Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          by4FzwYKpTl60954OdM07m/xnlQcfVO0oYbezXaxvR0=
Subject key identifier:   89:D4:4A:94:AB:D7:75:EF:42:D4:44:15:0E:A0:66:FF:D3:C3:69:49
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       019923A0AD371D516DC5FCBD48B2CE655CA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          0126
Signing time:             Sun 07 Sep 2025 10:02:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:36 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: ZogiaZfg7dFWhJrE01vNhCBGiu718urp0/Hvc8cnMOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:ad:37:1d:51:6d:c5:fc:bd:48:b2:ce:65:5c:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Sep  7 10:02:36 2025 GMT
            Not After : Sep  8 10:02:36 2025 GMT
        Subject: CN=89d44a94abd775ef42d444150ea066ffd3c36949
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:90:01:45:72:d7:2a:8b:b5:3f:5c:67:09:35:
                    86:d8:18:32:5f:1c:9c:8d:0a:6b:28:d8:c7:ea:e3:
                    31:2a:83:de:62:34:d5:6f:5f:28:3c:9c:7d:ac:e4:
                    95:a9:5a:c2:3f:33:da:56:98:bf:50:61:88:42:8a:
                    05:16:75:cc:84:a4:50:75:e3:8e:61:f1:c1:38:c9:
                    54:4b:90:b9:ad:7e:a7:56:b6:54:05:c0:5d:da:54:
                    f9:5a:28:5b:ed:70:1c:ab:dc:21:d8:a3:fe:93:31:
                    8b:7c:d1:94:f5:c6:ba:bd:5f:93:b0:2a:2c:19:c3:
                    7d:a1:26:77:8b:87:c3:d9:c5:ab:c6:53:38:0f:63:
                    9f:7b:61:58:79:55:20:c7:e0:8e:24:f3:57:a7:df:
                    04:8d:6b:81:4a:22:75:2a:94:04:1b:8c:fe:99:45:
                    89:84:db:45:3a:4a:99:12:bf:11:46:32:2a:75:7b:
                    de:82:e8:83:da:e9:95:75:4a:f1:2b:30:59:fb:8d:
                    29:3f:15:f0:ea:15:b8:26:be:25:fe:f3:e9:52:d3:
                    60:88:97:56:31:c2:9b:8a:bb:7a:dc:e9:d2:39:62:
                    2c:e8:e9:63:2e:14:00:69:a8:ad:ec:4c:b8:bf:2a:
                    d2:08:51:36:a1:a7:0b:b4:a2:79:63:5e:ad:1b:f3:
                    90:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D4:4A:94:AB:D7:75:EF:42:D4:44:15:0E:A0:66:FF:D3:C3:69:49
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:af:23:e9:9f:7e:5a:1f:40:8f:95:79:31:b1:f7:ea:87:da:
         c9:0c:91:35:d7:ff:03:b3:d9:eb:3e:9a:c8:2a:e2:4b:d7:cf:
         b7:68:74:23:f3:30:59:38:26:5c:3b:05:91:77:7e:5f:d4:d4:
         da:89:71:ee:ef:05:44:bd:a0:bb:7e:f8:15:d9:a4:cc:46:09:
         c4:ea:91:e5:54:4c:5b:2b:92:90:0d:15:73:24:17:3e:df:94:
         58:95:11:4b:e5:96:95:ce:74:69:96:98:3c:31:7d:1f:99:03:
         72:18:a5:37:ee:56:26:51:6c:c8:2f:04:05:b1:e6:2f:0b:44:
         db:15:86:24:17:a1:30:e0:0c:0b:b0:0b:0d:ee:5e:15:57:aa:
         83:bd:c0:b7:75:12:72:1d:01:57:fd:71:f8:df:ae:e7:1c:88:
         0a:1f:44:ed:2d:21:a5:14:0f:a0:3f:cd:8a:3b:a2:b1:9b:97:
         82:e9:35:64:8c:ef:5f:47:82:77:2c:0d:37:ea:ef:eb:f1:1b:
         27:39:80:06:42:6a:e1:8a:c3:41:bf:db:4f:95:c0:a1:13:35:
         06:7a:f9:fc:94:fb:39:80:e2:38:86:da:4f:f6:da:9f:76:ba:
         a7:60:55:36:cc:65:bf:db:61:e5:d9:51:69:d2:bf:07:46:42:
         31:7a:85:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoK03HVFtxfy9SLLOZVygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUwOTA3MTAwMjM2WhcNMjUwOTA4MTAwMjM2WjAzMTEwLwYDVQQD
Eyg4OWQ0NGE5NGFiZDc3NWVmNDJkNDQ0MTUwZWEwNjZmZmQzYzM2OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5ABRXLXKou1P1xnCTWG2BgyXxyc
jQprKNjH6uMxKoPeYjTVb18oPJx9rOSVqVrCPzPaVpi/UGGIQooFFnXMhKRQdeOO
YfHBOMlUS5C5rX6nVrZUBcBd2lT5Wihb7XAcq9wh2KP+kzGLfNGU9ca6vV+TsCos
GcN9oSZ3i4fD2cWrxlM4D2Ofe2FYeVUgx+COJPNXp98EjWuBSiJ1KpQEG4z+mUWJ
hNtFOkqZEr8RRjIqdXveguiD2umVdUrxKzBZ+40pPxXw6hW4Jr4l/vPpUtNgiJdW
McKbirt63OnSOWIs6OljLhQAaait7Ey4vyrSCFE2oacLtKJ5Y16tG/OQuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInUSpSr13XvQtREFQ6gZv/Tw2lJMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW68j6Z9+
Wh9Aj5V5MbH36ofayQyRNdf/A7PZ6z6ayCriS9fPt2h0I/MwWTgmXDsFkXd+X9TU
2olx7u8FRL2gu374FdmkzEYJxOqR5VRMWyuSkA0VcyQXPt+UWJURS+WWlc50aZaY
PDF9H5kDchilN+5WJlFsyC8EBbHmLwtE2xWGJBehMOAMC7ALDe5eFVeqg73At3US
ch0BV/1x+N+u5xyICh9E7S0hpRQPoD/NijuisZuXguk1ZIzvX0eCdywNN+rv6/Eb
JzmABkJq4YrDQb/bT5XAoRM1Bnr5/JT7OYDiOIbaT/ban3a6p2BVNsxlv9th5dlR
adK/B0ZCMXqFnw==
-----END CERTIFICATE-----