Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File:                     lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier:          7oQWqNa5g89zE+GDyghPQ0gTaNUolhSL3Fqc12xFKoE=
Subject key identifier:   60:62:E3:A7:83:45:8C:A1:1F:37:4D:8F:09:1B:25:01:90:98:79:4E
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer:       /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial:       0197526B698939137154787113382A980848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number:          0CB8
Signing time:             Mon 09 Jun 2025 02:01:00 +0000
Manifest this update:     Mon 09 Jun 2025 02:01:00 +0000
Manifest next update:     Tue 10 Jun 2025 02:01:00 +0000
Files and hashes:         1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
                          2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: M8M6jgvPQ/UnRpqREs9p7yImcu3THnBoDVCcg5LN4Zc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:6b:69:89:39:13:71:54:78:71:13:38:2a:98:08:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
        Validity
            Not Before: Jun  9 02:01:00 2025 GMT
            Not After : Jun 10 02:01:00 2025 GMT
        Subject: CN=6062e3a783458ca11f374d8f091b25019098794e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0f:77:5d:33:54:e9:0d:bc:6c:ea:fc:d2:8f:
                    9c:e6:ce:3b:94:9a:3f:2f:ad:c5:54:d6:1b:6e:e0:
                    21:a9:24:49:d4:a9:5a:ba:2c:11:dd:6f:5c:e3:35:
                    42:e9:92:80:a9:ed:5a:7e:08:64:cc:f7:88:93:23:
                    6c:91:38:aa:fa:06:e7:8a:5d:1a:eb:da:65:b4:5a:
                    d7:bf:1d:b8:be:de:ca:da:4c:ba:bd:99:62:ab:73:
                    8d:5b:63:99:d4:29:b5:1a:8f:2c:27:a8:21:98:d5:
                    39:a5:f2:86:b3:be:b8:15:f8:26:ea:53:dc:0a:86:
                    43:98:0d:79:f8:7a:06:d8:90:dc:ab:6d:33:32:e3:
                    1e:dc:a9:34:55:f3:10:26:ce:db:e8:3b:08:f5:27:
                    ca:1a:7b:04:7c:98:76:bd:7a:a0:b6:68:8b:c3:1a:
                    b8:6d:1d:7b:4b:b0:c1:2b:42:52:5f:ae:21:e5:95:
                    9d:82:7b:06:00:1f:8a:80:0d:50:cc:3d:9f:e1:f9:
                    a0:04:03:ed:85:38:07:83:4f:01:1c:9e:68:f7:7a:
                    49:84:30:55:54:b4:8d:c4:a3:52:2a:f6:47:96:4e:
                    7c:4d:e3:42:f2:80:5c:2a:3c:83:41:7f:78:b6:21:
                    6b:f4:ea:25:52:a1:31:e7:9e:8f:f8:e9:72:10:d6:
                    ce:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:62:E3:A7:83:45:8C:A1:1F:37:4D:8F:09:1B:25:01:90:98:79:4E
            X509v3 Authority Key Identifier:
                keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:c0:2f:6a:79:fc:4b:bb:d9:93:d6:58:b5:37:5c:54:19:bb:
         d6:60:69:49:8c:90:e1:dc:94:89:9a:8a:f1:72:d6:3f:bf:93:
         f4:6b:72:91:43:72:60:43:d3:df:86:04:0b:38:45:ba:75:36:
         72:a2:74:de:53:b2:3a:62:7e:10:cc:c7:22:ae:8b:32:13:12:
         03:9e:f5:9a:ef:6c:f6:4e:bb:2d:fd:58:b2:19:38:a4:b5:a7:
         53:2e:68:5e:9a:f1:45:95:8b:66:64:08:d4:4b:b1:d6:41:68:
         e3:21:00:a8:63:e5:df:b0:1d:47:30:6b:b0:b7:93:69:d3:db:
         be:f1:b1:56:fb:53:a8:d3:f2:23:ba:6a:ed:cb:1d:e4:78:f8:
         82:cc:d9:1c:f5:40:96:98:79:41:59:95:b5:ae:25:07:46:44:
         00:2a:cb:24:c9:0d:83:6b:5f:1d:e7:fa:bb:94:17:f0:6e:22:
         6e:33:9f:82:42:05:63:54:d8:17:a2:ee:52:51:36:98:7d:2c:
         e5:6e:2e:e3:01:3e:cf:bf:2e:30:2f:2d:77:fc:9f:73:c2:f6:
         e0:cb:c0:fa:46:43:13:8c:50:c4:00:8a:9c:33:81:2b:69:f1:
         16:24:78:f5:a2:56:f4:eb:c6:05:c1:28:47:d1:7d:e5:fa:fe:
         01:e7:75:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSa2mJORNxVHhxEzgqmAhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUwNjA5MDIwMTAwWhcNMjUwNjEwMDIwMTAwWjAzMTEwLwYDVQQD
Eyg2MDYyZTNhNzgzNDU4Y2ExMWYzNzRkOGYwOTFiMjUwMTkwOTg3OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ93XTNU6Q28bOr80o+c5s47lJo/
L63FVNYbbuAhqSRJ1KlauiwR3W9c4zVC6ZKAqe1afghkzPeIkyNskTiq+gbnil0a
69pltFrXvx24vt7K2ky6vZliq3ONW2OZ1Cm1Go8sJ6ghmNU5pfKGs764Ffgm6lPc
CoZDmA15+HoG2JDcq20zMuMe3Kk0VfMQJs7b6DsI9SfKGnsEfJh2vXqgtmiLwxq4
bR17S7DBK0JSX64h5ZWdgnsGAB+KgA1QzD2f4fmgBAPthTgHg08BHJ5o93pJhDBV
VLSNxKNSKvZHlk58TeNC8oBcKjyDQX94tiFr9OolUqEx556P+OlyENbO9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBi46eDRYyhHzdNjwkbJQGQmHlOMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMAvann8
S7vZk9ZYtTdcVBm71mBpSYyQ4dyUiZqK8XLWP7+T9GtykUNyYEPT34YECzhFunU2
cqJ03lOyOmJ+EMzHIq6LMhMSA571mu9s9k67Lf1Yshk4pLWnUy5oXprxRZWLZmQI
1Eux1kFo4yEAqGPl37AdRzBrsLeTadPbvvGxVvtTqNPyI7pq7csd5Hj4gszZHPVA
lph5QVmVta4lB0ZEACrLJMkNg2tfHef6u5QX8G4ibjOfgkIFY1TYF6LuUlE2mH0s
5W4u4wE+z78uMC8td/yfc8L24MvA+kZDE4xQxACKnDOBK2nxFiR49aJW9OvGBcEo
R9F95fr+Aed1sQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:41:15 2025 by rpki-client