7:71:62:57:
         3e:44:91:60:47:93:e8:da:6c:bc:b0:29:bd:47:2a:fa:74:5a:
         f9:4d:b1:63:eb:52:e6:48:32:9c:ca:9f:fd:74:db:2f:4e:a2:
         0d:3f:26:0b:97:bc:3f:f6:19:8c:15:59:a5:b8:73:91:b6:fd:
         77:77:8e:f3:46:15:10:00:52:82:e1:0a:61:7c:9d:33:26:7c:
         e9:6c:31:ed:b2:cd:aa:20:11:8c:30:07:80:f4:e6:cb:47:f2:
         2f:ca:a6:4c:1f:b7:2e:34:0d:ce:38:14:9d:eb:8a:d0:98:9c:
         79:0c:46:53:c5:73:da:36:f2:a6:63:a3:03:b5:80:7c:c3:4e:
         f2:18:1f:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdU/meKlpPexyiHv2wGQ0SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzdlOWFiOTczMzk5ZjAyZjAzMjdjOTgxMWExODc1MDBj
NGI2YzkwHhcNMjUwNjA5MTQwMDQ4WhcNMjUwNjEwMTQwMDQ4WjAzMTEwLwYDVQQD
EygxZWU5MzZiNDgyNWVjOTMwN2RhYzgwMGVmYTJhZDQ1MDg0YmZjM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymXJPRluZt/LWIPIF5UEuRVPIT8t
FgeL1JUj47Qs4USxo2I6D8KZ8o1iPaAQgIwtBuGmNbzEvwtBzlBtx/1YS4ypVZuO
Vy5u7/zlAMQaBsIWA5eAECwiFaYdhxXV7MDFwjaXZRUtQyKXwwjspMVZsVC7rTVa
7Q0JfiT5mDJcYI8zMPh5Mt7VP4pIC0Kon38raV/gMavgIFPLYFb/M3kAAlNjoCHJ
GlbOVkvdW3u482j5yDRv0ulFqs5OE3bUl0sMcJGzjkF8WcKeEIpadaQO8wUcCb9h
5HyI3Hjt0Y93AbudXjwTl93xIdoAwyZDxjC0nL0tdyTw2f802yzMEPavkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7pNrSCXskwfayADvoq1FCEv8PSMB8GA1UdIwQY
MBaAFCw36auXM5nwLwMnyYEaGHUAxLbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEt
NTcwZGNhN2FkMTNlLzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEtNTcwZGNhN2FkMTNl
LzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPiknJhF6
+LG766VmR6fbx7iu5HkvzZFfPJaLIxbT6PiqnQ+ApiY+WlBSniSTyr8hZJw/gc6s
/Jx9T0De8TY/Y0ucTjnQk+az0xZT/loOpsdYAeyyt/qhvdlhdeG+/NWes4D4EM+y
W3wQm0CedyAAELayWNq6dhl2xFLXcWJXPkSRYEeT6NpsvLApvUcq+nRa+U2xY+tS
5kgynMqf/XTbL06iDT8mC5e8P/YZjBVZpbhzkbb9d3eO80YVEABSguEKYXydMyZ8
6Wwx7bLNqiARjDAHgPTmy0fyL8qmTB+3LjQNzjgUneuK0JiceQxGU8Vz2jbypmOj
A7WAfMNO8hgf3A==
-----END CERTIFICATE-----