Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          6yCZ4Dox8kl4ZVcLm97ubM3tr4ANML5KprmnKuMqFwo=
Subject key identifier:   55:7B:66:22:A0:0A:F7:02:71:80:1B:B5:90:5F:2B:77:A8:75:E3:6F
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       01974A43B9246A55D6372AE9C9515E7C445D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          31
Signing time:             Sat 07 Jun 2025 12:00:41 +0000
Manifest this update:     Sat 07 Jun 2025 12:00:41 +0000
Manifest next update:     Sun 08 Jun 2025 12:00:41 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: 5elhU1RTlwEGwREux0RxFCmmD9s8Z83Qi0BTzyBRNHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:43:b9:24:6a:55:d6:37:2a:e9:c9:51:5e:7c:44:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Jun  7 12:00:41 2025 GMT
            Not After : Jun  8 12:00:41 2025 GMT
        Subject: CN=557b6622a00af70271801bb5905f2b77a875e36f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8f:8c:b6:ad:93:f1:c5:64:99:5b:b0:2d:9b:
                    0e:c5:0b:3d:57:fb:d6:b5:ce:d3:5c:6f:05:33:69:
                    b1:93:10:17:3c:a5:02:83:e9:10:c1:9d:58:c9:b8:
                    4e:77:94:31:60:d2:e0:5a:dc:8a:08:b8:d1:fc:cf:
                    7d:78:c2:28:47:ac:80:6b:c9:bd:29:cf:d0:59:b1:
                    66:8c:fb:3e:75:83:65:2e:79:45:17:88:b8:32:4a:
                    bc:5f:75:89:fe:13:46:60:28:ef:3d:40:bf:fa:94:
                    16:30:3a:cb:c4:dc:ba:10:81:ba:a8:55:57:e4:3c:
                    e5:73:bd:55:e0:a5:a7:af:e9:17:b8:38:7c:79:bf:
                    d8:09:05:e3:8b:c3:c7:af:c1:e3:eb:28:a2:3d:0d:
                    a9:d5:de:b7:a7:59:c2:d2:9a:24:42:d8:8f:1b:be:
                    0b:4d:86:60:d6:a0:0d:f2:4b:d7:05:41:59:6e:a8:
                    e2:ff:b2:fc:21:ee:e8:36:6a:d1:22:ec:73:c8:65:
                    07:cb:d6:0f:c5:77:1d:30:b3:f1:de:58:a7:13:c1:
                    ef:27:91:f9:37:7b:6f:02:87:49:96:8d:d0:8f:d2:
                    93:82:d4:c3:0f:60:e4:a8:b6:f7:8a:5b:7a:98:01:
                    a2:64:79:05:a2:7e:3a:bd:76:cd:b8:b8:f0:a3:38:
                    65:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:7B:66:22:A0:0A:F7:02:71:80:1B:B5:90:5F:2B:77:A8:75:E3:6F
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:7c:e5:b3:e3:3c:2f:8f:c8:50:17:b9:f3:93:0c:6a:c0:53:
         23:44:a0:dc:f8:91:01:f8:99:92:96:70:ed:e0:7e:4b:b1:38:
         51:ab:78:b6:a4:df:6d:2a:8e:0d:59:89:5d:ea:a9:9e:29:5a:
         8f:4d:66:81:97:f4:93:e7:bc:71:70:fe:d1:e8:9b:08:bd:df:
         4d:f4:ae:e7:7c:8e:6e:0a:9a:cf:bb:fe:3f:40:4d:9b:f9:2f:
         68:05:f5:a7:73:79:8a:ea:c0:bc:f6:ce:7e:7f:24:6c:49:21:
         02:dc:60:7a:3f:38:8c:1f:de:cb:81:8a:79:b6:84:ef:59:30:
         60:6d:2e:2e:27:cb:79:8a:fb:e3:c9:d8:e6:a6:5b:85:3f:65:
         a4:60:bf:5b:96:f3:71:a6:11:d2:6d:48:e5:12:28:44:6b:94:
         b9:8e:78:19:f8:ab:86:82:ba:76:9c:83:a6:d8:5e:72:28:db:
         46:d7:fc:7a:0c:fc:94:d4:b1:c9:62:dc:98:1a:8a:de:99:5b:
         ae:48:25:49:68:77:6d:22:ce:e4:87:7e:50:ee:7b:ef:f6:b3:
         83:f4:80:05:e0:34:19:4c:50:7e:f1:f3:9d:b0:14:f2:85:60:
         29:a6:9e:8f:ee:0b:09:2b:cd:f7:36:34:31:50:2b:08:7c:59:
         b0:9e:cf:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ7kkalXWNyrpyVFefERdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUwNjA3MTIwMDQxWhcNMjUwNjA4MTIwMDQxWjAzMTEwLwYDVQQD
Eyg1NTdiNjYyMmEwMGFmNzAyNzE4MDFiYjU5MDVmMmI3N2E4NzVlMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI+Mtq2T8cVkmVuwLZsOxQs9V/vW
tc7TXG8FM2mxkxAXPKUCg+kQwZ1YybhOd5QxYNLgWtyKCLjR/M99eMIoR6yAa8m9
Kc/QWbFmjPs+dYNlLnlFF4i4Mkq8X3WJ/hNGYCjvPUC/+pQWMDrLxNy6EIG6qFVX
5Dzlc71V4KWnr+kXuDh8eb/YCQXji8PHr8Hj6yiiPQ2p1d63p1nC0pokQtiPG74L
TYZg1qAN8kvXBUFZbqji/7L8Ie7oNmrRIuxzyGUHy9YPxXcdMLPx3linE8HvJ5H5
N3tvAodJlo3Qj9KTgtTDD2DkqLb3ilt6mAGiZHkFon46vXbNuLjwozhlswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV7ZiKgCvcCcYAbtZBfK3eodeNvMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApnzls+M8
L4/IUBe585MMasBTI0Sg3PiRAfiZkpZw7eB+S7E4Uat4tqTfbSqODVmJXeqpnila
j01mgZf0k+e8cXD+0eibCL3fTfSu53yObgqaz7v+P0BNm/kvaAX1p3N5iurAvPbO
fn8kbEkhAtxgej84jB/ey4GKebaE71kwYG0uLifLeYr748nY5qZbhT9lpGC/W5bz
caYR0m1I5RIoRGuUuY54GfirhoK6dpyDpthecijbRtf8egz8lNSxyWLcmBqK3plb
rkglSWh3bSLO5Id+UO577/azg/SABeA0GUxQfvHznbAU8oVgKaaej+4LCSvN9zY0
MVArCHxZsJ7PSA==
-----END CERTIFICATE-----