Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
File:                     LZKAom-DFWYViyYXyV0Z0zjuFdM.mft (raw, json)
Hash identifier:          s4A1Ljs35G6kAoUfqzrC0b+dvWS09KCpcPvoQSpkl1I=
Subject key identifier:   EB:F4:40:19:84:75:98:C4:14:31:DD:C1:B6:85:16:C3:8F:34:BA:DF
Authority key identifier: 2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3
Certificate issuer:       /CN=2d9280a26f831566158b2617c95d19d338ee15d3
Certificate serial:       019916F66A133C383DF55CA683579C77B86F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
Manifest number:          0380
Signing time:             Thu 04 Sep 2025 23:01:11 +0000
Manifest this update:     Thu 04 Sep 2025 23:01:11 +0000
Manifest next update:     Fri 05 Sep 2025 23:01:11 +0000
Files and hashes:         1: LZKAom-DFWYViyYXyV0Z0zjuFdM.crl (hash: /9yugy7JTzfOERoqAHmCv6ezOOjr6RgC2HyGxEWPFyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 23:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:f6:6a:13:3c:38:3d:f5:5c:a6:83:57:9c:77:b8:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d9280a26f831566158b2617c95d19d338ee15d3
        Validity
            Not Before: Sep  4 23:01:11 2025 GMT
            Not After : Sep  5 23:01:11 2025 GMT
        Subject: CN=ebf44019847598c41431ddc1b68516c38f34badf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c8:28:f5:14:f2:18:6b:7b:e0:62:a9:ab:99:
                    30:97:90:6e:23:72:95:51:f6:4e:78:2d:98:7f:4a:
                    8d:35:49:cd:ff:bd:82:41:c8:67:fe:f9:91:3b:1e:
                    9b:e3:b9:6b:9c:3f:28:b1:f2:3d:0d:27:5f:14:57:
                    fd:5e:64:53:33:d0:93:48:43:e4:ac:5d:ec:c9:16:
                    85:c1:48:e6:bb:67:e4:51:bb:8b:67:33:72:1f:24:
                    01:ee:d9:18:ab:2b:b0:16:45:d1:7c:8c:6b:ed:57:
                    05:ee:c9:f5:cd:c9:79:1e:71:31:ba:4f:29:7e:e2:
                    9b:7b:2b:76:28:6c:d5:9c:37:d6:d2:84:c4:2a:60:
                    5d:eb:3b:e7:d5:4b:8a:9e:71:87:09:f4:17:eb:25:
                    94:f8:96:58:ce:1d:ae:99:51:16:57:ca:ee:c7:4f:
                    ae:01:74:ee:ea:e8:b9:7f:6a:0b:74:3f:05:69:2d:
                    47:bc:8e:dc:36:4b:54:52:2d:83:9a:57:47:2f:e1:
                    1e:ba:c6:b6:fd:e2:57:0f:38:21:16:3d:b4:ec:3a:
                    30:85:0b:09:39:cd:41:fe:28:c9:e8:25:4d:b3:1d:
                    4a:25:7d:06:37:30:05:10:27:1c:a6:18:da:35:9d:
                    ad:86:2a:8a:35:2a:09:61:2f:ae:88:f0:6b:d5:6d:
                    59:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F4:40:19:84:75:98:C4:14:31:DD:C1:B6:85:16:C3:8F:34:BA:DF
            X509v3 Authority Key Identifier:
                keyid:2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:67:08:84:ba:4a:45:16:98:1b:4a:00:9b:8a:ab:05:b4:5d:
         04:25:27:df:39:15:51:82:50:90:45:01:06:34:d4:b9:d3:ef:
         97:30:81:05:0c:6e:f6:a7:94:b1:3d:78:0c:7f:01:81:59:3a:
         f6:b4:8d:06:d4:2b:df:af:6f:eb:65:5e:1c:f6:76:a9:e9:b0:
         77:50:4a:ad:62:28:c1:24:55:12:f0:e0:3b:62:d6:d8:32:a4:
         48:d4:06:7e:8a:5e:df:a1:c5:37:ff:df:aa:64:3e:35:67:d4:
         02:dc:52:a0:67:04:48:ac:d7:33:61:96:4c:3a:60:69:31:2b:
         35:ef:82:86:b4:dd:7e:eb:cb:c2:3c:0e:8f:2a:45:39:11:89:
         86:56:12:b1:2c:c7:47:e5:3f:fe:48:a5:9f:be:07:72:9b:ee:
         68:0c:19:45:ca:e6:fe:b7:bd:73:bd:60:03:6f:b5:1d:29:0f:
         b5:1e:88:6a:60:45:7e:1d:75:21:f9:90:98:2e:2f:d9:3a:01:
         80:d5:56:83:51:aa:47:03:ff:6d:a5:58:fd:55:bd:49:76:19:
         b7:5e:23:57:55:b9:2c:27:90:0c:97:b2:03:3c:61:e3:2c:fd:
         0c:36:c0:4f:8e:51:00:e8:bc:b5:f2:9a:f1:50:64:25:99:ac:
         14:7e:e2:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkW9moTPDg99Vymg1ecd7hvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTI4MGEyNmY4MzE1NjYxNThiMjYxN2M5NWQxOWQzMzhl
ZTE1ZDMwHhcNMjUwOTA0MjMwMTExWhcNMjUwOTA1MjMwMTExWjAzMTEwLwYDVQQD
EyhlYmY0NDAxOTg0NzU5OGM0MTQzMWRkYzFiNjg1MTZjMzhmMzRiYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcgo9RTyGGt74GKpq5kwl5BuI3KV
UfZOeC2Yf0qNNUnN/72CQchn/vmROx6b47lrnD8osfI9DSdfFFf9XmRTM9CTSEPk
rF3syRaFwUjmu2fkUbuLZzNyHyQB7tkYqyuwFkXRfIxr7VcF7sn1zcl5HnExuk8p
fuKbeyt2KGzVnDfW0oTEKmBd6zvn1UuKnnGHCfQX6yWU+JZYzh2umVEWV8rux0+u
AXTu6ui5f2oLdD8FaS1HvI7cNktUUi2DmldHL+Eeusa2/eJXDzghFj207DowhQsJ
Oc1B/ijJ6CVNsx1KJX0GNzAFECccphjaNZ2thiqKNSoJYS+uiPBr1W1ZdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOv0QBmEdZjEFDHdwbaFFsOPNLrfMB8GA1UdIwQY
MBaAFC2SgKJvgxVmFYsmF8ldGdM47hXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUt
Y2FlNDAzODRjNmJmLzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUtY2FlNDAzODRjNmJm
LzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwGcIhLpK
RRaYG0oAm4qrBbRdBCUn3zkVUYJQkEUBBjTUudPvlzCBBQxu9qeUsT14DH8BgVk6
9rSNBtQr369v62VeHPZ2qemwd1BKrWIowSRVEvDgO2LW2DKkSNQGfope36HFN//f
qmQ+NWfUAtxSoGcESKzXM2GWTDpgaTErNe+ChrTdfuvLwjwOjypFORGJhlYSsSzH
R+U//kiln74HcpvuaAwZRcrm/re9c71gA2+1HSkPtR6IamBFfh11IfmQmC4v2ToB
gNVWg1GqRwP/baVY/VW9SXYZt14jV1W5LCeQDJeyAzxh4yz9DDbAT45RAOi8tfKa
8VBkJZmsFH7iaA==
-----END CERTIFICATE-----