Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
File:                     LDfpq5czmfAvAyfJgRoYdQDEtsk.mft (raw, json)
Hash identifier:          LOBOA9jvFk58tDNutofAzUNgFb8/pkgU0tnKnLmF3C8=
Subject key identifier:   9C:48:95:EB:C1:34:B5:57:53:04:E3:29:EF:02:7D:EC:A8:76:63:63
Authority key identifier: 2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9
Certificate issuer:       /CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
Certificate serial:       01976E199C972E6CC0B574A0BD18A2821B2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
Manifest number:          03C7
Signing time:             Sat 14 Jun 2025 11:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 11:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 11:01:01 +0000
Files and hashes:         1: LDfpq5czmfAvAyfJgRoYdQDEtsk.crl (hash: ZTcXHoc2M9CTpj4mBpeIcyBBqE75jLshNjZuHy4PiXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 11:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:19:9c:97:2e:6c:c0:b5:74:a0:bd:18:a2:82:1b:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
        Validity
            Not Before: Jun 14 11:01:01 2025 GMT
            Not After : Jun 15 11:01:01 2025 GMT
        Subject: CN=9c4895ebc134b5575304e329ef027deca8766363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b5:e2:64:7d:a3:78:47:67:29:0f:f9:80:53:
                    2b:3c:cd:10:62:00:30:6f:55:37:c8:51:c9:3c:e4:
                    65:8e:77:bf:3d:b2:5a:43:32:1e:92:a5:7f:83:da:
                    d5:4b:ca:83:45:fd:a9:fd:37:c8:e6:76:8d:cb:3b:
                    8a:82:2f:1b:4a:8b:08:3d:ac:a8:b2:6e:0e:ac:bd:
                    15:34:ea:7d:17:9f:95:54:c9:3d:f4:c6:d3:3e:a4:
                    d2:a8:22:df:72:2c:9a:9c:c0:da:34:c8:1d:7d:88:
                    c5:9a:c8:ce:ff:be:01:6b:7f:9a:d5:9c:25:89:bd:
                    aa:57:db:eb:0b:97:8e:24:4f:6f:63:28:3a:89:4f:
                    3c:c8:8b:02:9c:3d:a8:2b:85:15:61:b3:7e:08:76:
                    a4:23:c4:2c:2c:8e:c4:9a:6a:0f:df:1e:61:c3:f3:
                    08:36:57:4f:95:be:a1:b8:a2:ae:2f:c4:08:5d:ce:
                    2f:66:09:56:fa:1a:58:52:29:ed:19:39:1f:10:e2:
                    45:3d:a2:de:94:00:2e:f7:d9:4b:5b:0f:02:7b:67:
                    41:c8:79:cc:d5:de:1b:04:71:68:9e:51:27:07:cb:
                    b0:0d:dd:fa:cc:b3:8c:b5:a0:10:a1:78:dd:f0:a2:
                    09:50:8d:4e:14:01:cc:b7:09:82:65:68:d8:a0:83:
                    33:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:48:95:EB:C1:34:B5:57:53:04:E3:29:EF:02:7D:EC:A8:76:63:63
            X509v3 Authority Key Identifier:
                keyid:2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:3e:53:fa:e5:65:77:44:5f:0d:40:82:c1:bb:0e:bf:d4:cb:
         eb:8c:b7:4b:88:d4:df:bd:c6:f7:03:64:95:56:d1:68:c2:77:
         a9:57:48:25:64:36:68:21:38:0a:87:71:8b:ea:3a:a8:f5:70:
         7a:aa:43:37:fa:ab:66:b2:e2:10:17:c0:d6:ff:a9:8e:ff:ac:
         48:35:aa:0c:d5:74:1c:e2:1f:23:15:d5:66:d1:f8:2e:76:c0:
         dc:93:17:8e:e3:6f:6f:01:92:2b:e5:92:4d:a8:ef:3e:b8:b4:
         ad:88:f4:3e:e9:89:f5:0e:07:f5:86:7d:9c:37:63:93:7e:ed:
         0d:a6:90:ae:04:08:1b:87:e3:df:b7:44:08:24:fb:ff:8d:f5:
         6a:9f:f0:9a:41:f5:d7:a0:86:c3:db:fd:6e:d1:80:f0:19:38:
         5e:36:cd:ec:78:30:5e:e5:b9:2d:2c:7b:bf:a4:c0:83:23:4a:
         d6:e4:46:0a:e9:9d:92:dd:29:90:34:32:52:02:d0:81:c5:51:
         dd:34:05:6f:ba:21:f7:6e:3f:22:e2:c4:3e:a9:13:00:43:d5:
         b9:cc:3d:73:db:35:1f:fc:0e:f2:ac:4a:1b:69:d1:6d:a5:2d:
         45:36:df:ed:9e:7a:a3:0a:66:d3:c8:c3:6a:79:aa:88:5c:1e:
         67:83:bf:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduGZyXLmzAtXSgvRiighsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzdlOWFiOTczMzk5ZjAyZjAzMjdjOTgxMWExODc1MDBj
NGI2YzkwHhcNMjUwNjE0MTEwMTAxWhcNMjUwNjE1MTEwMTAxWjAzMTEwLwYDVQQD
Eyg5YzQ4OTVlYmMxMzRiNTU3NTMwNGUzMjllZjAyN2RlY2E4NzY2MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrXiZH2jeEdnKQ/5gFMrPM0QYgAw
b1U3yFHJPORljne/PbJaQzIekqV/g9rVS8qDRf2p/TfI5naNyzuKgi8bSosIPayo
sm4OrL0VNOp9F5+VVMk99MbTPqTSqCLfciyanMDaNMgdfYjFmsjO/74Ba3+a1Zwl
ib2qV9vrC5eOJE9vYyg6iU88yIsCnD2oK4UVYbN+CHakI8QsLI7EmmoP3x5hw/MI
NldPlb6huKKuL8QIXc4vZglW+hpYUintGTkfEOJFPaLelAAu99lLWw8Ce2dByHnM
1d4bBHFonlEnB8uwDd36zLOMtaAQoXjd8KIJUI1OFAHMtwmCZWjYoIMz1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxIlevBNLVXUwTjKe8CfeyodmNjMB8GA1UdIwQY
MBaAFCw36auXM5nwLwMnyYEaGHUAxLbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEt
NTcwZGNhN2FkMTNlLzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEtNTcwZGNhN2FkMTNl
LzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiz5T+uVl
d0RfDUCCwbsOv9TL64y3S4jU373G9wNklVbRaMJ3qVdIJWQ2aCE4Codxi+o6qPVw
eqpDN/qrZrLiEBfA1v+pjv+sSDWqDNV0HOIfIxXVZtH4LnbA3JMXjuNvbwGSK+WS
TajvPri0rYj0PumJ9Q4H9YZ9nDdjk37tDaaQrgQIG4fj37dECCT7/431ap/wmkH1
16CGw9v9btGA8Bk4XjbN7HgwXuW5LSx7v6TAgyNK1uRGCumdkt0pkDQyUgLQgcVR
3TQFb7oh924/IuLEPqkTAEPVucw9c9s1H/wO8qxKG2nRbaUtRTbf7Z56owpm08jD
anmqiFweZ4O/6w==
-----END CERTIFICATE-----