Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          RjX5W3X7KdbDZZu6SJKUCs9OmSr4/iyVIYv3Mb0FCkM=
Subject key identifier:   54:96:04:C5:8F:1B:D7:AA:1A:F0:09:6A:C7:1B:D3:63:F8:C9:17:8D
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       019A71B83163EF48CD133773A4ACD19EBDE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: b4PPNX4WGwFWc5z6omyX6Cw+/ChDskXd4QIOzFY0vOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:31:63:ef:48:cd:13:37:73:a4:ac:d1:9e:bd:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=549604c58f1bd7aa1af0096ac71bd363f8c9178d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:63:18:ef:79:a5:57:7a:bf:bf:ac:83:e8:41:
                    f7:b4:ec:d4:1e:e2:fc:41:05:82:1a:84:6b:32:9b:
                    e1:ea:af:8e:c4:9e:98:d0:f5:95:42:c1:c1:87:71:
                    c5:0d:08:95:17:e0:ee:b5:cd:b4:fe:9c:a3:8f:a0:
                    03:2c:7e:3b:fd:66:51:25:e1:e3:d4:67:97:75:5e:
                    13:63:8f:c2:8c:0d:cb:c6:e7:b7:b3:21:1d:0e:02:
                    f9:ca:6f:2d:64:28:8e:25:b4:06:64:12:56:6d:6f:
                    7e:c9:3f:87:dd:8d:ca:98:60:8c:05:83:d1:f6:ae:
                    86:fd:a3:57:5c:59:ab:dd:0c:ff:54:3d:61:cc:cd:
                    b8:5b:7e:9c:dc:47:23:0f:96:1c:2f:3e:b3:dc:9c:
                    3e:09:a4:6a:4b:47:5e:fd:6a:02:c9:ad:1b:89:46:
                    9d:1b:34:27:52:2b:22:f4:b9:96:15:04:b7:3f:af:
                    89:5a:87:96:fa:22:72:ce:4d:9d:51:ac:38:69:4f:
                    d3:a2:a6:d1:41:52:63:47:cc:66:32:34:dd:e7:9e:
                    2d:67:19:46:94:fb:c9:35:7e:8b:04:60:70:68:c4:
                    d0:7d:75:c2:91:b7:43:1c:12:ed:bd:e9:26:3a:07:
                    49:00:3d:79:25:cb:4c:94:81:a2:73:d8:f8:b6:f4:
                    65:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:96:04:C5:8F:1B:D7:AA:1A:F0:09:6A:C7:1B:D3:63:F8:C9:17:8D
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:68:58:12:8c:21:ba:0a:4c:83:5e:81:c0:f4:27:cb:54:dd:
         51:46:fa:c3:58:61:90:c7:bd:85:47:6b:72:8e:0e:e1:63:bb:
         e2:b7:08:17:56:f7:f6:83:ba:22:d1:32:62:87:e6:ce:cf:cc:
         4a:96:f9:db:63:47:fd:3d:00:21:03:b0:e0:8c:d0:b1:23:af:
         49:44:e9:07:9a:95:e2:08:f9:7d:1c:ab:a6:39:31:7e:0f:4a:
         ad:93:95:83:e5:05:a5:af:93:82:94:a7:ab:64:b3:ef:a6:f8:
         81:c8:fd:61:be:e3:fd:22:19:cb:38:08:f5:1b:b6:88:b8:78:
         88:a7:82:8d:1a:19:e2:65:92:d1:8e:5b:00:17:ed:81:cd:47:
         7b:65:34:46:80:10:f8:a6:25:1c:86:06:b7:1c:59:57:ae:eb:
         55:05:5d:a9:6f:35:ae:07:e0:0a:0f:1d:18:51:c6:41:e2:3c:
         3a:6e:86:f2:6c:6b:79:a7:e3:fc:9a:67:d3:f6:fe:bc:66:61:
         b3:44:c7:56:7c:38:6a:ef:d8:2e:ad:08:38:53:ef:6b:9c:72:
         f1:d4:91:d2:96:6c:a4:05:8b:d1:0c:40:1f:ee:c6:ff:49:a2:
         ef:47:e1:bb:eb:7b:d0:a7:7a:cb:db:ec:0d:b5:73:8b:9b:81:
         36:36:9d:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDFj70jNEzdzpKzRnr3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg1NDk2MDRjNThmMWJkN2FhMWFmMDA5NmFjNzFiZDM2M2Y4YzkxNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02MY73mlV3q/v6yD6EH3tOzUHuL8
QQWCGoRrMpvh6q+OxJ6Y0PWVQsHBh3HFDQiVF+Dutc20/pyjj6ADLH47/WZRJeHj
1GeXdV4TY4/CjA3Lxue3syEdDgL5ym8tZCiOJbQGZBJWbW9+yT+H3Y3KmGCMBYPR
9q6G/aNXXFmr3Qz/VD1hzM24W36c3EcjD5YcLz6z3Jw+CaRqS0de/WoCya0biUad
GzQnUisi9LmWFQS3P6+JWoeW+iJyzk2dUaw4aU/ToqbRQVJjR8xmMjTd554tZxlG
lPvJNX6LBGBwaMTQfXXCkbdDHBLtvekmOgdJAD15JctMlIGic9j4tvRlAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSWBMWPG9eqGvAJascb02P4yReNMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl2hYEowh
ugpMg16BwPQny1TdUUb6w1hhkMe9hUdrco4O4WO74rcIF1b39oO6ItEyYofmzs/M
Spb522NH/T0AIQOw4IzQsSOvSUTpB5qV4gj5fRyrpjkxfg9KrZOVg+UFpa+TgpSn
q2Sz76b4gcj9Yb7j/SIZyzgI9Ru2iLh4iKeCjRoZ4mWS0Y5bABftgc1He2U0RoAQ
+KYlHIYGtxxZV67rVQVdqW81rgfgCg8dGFHGQeI8Om6G8mxreafj/Jpn0/b+vGZh
s0THVnw4au/YLq0IOFPva5xy8dSR0pZspAWL0QxAH+7G/0mi70fhu+t70Kd6y9vs
DbVzi5uBNjadNA==
-----END CERTIFICATE-----