Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File:                     lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier:          QrQMrp4BzDLy35dBTMRL/OIEPWVEfwLE1QTQSQNUp20=
Subject key identifier:   0C:09:C5:10:C5:D5:A8:0A:34:CF:F6:76:2C:DA:FB:64:52:18:46:7A
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer:       /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial:       019763CCA5A2B32260A3D3D602FECF76E6DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number:          0CC1
Signing time:             Thu 12 Jun 2025 11:00:45 +0000
Manifest this update:     Thu 12 Jun 2025 11:00:45 +0000
Manifest next update:     Fri 13 Jun 2025 11:00:45 +0000
Files and hashes:         1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
                          2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: 1YUg2FXuKdl17PLWsVeMN47GGJipJwmRSwCAG7FYloI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 11:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:cc:a5:a2:b3:22:60:a3:d3:d6:02:fe:cf:76:e6:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
        Validity
            Not Before: Jun 12 11:00:45 2025 GMT
            Not After : Jun 13 11:00:45 2025 GMT
        Subject: CN=0c09c510c5d5a80a34cff6762cdafb645218467a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:87:37:ec:67:5e:72:2f:c5:c9:ec:ad:ac:db:
                    2b:6c:c8:d6:cc:88:0b:ef:23:e4:9e:10:e5:52:04:
                    28:d7:26:ae:ed:09:0c:cb:f3:cb:b8:ba:d8:65:e0:
                    3f:bc:9c:8b:9c:33:40:0b:1d:78:37:16:11:81:53:
                    b3:13:0e:47:70:73:5e:a0:c7:63:f3:2e:82:c5:1d:
                    71:f7:f7:ea:6d:e8:e0:0b:53:06:28:86:0c:ef:b9:
                    be:4c:41:2e:83:41:d4:8c:fc:ef:ca:5e:d5:a2:a0:
                    74:44:61:bc:d5:2c:3c:43:fe:e4:8c:24:55:f0:88:
                    4c:88:54:1e:ac:56:32:f0:b3:5f:56:6c:cf:70:7a:
                    5b:8a:51:5b:b3:34:e4:63:e1:af:2a:15:2a:6d:0c:
                    50:0b:e3:83:ca:e5:b0:43:4a:da:f0:2c:d4:cd:cb:
                    a6:6e:8e:8b:20:cf:27:d4:12:d3:6d:df:db:cd:85:
                    53:c4:07:00:ba:a2:47:27:5f:7d:df:de:1c:be:fd:
                    15:b7:8f:7f:01:27:44:9d:b0:b7:73:76:30:33:42:
                    10:74:e5:df:dc:f2:f5:b3:1b:7e:73:af:73:1c:4d:
                    b0:da:e3:97:f0:23:66:a9:50:e6:63:a7:5e:cb:23:
                    91:0e:07:68:ba:fc:dd:d9:cd:f1:d7:13:df:09:aa:
                    cb:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:09:C5:10:C5:D5:A8:0A:34:CF:F6:76:2C:DA:FB:64:52:18:46:7A
            X509v3 Authority Key Identifier:
                keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:4b:22:07:ae:85:f6:9a:6a:00:69:f2:41:ee:af:9d:53:aa:
         e2:02:3c:ff:ec:f8:58:f5:07:7b:64:8b:f6:4b:af:27:d2:20:
         5e:d2:71:15:c0:81:23:97:dd:56:14:71:2c:86:21:32:7d:6e:
         25:ae:d5:db:06:8d:ed:70:6c:2f:88:9d:35:3e:06:46:da:cb:
         55:e0:0c:93:16:b5:6d:49:3e:8e:c3:47:5b:bc:30:64:de:e2:
         44:e7:55:f3:17:a8:98:bf:14:64:9e:3a:e6:82:34:fc:36:aa:
         c7:65:aa:b9:4e:86:ba:df:f3:39:ae:4c:2e:bf:bd:60:76:18:
         5f:1a:cd:2e:07:3f:a1:6d:80:78:c0:ac:d1:f4:4c:d2:8c:88:
         19:2d:fb:a4:58:10:67:84:a1:18:38:d7:dd:74:cc:c8:4c:56:
         c7:21:f3:6c:28:9c:2e:1e:82:94:86:40:87:4f:f2:96:3b:56:
         4f:0a:7e:74:08:50:ce:71:be:da:8a:cb:67:fb:44:e0:af:a0:
         44:00:51:6e:c2:1b:9e:64:5b:5a:05:8a:6a:a7:34:bb:7c:44:
         d4:57:12:23:ac:69:29:84:8b:bd:26:98:62:50:55:ca:15:fc:
         12:d2:aa:47:5a:7a:be:99:23:13:d5:3d:8c:26:11:74:9a:38:
         21:83:db:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjzKWisyJgo9PWAv7PdubeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUwNjEyMTEwMDQ1WhcNMjUwNjEzMTEwMDQ1WjAzMTEwLwYDVQQD
EygwYzA5YzUxMGM1ZDVhODBhMzRjZmY2NzYyY2RhZmI2NDUyMTg0NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYc37Gdeci/FyeytrNsrbMjWzIgL
7yPknhDlUgQo1yau7QkMy/PLuLrYZeA/vJyLnDNACx14NxYRgVOzEw5HcHNeoMdj
8y6CxR1x9/fqbejgC1MGKIYM77m+TEEug0HUjPzvyl7VoqB0RGG81Sw8Q/7kjCRV
8IhMiFQerFYy8LNfVmzPcHpbilFbszTkY+GvKhUqbQxQC+ODyuWwQ0ra8CzUzcum
bo6LIM8n1BLTbd/bzYVTxAcAuqJHJ199394cvv0Vt49/ASdEnbC3c3YwM0IQdOXf
3PL1sxt+c69zHE2w2uOX8CNmqVDmY6deyyORDgdouvzd2c3x1xPfCarLFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwJxRDF1agKNM/2diza+2RSGEZ6MB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUsiB66F
9ppqAGnyQe6vnVOq4gI8/+z4WPUHe2SL9kuvJ9IgXtJxFcCBI5fdVhRxLIYhMn1u
Ja7V2waN7XBsL4idNT4GRtrLVeAMkxa1bUk+jsNHW7wwZN7iROdV8xeomL8UZJ46
5oI0/Daqx2WquU6Gut/zOa5MLr+9YHYYXxrNLgc/oW2AeMCs0fRM0oyIGS37pFgQ
Z4ShGDjX3XTMyExWxyHzbCicLh6ClIZAh0/yljtWTwp+dAhQznG+2orLZ/tE4K+g
RABRbsIbnmRbWgWKaqc0u3xE1FcSI6xpKYSLvSaYYlBVyhX8EtKqR1p6vpkjE9U9
jCYRdJo4IYPbag==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:37:59 2025 by rpki-client