Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          j0Dar5IhB711HTsFjgiduMKP+HBVyQzi4vNtvdaIc3o=
Subject key identifier:   D4:F6:45:16:9A:3C:87:58:3A:B3:FA:B2:32:E9:C6:DB:B9:EF:38:E5
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       0197B7B36C15E760FCDFA499829C531E9B46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          058D
Signing time:             Sat 28 Jun 2025 18:01:18 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:18 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:18 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: oTkFqGiGHfEoL5EK1wJA7zviYzIZ+P8YEClOuhUrQmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:6c:15:e7:60:fc:df:a4:99:82:9c:53:1e:9b:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Jun 28 18:01:18 2025 GMT
            Not After : Jun 29 18:01:18 2025 GMT
        Subject: CN=d4f645169a3c87583ab3fab232e9c6dbb9ef38e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a5:67:b5:54:ab:73:e0:6c:78:a6:1f:9d:39:
                    06:b8:52:e5:67:01:f2:f4:37:85:07:74:69:a6:a8:
                    c1:b3:41:72:e3:ae:93:19:86:54:b0:30:b2:72:c5:
                    d2:96:22:97:82:91:d5:cd:88:0a:ae:38:6c:19:97:
                    30:55:40:a4:8e:ca:cc:af:5d:7e:0b:a5:11:b1:25:
                    03:42:2b:d2:dd:81:79:4b:30:03:4a:aa:56:7b:fb:
                    d9:70:69:87:91:85:fe:5c:cd:a9:15:54:32:3c:56:
                    32:11:ec:1a:4a:1a:bc:3e:bf:11:43:e3:5f:53:63:
                    ca:d1:7d:7c:44:a0:08:d6:86:4f:55:d6:ad:1e:70:
                    8a:04:4a:09:4e:a8:29:38:2b:c5:4b:37:68:c0:ff:
                    e5:4d:9d:f6:27:e2:07:be:f7:5e:19:8f:8e:98:83:
                    a0:cf:9b:3d:87:ed:59:45:8b:f3:0a:e1:ed:37:14:
                    82:04:b8:4a:df:28:4e:7c:ae:78:64:32:44:36:c8:
                    9b:43:99:38:b3:12:aa:81:bf:6e:24:92:b3:2c:a4:
                    7b:5b:7c:ff:36:ac:41:5e:49:38:ce:3b:41:1d:1c:
                    23:94:36:35:c0:e9:7a:a6:6f:cf:e0:7a:49:85:5a:
                    80:5b:c6:84:44:3f:ff:45:3d:42:22:40:4a:70:6c:
                    ea:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:F6:45:16:9A:3C:87:58:3A:B3:FA:B2:32:E9:C6:DB:B9:EF:38:E5
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:53:47:4d:82:ab:7e:cc:ab:ce:48:2b:73:e6:26:ff:ca:6f:
         db:90:1f:c7:3e:51:83:e0:f6:b8:17:2d:9b:b7:b0:bb:de:1c:
         61:ee:2d:03:04:1b:96:a6:6c:1f:6b:2b:82:66:7a:7b:4a:05:
         97:04:c0:a4:a1:a5:1f:c5:b3:a6:30:9d:6a:4e:92:95:d1:0a:
         81:0e:ba:05:a1:72:49:75:97:5c:b1:0e:fc:3b:a1:8d:5f:d2:
         29:13:c7:1b:cb:68:6d:5d:ff:37:6f:7f:83:51:f5:fe:68:71:
         15:7d:71:07:86:e0:b7:60:06:7d:22:3d:01:3c:75:fd:7f:3d:
         86:4e:3d:2e:8b:01:13:07:88:30:42:0a:5b:c1:25:5a:55:d9:
         3d:e4:bb:0a:a8:2f:0c:23:13:ad:81:d6:d9:0d:f5:f0:dc:c9:
         5a:0b:52:7c:a5:3a:65:25:25:1d:b7:96:09:57:ee:36:61:34:
         65:86:13:2d:15:14:29:92:e4:a7:fd:ea:33:06:c8:81:e8:7f:
         b3:2a:93:5f:05:3d:79:cf:c6:01:62:d8:9b:6f:c2:1c:61:23:
         70:86:9a:35:a0:af:55:4e:8a:08:0b:bc:ec:b5:64:f1:7f:e0:
         9f:c2:6e:32:51:bc:0f:7e:1f:7d:cf:cc:ca:87:77:51:4c:dc:
         a8:50:48:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s2wV52D836SZgpxTHptGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwNjI4MTgwMTE4WhcNMjUwNjI5MTgwMTE4WjAzMTEwLwYDVQQD
EyhkNGY2NDUxNjlhM2M4NzU4M2FiM2ZhYjIzMmU5YzZkYmI5ZWYzOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qVntVSrc+BseKYfnTkGuFLlZwHy
9DeFB3RppqjBs0Fy466TGYZUsDCycsXSliKXgpHVzYgKrjhsGZcwVUCkjsrMr11+
C6URsSUDQivS3YF5SzADSqpWe/vZcGmHkYX+XM2pFVQyPFYyEewaShq8Pr8RQ+Nf
U2PK0X18RKAI1oZPVdatHnCKBEoJTqgpOCvFSzdowP/lTZ32J+IHvvdeGY+OmIOg
z5s9h+1ZRYvzCuHtNxSCBLhK3yhOfK54ZDJENsibQ5k4sxKqgb9uJJKzLKR7W3z/
NqxBXkk4zjtBHRwjlDY1wOl6pm/P4HpJhVqAW8aERD//RT1CIkBKcGzq+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT2RRaaPIdYOrP6sjLpxtu57zjlMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtlNHTYKr
fsyrzkgrc+Ym/8pv25Afxz5Rg+D2uBctm7ewu94cYe4tAwQblqZsH2srgmZ6e0oF
lwTApKGlH8WzpjCdak6SldEKgQ66BaFySXWXXLEO/DuhjV/SKRPHG8tobV3/N29/
g1H1/mhxFX1xB4bgt2AGfSI9ATx1/X89hk49LosBEweIMEIKW8ElWlXZPeS7Cqgv
DCMTrYHW2Q318NzJWgtSfKU6ZSUlHbeWCVfuNmE0ZYYTLRUUKZLkp/3qMwbIgeh/
syqTXwU9ec/GAWLYm2/CHGEjcIaaNaCvVU6KCAu87LVk8X/gn8JuMlG8D34ffc/M
yod3UUzcqFBIBg==
-----END CERTIFICATE-----