Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          P552WkG3s7reMmryJl/DrSTtW8oArNzRhRGGYLHA5a8=
Subject key identifier:   62:FA:24:0B:7B:2F:7B:E0:AD:C3:B5:B2:63:70:B5:AE:F4:31:57:6C
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       01976A73514C5F1F7C50CA3A425AA804A045
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          0565
Signing time:             Fri 13 Jun 2025 18:00:31 +0000
Manifest this update:     Fri 13 Jun 2025 18:00:31 +0000
Manifest next update:     Sat 14 Jun 2025 18:00:31 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: biStW3pEve70jfo/diCm8CHyRFzJCLxvs9SM7dLsKUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:73:51:4c:5f:1f:7c:50:ca:3a:42:5a:a8:04:a0:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Jun 13 18:00:31 2025 GMT
            Not After : Jun 14 18:00:31 2025 GMT
        Subject: CN=62fa240b7b2f7be0adc3b5b26370b5aef431576c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d3:fe:c3:9b:1c:77:5d:77:c5:09:b7:a2:04:
                    4c:27:c1:5d:10:53:46:ea:c3:2f:7b:7c:25:ac:27:
                    36:e7:a9:fb:83:df:76:af:f7:94:1a:d5:51:a8:da:
                    00:0c:4c:b7:06:09:86:68:00:bf:e2:8c:51:c4:1b:
                    b0:7d:c1:ff:82:e3:44:95:d8:3f:80:39:6b:3b:1c:
                    e7:fb:34:10:5b:1b:20:31:f9:4b:2d:27:ce:1c:3a:
                    65:07:3b:95:96:ef:1a:14:2b:be:d1:96:65:e4:65:
                    ae:95:a6:77:9d:58:75:27:26:74:ba:37:98:66:f6:
                    39:0e:e5:38:8f:dc:a0:6e:d4:92:9f:c7:49:89:30:
                    2f:65:c6:79:9e:ab:66:af:e5:65:95:bd:10:36:48:
                    66:5e:a6:d7:bd:94:8d:93:1e:a0:c9:16:29:58:43:
                    45:f3:6f:e5:a4:a8:5e:91:12:20:ad:25:e5:19:20:
                    13:59:0a:01:c8:7e:02:63:0b:bd:87:79:e1:e7:b8:
                    14:8e:7c:87:00:d4:aa:6b:10:d4:59:de:43:99:93:
                    89:cf:1a:4c:37:25:90:3b:77:05:17:9e:68:65:b5:
                    af:1f:29:04:7a:3e:5f:97:32:a3:14:c9:15:b3:68:
                    13:cc:69:eb:16:d6:3c:6b:09:84:e9:fa:94:92:79:
                    fa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:FA:24:0B:7B:2F:7B:E0:AD:C3:B5:B2:63:70:B5:AE:F4:31:57:6C
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:a1:d8:ec:44:db:9c:2c:e0:75:d0:81:1b:d5:d4:70:89:f2:
         3c:87:22:18:c0:cf:f7:b0:56:80:67:30:f1:d3:5f:71:e7:7b:
         ba:8a:03:2b:62:77:1a:f7:30:46:4b:99:8a:2c:4d:c7:9a:43:
         99:e5:37:a8:18:af:6b:80:c2:88:71:be:2b:5b:f8:b0:3e:51:
         92:f7:cd:cd:74:cc:ff:19:79:0b:46:b8:0f:36:dc:35:47:58:
         9a:6b:c0:ce:38:39:90:10:35:1b:b0:14:51:cd:77:52:02:e2:
         22:f8:66:88:f5:73:64:92:9e:ff:21:4a:f0:c9:d8:ca:71:19:
         d3:db:b2:ff:7d:da:c3:f1:c6:be:17:f1:68:5d:77:88:a2:ac:
         76:18:f4:8d:b5:cb:f4:b7:a3:17:19:43:e2:c9:f1:b8:a9:42:
         84:55:77:75:d6:4c:31:41:35:0a:1d:5e:57:84:77:4e:55:57:
         be:43:59:b5:97:c6:a3:6f:2e:6c:1e:97:e5:3f:7c:45:bb:a9:
         88:0a:b7:bb:b8:6f:61:f5:59:7c:67:28:43:b4:b5:1a:cf:b9:
         df:ce:75:50:38:53:36:96:f0:78:7d:3c:9c:f2:25:32:b3:30:
         50:4f:45:da:35:6d:33:43:84:03:65:20:15:6c:61:e5:52:e1:
         81:88:a8:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqc1FMXx98UMo6QlqoBKBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwNjEzMTgwMDMxWhcNMjUwNjE0MTgwMDMxWjAzMTEwLwYDVQQD
Eyg2MmZhMjQwYjdiMmY3YmUwYWRjM2I1YjI2MzcwYjVhZWY0MzE1NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktP+w5scd113xQm3ogRMJ8FdEFNG
6sMve3wlrCc256n7g992r/eUGtVRqNoADEy3BgmGaAC/4oxRxBuwfcH/guNEldg/
gDlrOxzn+zQQWxsgMflLLSfOHDplBzuVlu8aFCu+0ZZl5GWulaZ3nVh1JyZ0ujeY
ZvY5DuU4j9ygbtSSn8dJiTAvZcZ5nqtmr+Vllb0QNkhmXqbXvZSNkx6gyRYpWENF
82/lpKhekRIgrSXlGSATWQoByH4CYwu9h3nh57gUjnyHANSqaxDUWd5DmZOJzxpM
NyWQO3cFF55oZbWvHykEej5flzKjFMkVs2gTzGnrFtY8awmE6fqUknn6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGL6JAt7L3vgrcO1smNwta70MVdsMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKHY7ETb
nCzgddCBG9XUcInyPIciGMDP97BWgGcw8dNfced7uooDK2J3GvcwRkuZiixNx5pD
meU3qBiva4DCiHG+K1v4sD5RkvfNzXTM/xl5C0a4DzbcNUdYmmvAzjg5kBA1G7AU
Uc13UgLiIvhmiPVzZJKe/yFK8MnYynEZ09uy/33aw/HGvhfxaF13iKKsdhj0jbXL
9LejFxlD4snxuKlChFV3ddZMMUE1Ch1eV4R3TlVXvkNZtZfGo28ubB6X5T98Rbup
iAq3u7hvYfVZfGcoQ7S1Gs+53851UDhTNpbweH08nPIlMrMwUE9F2jVtM0OEA2Ug
FWxh5VLhgYioGg==
-----END CERTIFICATE-----