Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          D3G93ZwGlJH7Nha24O4stTsiXk/DNAuQ4KKfZPeeA1A=
Subject key identifier:   B1:C8:48:E6:01:BA:6B:97:F9:CC:A4:89:AB:A4:31:90:13:40:2B:E1
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       019768851AEF43B4BB777C399A4218FD090D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          0564
Signing time:             Fri 13 Jun 2025 09:00:42 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:42 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:42 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: oqgn+pW3GUuK1GI7q5GUQ2s6M8pxUiFFNG62KgrgjV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:85:1a:ef:43:b4:bb:77:7c:39:9a:42:18:fd:09:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Jun 13 09:00:42 2025 GMT
            Not After : Jun 14 09:00:42 2025 GMT
        Subject: CN=b1c848e601ba6b97f9cca489aba4319013402be1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:24:1b:1d:22:0a:c8:e5:1f:e5:a3:0b:ee:43:
                    ba:6b:52:fa:41:8c:c6:b6:3a:1e:79:28:58:6a:09:
                    72:7f:46:7b:6c:18:10:8a:43:e5:16:ae:10:9a:27:
                    f0:46:7a:75:d4:54:fc:af:34:65:90:99:ef:dd:e1:
                    98:a8:63:9a:e3:22:f0:08:68:d1:19:2a:27:63:86:
                    6a:b6:bb:1f:b9:77:84:56:6d:d5:88:77:8a:df:42:
                    3f:bd:39:c6:1b:df:38:78:4d:75:ee:3a:47:f5:5b:
                    02:eb:18:b7:28:fc:48:a0:01:50:b8:e3:c3:c7:a2:
                    74:c2:35:27:b4:bd:70:9d:2d:52:53:73:ba:33:36:
                    83:1f:1f:a8:1c:ec:6d:78:17:19:ec:c2:12:31:14:
                    21:68:01:e5:c9:19:6e:e9:47:1a:b5:68:d1:a8:85:
                    ad:ad:4e:d4:bb:17:9a:54:87:25:86:ab:14:3b:e4:
                    61:e9:ae:12:81:4f:a6:c6:3f:91:8a:c0:08:32:7d:
                    09:09:c8:fe:bf:ed:27:8a:50:8e:c1:e4:21:33:80:
                    27:4d:e6:f0:7b:93:03:0c:f4:dd:d2:5c:7a:a2:e2:
                    30:2b:50:21:62:46:83:01:43:ff:cf:6c:20:00:dc:
                    4a:60:f6:8f:66:4f:8e:68:9e:80:f7:6f:e9:82:76:
                    fc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C8:48:E6:01:BA:6B:97:F9:CC:A4:89:AB:A4:31:90:13:40:2B:E1
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:27:3d:57:ee:90:30:ca:1c:69:ba:d5:7e:03:0c:1f:5e:f7:
         8c:bd:c7:34:14:a0:e2:8f:70:92:a0:ec:48:74:4d:d7:08:0b:
         41:2a:4f:78:ef:93:2e:32:fd:4b:44:67:da:eb:dd:7e:53:f7:
         23:a8:96:99:00:67:b4:12:95:ff:4f:1b:0b:6f:80:6e:c1:3c:
         62:77:35:b9:64:37:2d:81:db:db:2a:d5:40:49:9a:b2:84:52:
         36:85:1c:be:1c:33:4e:41:fc:b1:87:8b:9d:43:c4:0d:a4:87:
         20:bd:6d:22:bf:20:7f:dc:33:de:58:30:6b:2e:f9:96:7d:9d:
         57:89:fa:e1:d5:d5:db:09:af:17:a6:4a:dd:5d:77:f8:2c:1e:
         18:7c:1b:16:f3:21:8e:4a:9e:44:ae:d7:b5:99:69:2c:bc:12:
         2a:5f:3d:ef:27:ad:a5:37:18:6f:dd:1d:e5:54:bc:dd:8a:3c:
         8d:e8:99:04:dd:f1:0c:d1:76:c8:be:c3:66:56:2f:d4:4e:30:
         b6:3a:c0:39:b9:29:00:d6:f3:8f:ec:2a:41:0a:4d:8e:82:fe:
         07:fb:1a:94:8f:09:3f:bf:61:92:10:5c:42:9c:09:d5:bb:7c:
         8b:ac:26:6a:d9:dc:a7:24:03:d7:c7:e7:8c:42:62:06:7b:3d:
         f4:28:08:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohRrvQ7S7d3w5mkIY/QkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwNjEzMDkwMDQyWhcNMjUwNjE0MDkwMDQyWjAzMTEwLwYDVQQD
EyhiMWM4NDhlNjAxYmE2Yjk3ZjljY2E0ODlhYmE0MzE5MDEzNDAyYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviQbHSIKyOUf5aML7kO6a1L6QYzG
tjoeeShYaglyf0Z7bBgQikPlFq4QmifwRnp11FT8rzRlkJnv3eGYqGOa4yLwCGjR
GSonY4ZqtrsfuXeEVm3ViHeK30I/vTnGG984eE117jpH9VsC6xi3KPxIoAFQuOPD
x6J0wjUntL1wnS1SU3O6MzaDHx+oHOxteBcZ7MISMRQhaAHlyRlu6UcatWjRqIWt
rU7UuxeaVIclhqsUO+Rh6a4SgU+mxj+RisAIMn0JCcj+v+0nilCOweQhM4AnTebw
e5MDDPTd0lx6ouIwK1AhYkaDAUP/z2wgANxKYPaPZk+OaJ6A92/pgnb8GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHISOYBumuX+cykiaukMZATQCvhMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWyc9V+6Q
MMocabrVfgMMH173jL3HNBSg4o9wkqDsSHRN1wgLQSpPeO+TLjL9S0Rn2uvdflP3
I6iWmQBntBKV/08bC2+AbsE8Ync1uWQ3LYHb2yrVQEmasoRSNoUcvhwzTkH8sYeL
nUPEDaSHIL1tIr8gf9wz3lgway75ln2dV4n64dXV2wmvF6ZK3V13+CweGHwbFvMh
jkqeRK7XtZlpLLwSKl897yetpTcYb90d5VS83Yo8jeiZBN3xDNF2yL7DZlYv1E4w
tjrAObkpANbzj+wqQQpNjoL+B/salI8JP79hkhBcQpwJ1bt8i6wmatncpyQD18fn
jEJiBns99CgIZQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:00:41 2025 by rpki-client