Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          UpKtRnTp+/VaS7JaRJBIzJcxUPILXVHZKm4UcJCCETY=
Subject key identifier:   7C:F9:4D:6E:18:ED:45:17:80:A7:F3:61:12:B4:92:D8:78:50:AD:4B
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       019A71B8A17C695722A0CA3A15EF580DCF74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:56 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:56 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:56 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: wfjS/Aq9xsAOQ9//4wWLT+vZtbEvQzVH8jpgLwxDG4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a1:7c:69:57:22:a0:ca:3a:15:ef:58:0d:cf:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Nov 11 07:01:56 2025 GMT
            Not After : Nov 12 07:01:56 2025 GMT
        Subject: CN=7cf94d6e18ed451780a7f36112b492d87850ad4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0b:33:90:c1:97:40:f0:0b:4f:6b:57:71:38:
                    cb:e6:92:ec:8a:51:56:d1:8a:b0:33:ce:0e:34:cc:
                    ce:80:56:8d:f0:bd:65:ff:96:5a:4e:24:4e:a7:f6:
                    54:f7:d9:b5:26:ed:50:41:fa:ce:c6:2d:94:0e:08:
                    6c:a6:c5:81:43:b4:db:6b:c6:71:6f:5f:e3:83:c1:
                    ec:fc:8a:b7:8e:c7:32:9a:93:19:29:8c:06:67:cd:
                    cc:4a:98:1d:3f:09:80:72:73:4e:6a:ba:82:a5:5f:
                    f7:f6:8f:74:f3:e3:86:7c:00:a4:42:70:43:e5:d8:
                    ff:40:30:db:a7:c2:93:7c:f1:91:bf:69:24:6c:21:
                    38:9c:80:e9:92:90:eb:dc:bb:b0:e7:5e:55:8c:59:
                    7a:1f:a4:b5:da:d8:f2:eb:fb:05:73:56:31:ee:e3:
                    95:b5:17:4e:95:52:0b:c9:b5:d2:6b:f4:d9:f5:27:
                    16:48:59:c1:bc:f5:fe:14:e4:39:31:33:79:4a:52:
                    58:92:dc:7d:8e:63:cc:0d:e3:f8:36:8a:66:a7:b8:
                    c9:a5:a3:21:76:f4:b3:d3:e4:09:11:a1:2b:8c:96:
                    d3:47:03:9b:42:d3:d7:eb:6f:d5:e0:73:1f:33:51:
                    61:bb:81:8b:82:0b:fe:bd:c0:74:e5:41:0f:c5:a3:
                    25:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F9:4D:6E:18:ED:45:17:80:A7:F3:61:12:B4:92:D8:78:50:AD:4B
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:78:83:66:f8:e3:23:f0:ae:c3:4c:31:c5:ec:a2:e3:b4:9a:
         ba:b8:6b:be:ae:d8:84:80:cc:4d:07:e3:6d:3b:05:22:39:c2:
         29:b3:52:7b:60:bb:a4:a5:6b:70:da:1d:5d:c9:54:43:1e:22:
         5c:6a:91:59:1b:89:6d:6d:4e:bf:fe:fe:24:19:f3:90:1d:53:
         2e:4d:fb:3c:a7:bc:04:5f:f8:69:02:66:d8:84:25:e1:92:52:
         9f:e4:03:2e:a6:7b:8b:79:41:6c:e9:86:b9:f4:5b:bc:ff:66:
         83:79:1b:2c:8d:cf:9a:b0:e9:b4:0f:64:c3:69:4c:9b:7e:50:
         e3:00:d2:95:a9:d9:0d:2e:c5:45:8c:3a:49:7e:52:d5:10:4e:
         ec:6e:e7:4d:4e:85:b6:c7:1a:9f:12:b7:8a:2e:24:44:2c:8d:
         cb:8e:27:51:e4:ad:8d:8c:21:35:62:f1:96:17:a3:c9:28:e3:
         f5:39:23:31:f2:92:0b:4b:c2:bd:d1:a3:2f:31:f2:0b:13:03:
         f2:cb:ef:d9:be:ea:af:0c:56:20:44:99:cd:52:d6:0a:09:7e:
         86:0b:6a:ee:51:9a:b5:6b:42:78:22:08:c2:d3:94:9a:59:89:
         74:6c:80:38:6a:61:9b:80:32:41:d2:ec:87:98:66:a7:1f:bd:
         ac:b6:7d:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKF8aVcioMo6Fe9YDc90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUxMTExMDcwMTU2WhcNMjUxMTEyMDcwMTU2WjAzMTEwLwYDVQQD
Eyg3Y2Y5NGQ2ZTE4ZWQ0NTE3ODBhN2YzNjExMmI0OTJkODc4NTBhZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QszkMGXQPALT2tXcTjL5pLsilFW
0YqwM84ONMzOgFaN8L1l/5ZaTiROp/ZU99m1Ju1QQfrOxi2UDghspsWBQ7Tba8Zx
b1/jg8Hs/Iq3jscympMZKYwGZ83MSpgdPwmAcnNOarqCpV/39o908+OGfACkQnBD
5dj/QDDbp8KTfPGRv2kkbCE4nIDpkpDr3Luw515VjFl6H6S12tjy6/sFc1Yx7uOV
tRdOlVILybXSa/TZ9ScWSFnBvPX+FOQ5MTN5SlJYktx9jmPMDeP4Nopmp7jJpaMh
dvSz0+QJEaErjJbTRwObQtPX62/V4HMfM1Fhu4GLggv+vcB05UEPxaMlWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHz5TW4Y7UUXgKfzYRK0kth4UK1LMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXniDZvjj
I/Cuw0wxxeyi47Saurhrvq7YhIDMTQfjbTsFIjnCKbNSe2C7pKVrcNodXclUQx4i
XGqRWRuJbW1Ov/7+JBnzkB1TLk37PKe8BF/4aQJm2IQl4ZJSn+QDLqZ7i3lBbOmG
ufRbvP9mg3kbLI3PmrDptA9kw2lMm35Q4wDSlanZDS7FRYw6SX5S1RBO7G7nTU6F
tscanxK3ii4kRCyNy44nUeStjYwhNWLxlhejySjj9TkjMfKSC0vCvdGjLzHyCxMD
8svv2b7qrwxWIESZzVLWCgl+hgtq7lGatWtCeCIIwtOUmlmJdGyAOGphm4AyQdLs
h5hmpx+9rLZ98A==
-----END CERTIFICATE-----