Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
File:                     LDfpq5czmfAvAyfJgRoYdQDEtsk.mft (raw, json)
Hash identifier:          GLWkhRNaNer6RCryZcfLmGEa9iwxtK2pGnnPP5ygaEY=
Subject key identifier:   55:DB:06:C3:4C:D8:26:E1:D7:3E:E4:62:E8:EA:E6:08:44:EC:ED:B0
Authority key identifier: 2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9
Certificate issuer:       /CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
Certificate serial:       01976A3CD3783D02C7F16B503C8FF3F3F302
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
Manifest number:          03C5
Signing time:             Fri 13 Jun 2025 17:01:00 +0000
Manifest this update:     Fri 13 Jun 2025 17:01:00 +0000
Manifest next update:     Sat 14 Jun 2025 17:01:00 +0000
Files and hashes:         1: LDfpq5czmfAvAyfJgRoYdQDEtsk.crl (hash: M/del+hxXmGdsJobFTdWXr85P7Z30DfLqqJdlKyTJk8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:3c:d3:78:3d:02:c7:f1:6b:50:3c:8f:f3:f3:f3:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
        Validity
            Not Before: Jun 13 17:01:00 2025 GMT
            Not After : Jun 14 17:01:00 2025 GMT
        Subject: CN=55db06c34cd826e1d73ee462e8eae60844ecedb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:02:39:2c:b3:98:3b:38:b7:08:45:41:68:c2:
                    90:65:1a:2d:a3:d0:51:ff:64:c7:24:d6:06:06:ff:
                    f2:1c:8d:c4:6b:22:bf:7a:db:81:f9:41:5f:ae:b5:
                    a0:ec:8d:43:41:2b:21:a0:2d:9e:7e:b1:91:67:0b:
                    76:bc:9d:d0:84:11:b6:16:80:4b:5a:ce:d8:e9:89:
                    14:3f:d2:96:29:3b:45:5c:91:dd:b8:08:cb:c3:2c:
                    70:22:16:54:0c:5f:21:5e:34:6c:66:ae:09:e7:05:
                    9f:7b:52:15:d9:dd:48:eb:4b:0d:f4:de:0b:80:2a:
                    29:9f:5a:86:af:8b:c5:68:a1:a0:cf:e2:cd:65:25:
                    4f:95:03:d5:55:bc:ef:5e:3d:d6:17:85:0d:d1:35:
                    ec:4d:64:ba:4b:7e:67:8a:23:aa:35:4c:9f:5a:9f:
                    f4:47:e0:86:37:3b:05:06:ee:97:bb:7d:06:77:42:
                    fe:ce:00:47:d7:0a:65:a7:8e:03:7d:d2:6b:cf:7a:
                    32:d7:1a:03:b8:ed:f4:5c:44:f2:2b:83:6c:a6:b8:
                    ab:15:bd:81:7b:25:a8:0d:38:19:84:42:97:80:15:
                    07:2f:51:e7:1f:46:54:7c:4a:d7:7a:6f:21:da:0d:
                    87:14:eb:f4:0f:8f:b7:58:2e:23:8b:f8:00:fc:e2:
                    89:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:DB:06:C3:4C:D8:26:E1:D7:3E:E4:62:E8:EA:E6:08:44:EC:ED:B0
            X509v3 Authority Key Identifier:
                keyid:2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:03:81:a3:69:8e:85:f8:6f:1a:2c:b8:1a:bd:b0:16:b9:93:
         4b:dd:41:b6:ed:bb:08:65:0e:80:dc:5d:c5:74:86:cd:79:45:
         60:07:10:f3:9f:27:2e:c0:17:85:94:ed:6a:05:ab:3a:bb:ba:
         82:1a:63:f4:32:de:7b:f9:19:5d:62:37:07:eb:26:67:42:37:
         29:8a:a2:ec:54:33:03:a3:e5:15:ae:d0:2a:a5:54:78:ac:58:
         59:92:08:91:38:d8:11:72:db:df:ea:39:a5:4f:5a:c2:bf:a2:
         6e:ab:6d:95:64:90:5a:6d:01:09:2f:94:c6:a3:35:f4:b1:e4:
         73:79:5b:b9:cc:e9:dc:1a:cb:55:6e:49:80:c9:f3:53:a5:b5:
         d6:12:d4:00:c1:5c:77:69:9e:bb:ae:fd:a2:de:e2:31:49:c9:
         a5:58:95:95:4b:10:dc:e3:be:bc:93:08:2b:87:ed:95:2d:49:
         9c:81:f8:35:ac:2a:48:a6:92:22:f9:ea:61:9f:20:24:3a:0f:
         96:d2:63:88:b9:02:80:10:6b:d6:eb:f1:6c:07:4f:06:f2:24:
         be:53:5c:77:44:56:6a:1d:b0:4a:dd:ee:a9:ab:a2:70:94:56:
         b3:43:56:ad:65:e8:8c:84:29:6a:c4:96:5e:69:bc:d5:82:d5:
         3c:a8:f5:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqPNN4PQLH8WtQPI/z8/MCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzdlOWFiOTczMzk5ZjAyZjAzMjdjOTgxMWExODc1MDBj
NGI2YzkwHhcNMjUwNjEzMTcwMTAwWhcNMjUwNjE0MTcwMTAwWjAzMTEwLwYDVQQD
Eyg1NWRiMDZjMzRjZDgyNmUxZDczZWU0NjJlOGVhZTYwODQ0ZWNlZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QI5LLOYOzi3CEVBaMKQZRoto9BR
/2THJNYGBv/yHI3EayK/etuB+UFfrrWg7I1DQSshoC2efrGRZwt2vJ3QhBG2FoBL
Ws7Y6YkUP9KWKTtFXJHduAjLwyxwIhZUDF8hXjRsZq4J5wWfe1IV2d1I60sN9N4L
gCopn1qGr4vFaKGgz+LNZSVPlQPVVbzvXj3WF4UN0TXsTWS6S35niiOqNUyfWp/0
R+CGNzsFBu6Xu30Gd0L+zgBH1wplp44DfdJrz3oy1xoDuO30XETyK4NsprirFb2B
eyWoDTgZhEKXgBUHL1HnH0ZUfErXem8h2g2HFOv0D4+3WC4ji/gA/OKJuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXbBsNM2Cbh1z7kYujq5ghE7O2wMB8GA1UdIwQY
MBaAFCw36auXM5nwLwMnyYEaGHUAxLbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEt
NTcwZGNhN2FkMTNlLzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEtNTcwZGNhN2FkMTNl
LzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALgOBo2mO
hfhvGiy4Gr2wFrmTS91Btu27CGUOgNxdxXSGzXlFYAcQ858nLsAXhZTtagWrOru6
ghpj9DLee/kZXWI3B+smZ0I3KYqi7FQzA6PlFa7QKqVUeKxYWZIIkTjYEXLb3+o5
pU9awr+ibqttlWSQWm0BCS+UxqM19LHkc3lbuczp3BrLVW5JgMnzU6W11hLUAMFc
d2meu679ot7iMUnJpViVlUsQ3OO+vJMIK4ftlS1JnIH4NawqSKaSIvnqYZ8gJDoP
ltJjiLkCgBBr1uvxbAdPBvIkvlNcd0RWah2wSt3uqauicJRWs0NWrWXojIQpasSW
Xmm81YLVPKj12g==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:00:36 2025 by rpki-client