Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          JUjiyMfdUsYVpLYvGvfbvLZuX6TvlY6n/MW0vII9gc8=
Subject key identifier:   8E:5C:1D:D4:6C:C8:23:57:08:5E:99:10:43:7B:27:AF:9D:DA:BD:22
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       019922C3104A31ADDC04EDF69D09F32253BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          0649
Signing time:             Sun 07 Sep 2025 06:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:32 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: vrqnPvbDFcNrriH7JLNkH+Es2DGX/7xsTDnVJ+7Ck6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:10:4a:31:ad:dc:04:ed:f6:9d:09:f3:22:53:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Sep  7 06:00:32 2025 GMT
            Not After : Sep  8 06:00:32 2025 GMT
        Subject: CN=8e5c1dd46cc82357085e9910437b27af9ddabd22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d8:0e:02:06:93:3f:df:5f:56:70:5f:c4:02:
                    6a:25:e6:aa:70:e1:fc:68:b3:88:e8:ef:bd:e5:6a:
                    26:b5:3f:9c:13:1f:e0:3d:d2:56:cf:97:61:39:4a:
                    87:62:ac:07:68:66:1f:79:0f:92:f6:70:35:8b:c1:
                    7d:3f:35:4e:23:77:66:b2:26:64:79:dd:57:59:e9:
                    11:2e:e1:36:0e:4a:a7:58:9c:25:47:54:20:ad:86:
                    c5:5c:f0:77:93:0b:ca:0a:9a:b6:97:f0:60:1a:61:
                    90:0e:0c:fb:e2:38:01:c9:5e:3d:ec:3d:a1:f7:21:
                    9b:08:f8:83:54:a6:fb:0e:50:2e:80:fc:06:5f:b4:
                    b5:9e:63:62:65:e8:95:90:b4:1e:e5:57:c3:f2:b6:
                    34:24:30:e1:db:f1:91:43:89:f1:37:83:ea:43:30:
                    19:c6:fc:15:0e:88:17:4c:92:7b:6a:b0:36:de:51:
                    d6:c7:34:82:cd:c7:4d:8a:84:79:d0:d2:d0:f8:1b:
                    f2:ff:1e:4c:8b:31:8f:3e:5c:b0:86:e4:19:ab:c3:
                    e0:62:28:ed:cd:46:3f:11:99:51:7a:cf:11:9d:67:
                    14:96:81:85:62:fc:6d:37:38:23:11:4f:7e:d8:b9:
                    c1:a7:9a:b0:67:59:cd:65:db:d5:26:ae:b4:7e:6a:
                    bf:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5C:1D:D4:6C:C8:23:57:08:5E:99:10:43:7B:27:AF:9D:DA:BD:22
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:36:22:29:38:72:33:9c:80:5b:0b:f0:db:a9:14:5a:c1:be:
         e3:ef:4a:93:4e:f7:e5:48:7f:f7:92:aa:ad:62:e5:49:0e:5a:
         9b:74:cd:56:4b:4f:b3:c2:ee:dc:f2:6b:31:ae:f4:d2:42:99:
         e2:67:02:e9:ce:08:36:ae:02:72:35:09:6f:df:e9:31:26:8e:
         0a:80:f0:01:23:ff:73:5c:79:98:09:59:a4:ba:ba:bf:a2:5d:
         34:07:57:32:47:57:58:df:5c:3e:40:d5:8a:c3:2d:0c:4d:20:
         87:b5:45:c3:40:f9:c1:04:94:d6:74:4d:94:6c:45:77:72:b0:
         3d:6e:1e:bc:85:54:80:15:2f:9e:d7:ab:7c:47:a5:fd:07:b8:
         a2:5c:d9:93:09:a5:78:97:0c:ea:f6:dc:81:eb:ed:74:a2:85:
         a6:49:6a:07:20:ce:aa:05:c3:0b:86:bf:60:08:73:df:52:17:
         cb:36:a0:1d:b3:1b:5f:18:4f:06:cb:1f:99:df:3a:c0:94:ec:
         2d:60:41:80:98:43:9a:56:7b:80:09:77:54:81:cb:83:a9:c3:
         70:8c:c2:21:d5:ee:a9:44:8a:b7:aa:21:97:a8:18:f4:38:2e:
         a4:bc:4a:a3:59:75:24:ca:b1:21:0b:35:06:86:3e:14:44:e2:
         bd:0d:c3:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxBKMa3cBO32nQnzIlO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwOTA3MDYwMDMyWhcNMjUwOTA4MDYwMDMyWjAzMTEwLwYDVQQD
Eyg4ZTVjMWRkNDZjYzgyMzU3MDg1ZTk5MTA0MzdiMjdhZjlkZGFiZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNgOAgaTP99fVnBfxAJqJeaqcOH8
aLOI6O+95WomtT+cEx/gPdJWz5dhOUqHYqwHaGYfeQ+S9nA1i8F9PzVOI3dmsiZk
ed1XWekRLuE2DkqnWJwlR1QgrYbFXPB3kwvKCpq2l/BgGmGQDgz74jgByV497D2h
9yGbCPiDVKb7DlAugPwGX7S1nmNiZeiVkLQe5VfD8rY0JDDh2/GRQ4nxN4PqQzAZ
xvwVDogXTJJ7arA23lHWxzSCzcdNioR50NLQ+Bvy/x5MizGPPlywhuQZq8PgYijt
zUY/EZlRes8RnWcUloGFYvxtNzgjEU9+2LnBp5qwZ1nNZdvVJq60fmq/MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5cHdRsyCNXCF6ZEEN7J6+d2r0iMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTYiKThy
M5yAWwvw26kUWsG+4+9Kk0735Uh/95KqrWLlSQ5am3TNVktPs8Lu3PJrMa700kKZ
4mcC6c4INq4CcjUJb9/pMSaOCoDwASP/c1x5mAlZpLq6v6JdNAdXMkdXWN9cPkDV
isMtDE0gh7VFw0D5wQSU1nRNlGxFd3KwPW4evIVUgBUvnterfEel/Qe4olzZkwml
eJcM6vbcgevtdKKFpklqByDOqgXDC4a/YAhz31IXyzagHbMbXxhPBssfmd86wJTs
LWBBgJhDmlZ7gAl3VIHLg6nDcIzCIdXuqUSKt6ohl6gY9DgupLxKo1l1JMqxIQs1
BoY+FETivQ3DWg==
-----END CERTIFICATE-----