Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          BFg5QpI8gGA7+q983FW55kWDFifT4etOm0QPv6Meru0=
Subject key identifier:   CC:EC:6C:EA:B9:A8:13:DD:24:69:D3:03:59:04:56:AC:AB:3C:97:89
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       019759127214B87ED6BABBBB43E9E0C6A476
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          055C
Signing time:             Tue 10 Jun 2025 09:01:10 +0000
Manifest this update:     Tue 10 Jun 2025 09:01:10 +0000
Manifest next update:     Wed 11 Jun 2025 09:01:10 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: 4WAIs54pU2cgDKzqmY6wkSuWAiLn37YsAD9FURrw+dk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:12:72:14:b8:7e:d6:ba:bb:bb:43:e9:e0:c6:a4:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Jun 10 09:01:10 2025 GMT
            Not After : Jun 11 09:01:10 2025 GMT
        Subject: CN=ccec6ceab9a813dd2469d303590456acab3c9789
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ed:25:1b:28:66:35:3b:3a:a2:e6:97:f1:9a:
                    fe:62:e1:ff:1d:be:1f:ec:3b:57:df:08:8e:5a:ea:
                    e2:70:81:83:eb:72:bb:06:99:c2:91:1e:7f:8b:24:
                    1e:ad:c5:0e:f8:a2:4e:70:ce:54:46:2a:5e:4b:70:
                    8b:47:30:27:41:0a:53:de:05:98:53:0c:d8:3c:e5:
                    69:5a:9f:00:ab:ae:5d:e9:bd:2d:9a:cb:65:3a:9e:
                    70:d6:37:6c:a1:d5:72:74:ef:41:55:61:4c:f0:b0:
                    4f:cc:76:e5:53:7b:76:8b:82:be:73:78:c3:b9:42:
                    61:8c:b9:9a:48:d1:a9:64:49:62:dc:14:61:1d:5f:
                    31:e9:85:90:90:c9:83:36:c8:2c:de:c1:5a:4d:bf:
                    05:a3:34:eb:44:62:d0:5c:e1:4f:5c:1f:f3:bc:52:
                    67:87:ee:db:ec:ab:67:18:80:01:f3:3c:8b:1f:54:
                    b0:50:84:68:a6:03:ff:6b:3c:b4:9d:a6:02:62:6c:
                    91:ab:85:5f:a5:e5:2f:d3:a5:f7:17:52:39:ec:eb:
                    ad:d8:af:f3:e9:b1:a0:12:91:cd:0a:be:c8:66:0a:
                    41:cb:ef:18:e5:da:7c:71:26:57:74:79:d1:d3:cd:
                    c6:f5:0c:af:6e:f2:51:a5:8d:6f:f3:c2:e6:9e:96:
                    97:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:EC:6C:EA:B9:A8:13:DD:24:69:D3:03:59:04:56:AC:AB:3C:97:89
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:35:b6:3b:ed:48:e9:f5:b7:19:cf:a5:a3:46:89:6e:be:8d:
         02:c1:d4:cc:74:5c:0e:e3:22:6a:cf:95:b3:c9:5a:31:30:d9:
         7e:09:46:61:bd:8c:26:6a:c4:b0:6c:0a:2f:ee:25:43:38:31:
         54:15:d7:8a:a5:a1:bf:49:6d:24:60:37:77:fb:d2:ff:1f:91:
         02:f5:6f:c7:7e:7d:8a:0e:99:f4:6d:2d:b6:fc:c6:67:5c:d0:
         3c:81:2e:62:aa:5f:3b:fd:89:93:65:c1:64:dd:24:88:22:2d:
         9e:8e:10:94:15:13:58:2c:ad:89:37:49:91:5a:4f:ce:22:8c:
         06:37:88:be:4d:ed:8b:dc:b6:60:86:43:db:27:e9:f3:ba:24:
         56:ab:04:4a:6d:fd:a8:09:56:e2:92:19:8e:d3:2a:4c:60:6b:
         5e:6e:4c:f1:5d:7d:cd:84:59:62:0c:cd:0d:9f:dc:2a:09:01:
         1b:d8:c2:19:bc:f3:7f:c4:12:57:88:13:14:ff:ed:4b:47:06:
         e3:5f:72:d0:53:ad:fb:66:de:ea:29:e2:12:4c:15:61:4c:e6:
         f9:fc:2a:63:ce:05:2a:ad:a0:e0:17:36:8a:e8:54:09:cc:9a:
         3d:82:d3:d7:e2:55:68:61:f7:14:e8:87:0f:1c:7c:8d:be:44:
         e4:48:0f:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEnIUuH7Wuru7Q+ngxqR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwNjEwMDkwMTEwWhcNMjUwNjExMDkwMTEwWjAzMTEwLwYDVQQD
EyhjY2VjNmNlYWI5YTgxM2RkMjQ2OWQzMDM1OTA0NTZhY2FiM2M5Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO0lGyhmNTs6ouaX8Zr+YuH/Hb4f
7DtX3wiOWuricIGD63K7BpnCkR5/iyQercUO+KJOcM5URipeS3CLRzAnQQpT3gWY
UwzYPOVpWp8Aq65d6b0tmstlOp5w1jdsodVydO9BVWFM8LBPzHblU3t2i4K+c3jD
uUJhjLmaSNGpZEli3BRhHV8x6YWQkMmDNsgs3sFaTb8FozTrRGLQXOFPXB/zvFJn
h+7b7KtnGIAB8zyLH1SwUIRopgP/azy0naYCYmyRq4VfpeUv06X3F1I57Out2K/z
6bGgEpHNCr7IZgpBy+8Y5dp8cSZXdHnR083G9QyvbvJRpY1v88LmnpaXXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzsbOq5qBPdJGnTA1kEVqyrPJeJMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjW2O+1I
6fW3Gc+lo0aJbr6NAsHUzHRcDuMias+Vs8laMTDZfglGYb2MJmrEsGwKL+4lQzgx
VBXXiqWhv0ltJGA3d/vS/x+RAvVvx359ig6Z9G0ttvzGZ1zQPIEuYqpfO/2Jk2XB
ZN0kiCItno4QlBUTWCytiTdJkVpPziKMBjeIvk3ti9y2YIZD2yfp87okVqsESm39
qAlW4pIZjtMqTGBrXm5M8V19zYRZYgzNDZ/cKgkBG9jCGbzzf8QSV4gTFP/tS0cG
419y0FOt+2be6iniEkwVYUzm+fwqY84FKq2g4Bc2iuhUCcyaPYLT1+JVaGH3FOiH
Dxx8jb5E5EgPlQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:02:20 2025 by rpki-client