Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          1ksavsWkI7QtvGCXN4UW6ZnQuOZKiQ6LRjmp/LhnHBQ=
Subject key identifier:   73:C3:74:37:30:E7:AC:8E:D3:98:22:2B:E6:B3:56:68:61:7A:71:E0
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019778D3E72A59D32CE3D5CDBBF976881842
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          1591
Signing time:             Mon 16 Jun 2025 13:00:42 +0000
Manifest this update:     Mon 16 Jun 2025 13:00:42 +0000
Manifest next update:     Tue 17 Jun 2025 13:00:42 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: IcQ9jVICbsgBUxC7d8M0l5lHEpsR/HNpQ7Md7/iO13M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:d3:e7:2a:59:d3:2c:e3:d5:cd:bb:f9:76:88:18:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Jun 16 13:00:42 2025 GMT
            Not After : Jun 17 13:00:42 2025 GMT
        Subject: CN=73c3743730e7ac8ed398222be6b35668617a71e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8d:35:d3:d9:ba:49:6e:18:b7:4f:76:d0:62:
                    4d:be:34:b6:e9:88:ca:72:f7:cb:f5:2d:83:df:2a:
                    4d:ef:65:21:2f:7a:2e:cf:ac:22:c1:3a:4b:a4:8b:
                    be:2e:52:52:84:2d:f7:84:af:bb:d3:85:cb:9c:43:
                    c7:63:0f:46:0b:69:8f:3e:35:20:c8:2b:a9:49:0e:
                    8c:b5:d1:73:f5:75:93:3b:b4:95:54:c2:15:89:16:
                    01:05:ab:a7:8d:62:83:14:ed:fd:82:ee:e1:0e:dd:
                    47:ee:7b:cb:ec:2b:00:1b:77:33:9a:69:33:c7:34:
                    24:cd:b1:f7:83:28:eb:c3:7c:4b:db:c5:5b:ea:88:
                    be:e2:5a:a1:1b:84:84:58:d6:42:ff:46:ea:94:ba:
                    bd:a3:19:77:c2:c2:c9:52:df:51:85:ff:49:0d:1f:
                    a8:75:3f:f6:41:a3:b6:b7:c4:e0:79:ea:e0:e3:b5:
                    66:d6:b5:b4:58:57:3e:7e:89:53:99:63:e4:06:10:
                    2a:5f:6f:c3:a7:02:18:c1:1c:79:f3:c8:ac:28:ef:
                    8c:0b:a4:0a:11:4b:18:c1:b4:5b:15:b0:6a:d7:bc:
                    ca:21:b2:1e:cb:c5:49:66:0b:b0:58:85:60:88:55:
                    ba:8f:7b:7d:84:e9:22:51:f8:a9:c7:cb:58:dd:bb:
                    90:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C3:74:37:30:E7:AC:8E:D3:98:22:2B:E6:B3:56:68:61:7A:71:E0
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:60:e8:29:93:57:79:fd:e6:47:7d:dc:c4:48:30:bb:b0:73:
         61:77:db:51:0c:3c:56:a7:83:54:8f:58:7b:fe:2a:09:b4:f9:
         0a:60:50:4c:c4:28:f7:f7:f0:77:70:1b:3f:54:cc:25:be:72:
         f0:fb:33:12:46:50:dd:24:d2:30:fe:2b:11:05:89:59:0e:3c:
         00:a6:9c:a6:af:84:02:5a:5a:d6:a9:20:89:fe:a8:c1:4c:b8:
         c6:b2:5e:8f:82:c7:cc:62:c7:9d:de:c7:c8:e7:71:bd:bb:89:
         43:36:ba:65:99:c5:3a:04:45:24:63:ca:da:a8:39:b4:94:00:
         44:14:bf:4a:93:06:24:af:8b:e9:c2:35:30:84:65:45:b5:73:
         db:a5:ac:9b:3b:f7:31:98:7a:53:8f:ff:fb:a5:0c:cf:82:ef:
         8a:e9:0b:67:8d:46:d5:8f:8d:4e:ad:ac:0e:2b:8f:8f:81:5d:
         3e:ca:a4:0d:fa:1f:af:cb:25:d0:5a:d3:45:2d:fc:9b:c3:7c:
         db:25:5c:62:31:2f:ce:75:09:2d:63:ce:fa:44:f7:95:5d:7a:
         45:70:b7:9c:b8:ef:55:2f:ac:6c:16:e1:2f:67:94:3f:e8:4d:
         8f:c5:b8:f4:a2:2d:06:cd:71:af:dd:b6:e3:dc:05:d9:e9:c1:
         47:75:fd:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd40+cqWdMs49XNu/l2iBhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUwNjE2MTMwMDQyWhcNMjUwNjE3MTMwMDQyWjAzMTEwLwYDVQQD
Eyg3M2MzNzQzNzMwZTdhYzhlZDM5ODIyMmJlNmIzNTY2ODYxN2E3MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY0109m6SW4Yt0920GJNvjS26YjK
cvfL9S2D3ypN72UhL3ouz6wiwTpLpIu+LlJShC33hK+704XLnEPHYw9GC2mPPjUg
yCupSQ6MtdFz9XWTO7SVVMIViRYBBaunjWKDFO39gu7hDt1H7nvL7CsAG3czmmkz
xzQkzbH3gyjrw3xL28Vb6oi+4lqhG4SEWNZC/0bqlLq9oxl3wsLJUt9Rhf9JDR+o
dT/2QaO2t8Tgeerg47Vm1rW0WFc+folTmWPkBhAqX2/DpwIYwRx588isKO+MC6QK
EUsYwbRbFbBq17zKIbIey8VJZguwWIVgiFW6j3t9hOkiUfipx8tY3buQ3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPDdDcw56yO05giK+azVmhhenHgMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA2DoKZNX
ef3mR33cxEgwu7BzYXfbUQw8VqeDVI9Ye/4qCbT5CmBQTMQo9/fwd3AbP1TMJb5y
8PszEkZQ3STSMP4rEQWJWQ48AKacpq+EAlpa1qkgif6owUy4xrJej4LHzGLHnd7H
yOdxvbuJQza6ZZnFOgRFJGPK2qg5tJQARBS/SpMGJK+L6cI1MIRlRbVz26Wsmzv3
MZh6U4//+6UMz4LviukLZ41G1Y+NTq2sDiuPj4FdPsqkDfofr8sl0FrTRS38m8N8
2yVcYjEvznUJLWPO+kT3lV16RXC3nLjvVS+sbBbhL2eUP+hNj8W49KItBs1xr922
49wF2enBR3X9aA==
-----END CERTIFICATE-----