Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
File:                     LZKAom-DFWYViyYXyV0Z0zjuFdM.mft (raw, json)
Hash identifier:          /T2iYsZj92jFiuOkiR/kXIHK3hWkjuvcHimOdLJwmD8=
Subject key identifier:   66:8D:E8:EA:13:0C:05:E8:5F:D0:15:67:A2:9C:EA:11:D8:AD:E1:53
Authority key identifier: 2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3
Certificate issuer:       /CN=2d9280a26f831566158b2617c95d19d338ee15d3
Certificate serial:       019D390A10DD8BF9066A6F84F0756C933C8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
Manifest number:          05A4
Signing time:             Sun 29 Mar 2026 10:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:53 +0000
Files and hashes:         1: LZKAom-DFWYViyYXyV0Z0zjuFdM.crl (hash: 9ECqG0wv9pwTnMTsbA76kSAitjbDROvNajRlZjKl9IM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:10:dd:8b:f9:06:6a:6f:84:f0:75:6c:93:3c:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d9280a26f831566158b2617c95d19d338ee15d3
        Validity
            Not Before: Mar 29 10:00:53 2026 GMT
            Not After : Mar 30 10:00:53 2026 GMT
        Subject: CN=668de8ea130c05e85fd01567a29cea11d8ade153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2b:b8:46:5c:84:82:52:0b:31:41:cc:87:91:
                    e8:6e:a1:8d:27:e5:2b:4b:ac:7d:61:9b:fb:38:2f:
                    1b:e2:a8:24:94:06:c6:7b:cb:b3:31:c5:b4:6a:6e:
                    f0:07:03:9a:3f:d2:e3:db:81:e6:39:9d:56:c6:b2:
                    0c:ef:63:da:03:b2:35:e1:4e:53:71:44:96:e6:a3:
                    94:7f:1e:7b:c6:34:68:09:9e:83:34:40:cc:96:bf:
                    e8:11:ab:f2:f9:a7:21:ef:8d:dd:b2:d5:ee:bf:83:
                    83:d0:71:9c:7f:cb:e9:1d:7d:a6:15:6b:4e:d1:4c:
                    9c:9a:c9:9e:90:62:05:ec:ba:0b:7a:67:88:1f:7a:
                    5d:86:96:5f:7c:8c:f7:54:cf:60:bc:7e:21:c6:51:
                    18:03:45:89:d0:df:84:0a:91:2c:4b:34:c7:4a:fc:
                    33:b4:8f:2b:06:76:7f:12:ee:f8:63:69:54:f9:c4:
                    46:36:cb:03:4d:3a:1b:49:7f:fb:16:a8:07:11:b8:
                    56:8b:ff:cc:11:f3:7c:a7:75:74:72:f3:ca:87:93:
                    1c:d0:82:9a:0a:6e:63:4b:98:6c:a6:48:92:93:61:
                    76:35:1c:d2:55:b6:19:6c:c2:e1:4f:46:d7:6e:55:
                    16:92:5a:73:3e:a1:c0:3f:4a:ea:c5:b7:8f:83:fc:
                    55:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:8D:E8:EA:13:0C:05:E8:5F:D0:15:67:A2:9C:EA:11:D8:AD:E1:53
            X509v3 Authority Key Identifier:
                keyid:2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:21:0f:eb:40:84:7d:9f:b7:e7:36:d1:c8:d2:5f:5a:94:61:
         a0:c2:74:14:bc:e4:04:86:a2:97:b9:5f:a0:3a:9c:0f:5f:18:
         46:26:e2:db:a0:d6:af:1e:1c:41:04:e9:0e:0a:98:24:82:d4:
         b2:05:79:24:45:89:6b:6d:83:17:9c:da:36:61:2d:25:05:79:
         69:ca:5f:43:93:63:9d:68:0f:2a:bc:2f:ab:60:52:33:78:5e:
         f3:6b:51:0b:71:e9:94:fe:f3:e2:dd:4c:d2:23:75:20:6b:40:
         c6:dc:c3:29:c4:23:cc:f1:ef:2e:13:de:dd:9a:4b:ec:1a:5e:
         70:01:72:df:6c:c1:3c:13:f2:11:69:84:9d:60:38:91:2c:fc:
         8a:c3:6b:2f:9a:b5:bc:29:08:01:f3:05:05:f5:69:c7:5a:fd:
         dd:3a:df:c5:2e:a7:b2:2c:db:49:16:3f:df:36:cf:80:47:2f:
         74:29:a1:6c:6a:72:f8:e2:19:c1:f9:54:81:11:d6:f3:9e:2e:
         62:fe:34:00:6c:47:76:b7:71:72:1a:08:f2:25:f7:38:b5:6b:
         34:69:c0:ea:b7:b0:d3:3d:a5:b3:ed:9d:c3:36:da:3e:60:8d:
         23:1a:f3:ae:80:87:d4:f4:32:a0:af:46:51:59:f2:26:4c:2d:
         ce:e7:41:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChDdi/kGam+E8HVskzyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTI4MGEyNmY4MzE1NjYxNThiMjYxN2M5NWQxOWQzMzhl
ZTE1ZDMwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
Eyg2NjhkZThlYTEzMGMwNWU4NWZkMDE1NjdhMjljZWExMWQ4YWRlMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Su4RlyEglILMUHMh5HobqGNJ+Ur
S6x9YZv7OC8b4qgklAbGe8uzMcW0am7wBwOaP9Lj24HmOZ1WxrIM72PaA7I14U5T
cUSW5qOUfx57xjRoCZ6DNEDMlr/oEavy+ach743dstXuv4OD0HGcf8vpHX2mFWtO
0UycmsmekGIF7LoLemeIH3pdhpZffIz3VM9gvH4hxlEYA0WJ0N+ECpEsSzTHSvwz
tI8rBnZ/Eu74Y2lU+cRGNssDTTobSX/7FqgHEbhWi//MEfN8p3V0cvPKh5Mc0IKa
Cm5jS5hspkiSk2F2NRzSVbYZbMLhT0bXblUWklpzPqHAP0rqxbePg/xVDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaN6OoTDAXoX9AVZ6Kc6hHYreFTMB8GA1UdIwQY
MBaAFC2SgKJvgxVmFYsmF8ldGdM47hXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUt
Y2FlNDAzODRjNmJmLzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUtY2FlNDAzODRjNmJm
LzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbiEP60CE
fZ+35zbRyNJfWpRhoMJ0FLzkBIail7lfoDqcD18YRibi26DWrx4cQQTpDgqYJILU
sgV5JEWJa22DF5zaNmEtJQV5acpfQ5NjnWgPKrwvq2BSM3he82tRC3HplP7z4t1M
0iN1IGtAxtzDKcQjzPHvLhPe3ZpL7BpecAFy32zBPBPyEWmEnWA4kSz8isNrL5q1
vCkIAfMFBfVpx1r93TrfxS6nsizbSRY/3zbPgEcvdCmhbGpy+OIZwflUgRHW854u
Yv40AGxHdrdxchoI8iX3OLVrNGnA6rew0z2ls+2dwzbaPmCNIxrzroCH1PQyoK9G
UVnyJkwtzudB2w==
-----END CERTIFICATE-----