Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          C0bcuL327J1qtjLrRqUU/5O+W0eSIsM+dvQtFk09FHs=
Subject key identifier:   26:24:7C:5D:CD:CB:97:80:49:51:81:11:58:12:91:76:E8:13:FD:FD
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       01976D3DF9B8D30DA299DAFAAE6D0CD2264C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 07:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:07 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: SyI+2DGQCFeBPQVitWGZBBikDay5VM06N4WKc8sI3dQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:f9:b8:d3:0d:a2:99:da:fa:ae:6d:0c:d2:26:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Jun 14 07:01:07 2025 GMT
            Not After : Jun 15 07:01:07 2025 GMT
        Subject: CN=26247c5dcdcb97804951811158129176e813fdfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:24:de:ec:00:7d:b8:0d:7c:e1:20:77:89:ed:
                    ad:4e:3b:6b:1f:3a:f4:60:58:77:38:9a:81:42:2b:
                    45:32:f5:ad:5c:2b:73:28:15:d8:b6:01:95:46:1a:
                    4a:e1:70:6d:86:8f:ee:9d:46:8c:1c:bb:66:31:19:
                    0a:ae:c2:9e:83:48:14:1c:b6:db:cc:d0:24:18:f6:
                    81:9f:75:6f:da:86:48:f7:b8:2e:04:cb:4a:24:63:
                    4f:de:ff:d8:9d:8a:07:27:aa:15:0c:a1:18:c4:4e:
                    7c:35:51:0c:ec:43:19:58:21:89:d7:c8:8f:64:48:
                    c4:f3:e1:8c:f9:8c:7b:a1:54:f9:7b:66:59:ba:32:
                    75:70:b7:ff:e7:53:c3:c5:fa:54:ee:18:46:68:70:
                    4d:07:2b:85:8c:5d:56:18:2c:fb:f7:c2:cd:66:33:
                    e8:64:dc:90:8e:bb:71:97:6a:86:58:bd:6c:1c:3d:
                    bf:88:c9:9a:48:5b:f1:e3:85:42:c9:39:d9:6e:24:
                    ea:52:73:c8:d8:10:1e:af:ae:bf:13:e0:92:b2:dd:
                    86:57:03:66:c3:a1:f7:25:76:d1:96:4a:d0:8e:51:
                    c2:a2:05:1e:ef:3d:d1:57:52:22:41:85:70:fd:6b:
                    d9:ef:d0:0a:49:23:97:c4:fa:52:9a:37:da:ca:06:
                    72:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:24:7C:5D:CD:CB:97:80:49:51:81:11:58:12:91:76:E8:13:FD:FD
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e3:30:e2:0b:00:9d:58:b7:bb:0d:7f:a2:67:8d:b3:fd:96:51:
         e8:73:98:43:18:b1:d3:52:bf:92:93:ac:dc:ae:ec:1f:ea:fc:
         2e:44:31:55:3c:19:97:2b:5a:ac:0a:4f:1f:96:06:e0:09:60:
         22:45:c4:94:5d:f2:ae:28:f8:1d:ae:40:0a:df:19:02:b3:78:
         e9:f9:87:69:12:02:db:c6:4a:34:58:88:b7:c6:5d:6e:d9:18:
         61:f6:07:c8:d3:c6:f8:fa:2a:37:5a:53:97:a7:69:5e:ab:17:
         8d:c6:b9:b2:71:83:72:87:3f:fa:87:61:02:ca:cf:77:90:e8:
         aa:d8:1c:e8:6e:47:2a:24:df:44:44:11:76:48:6b:ba:7b:40:
         3d:c8:97:39:88:dc:56:3d:08:4f:89:8a:54:6f:55:8a:cf:ed:
         66:93:19:db:94:ea:da:24:92:30:1a:71:ec:9c:1b:5b:95:ef:
         95:d0:f0:a3:b3:7b:25:17:d7:f3:e0:59:45:2c:4b:a9:a0:85:
         48:0f:fa:43:52:dc:78:fe:52:3f:f9:c3:ed:9f:1b:44:36:95:
         72:7a:96:ee:de:7a:f2:4d:bd:89:e9:aa:a7:55:ef:75:b4:70:
         54:89:d1:6c:87:d3:46:e3:ae:ed:72:78:ef:b5:75:16:ed:85:
         64:ba:d4:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPfm40w2imdr6rm0M0iZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjUwNjE0MDcwMTA3WhcNMjUwNjE1MDcwMTA3WjAzMTEwLwYDVQQD
EygyNjI0N2M1ZGNkY2I5NzgwNDk1MTgxMTE1ODEyOTE3NmU4MTNmZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iTe7AB9uA184SB3ie2tTjtrHzr0
YFh3OJqBQitFMvWtXCtzKBXYtgGVRhpK4XBtho/unUaMHLtmMRkKrsKeg0gUHLbb
zNAkGPaBn3Vv2oZI97guBMtKJGNP3v/YnYoHJ6oVDKEYxE58NVEM7EMZWCGJ18iP
ZEjE8+GM+Yx7oVT5e2ZZujJ1cLf/51PDxfpU7hhGaHBNByuFjF1WGCz798LNZjPo
ZNyQjrtxl2qGWL1sHD2/iMmaSFvx44VCyTnZbiTqUnPI2BAer66/E+CSst2GVwNm
w6H3JXbRlkrQjlHCogUe7z3RV1IiQYVw/WvZ79AKSSOXxPpSmjfaygZy3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYkfF3Ny5eASVGBEVgSkXboE/39MB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4zDiCwCd
WLe7DX+iZ42z/ZZR6HOYQxix01K/kpOs3K7sH+r8LkQxVTwZlytarApPH5YG4Alg
IkXElF3yrij4Ha5ACt8ZArN46fmHaRIC28ZKNFiIt8ZdbtkYYfYHyNPG+PoqN1pT
l6dpXqsXjca5snGDcoc/+odhAsrPd5Doqtgc6G5HKiTfREQRdkhruntAPciXOYjc
Vj0IT4mKVG9Vis/tZpMZ25Tq2iSSMBpx7JwbW5XvldDwo7N7JRfX8+BZRSxLqaCF
SA/6Q1LceP5SP/nD7Z8bRDaVcnqW7t568k29iemqp1XvdbRwVInRbIfTRuOu7XJ4
77V1Fu2FZLrUFg==
-----END CERTIFICATE-----