Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          id44SrZtXvhJR8GL9u5UglsJZxOQz+Tprwp8ZQrLuKU=
Subject key identifier:   2F:73:D5:D1:2B:6C:BF:E1:98:A6:C1:23:A9:D3:4C:17:E6:F0:50:CA
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       01974C69565C60E77FAC36D020A5B725130C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 22:01:01 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:01 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:01 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: ev1J9AUZUMSjEXIJm9bbNVP0H/zrSXTtRkABsoZ3F/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:56:5c:60:e7:7f:ac:36:d0:20:a5:b7:25:13:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Jun  7 22:01:01 2025 GMT
            Not After : Jun  8 22:01:01 2025 GMT
        Subject: CN=2f73d5d12b6cbfe198a6c123a9d34c17e6f050ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b3:23:bf:ed:b1:21:cf:b4:cf:c8:b5:c4:d4:
                    71:80:a1:42:d7:d4:b2:6c:0e:4b:fc:ab:d2:be:95:
                    61:b1:a8:cf:51:65:28:37:6c:8c:38:69:d6:77:7e:
                    c2:d9:e5:1b:f7:f0:e5:07:e2:83:f4:ee:cd:2b:19:
                    28:19:3a:7e:f7:ad:89:65:f1:35:34:c6:3b:4b:55:
                    c2:d4:4f:51:29:f0:a3:6a:ee:f3:7e:c3:0a:8a:ef:
                    89:3c:0f:59:ab:b2:13:bc:5f:69:ef:76:5e:11:5a:
                    e7:93:d9:86:f9:36:40:2f:2c:a5:4b:84:12:bc:3a:
                    47:ed:c1:30:ef:34:75:f3:ab:4b:d9:d2:f3:c4:bf:
                    76:bb:dd:2b:5a:25:c8:b1:35:de:5b:ad:0d:5d:9f:
                    e5:88:af:64:02:a3:45:30:8e:69:a3:3b:f8:96:e8:
                    19:00:a9:9d:a4:1e:67:f4:cf:21:2d:3f:b0:4e:5c:
                    51:1d:63:d5:18:21:fb:6d:8f:60:30:ea:6d:b3:fc:
                    57:6f:f5:1b:dd:44:74:ad:31:eb:7b:aa:5f:c8:bb:
                    2a:0c:30:06:de:9b:73:7c:44:a9:f5:ab:f6:05:df:
                    48:ca:85:b7:46:5d:13:12:c2:ea:c2:e9:71:f9:47:
                    46:3f:2b:25:14:2f:cb:dd:e8:ee:df:77:7b:c8:a4:
                    e3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:73:D5:D1:2B:6C:BF:E1:98:A6:C1:23:A9:D3:4C:17:E6:F0:50:CA
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:4f:0c:b2:53:09:02:97:41:ff:8f:af:45:1e:6d:13:52:94:
         af:9a:26:03:11:34:b3:50:8e:6c:47:ec:d0:be:ed:77:c5:f6:
         33:68:c8:9b:07:67:eb:1d:2e:78:53:7b:c5:e5:ba:46:ff:68:
         20:38:71:ac:ac:c9:26:88:47:95:18:fc:95:2a:03:25:30:ca:
         65:ac:cb:06:3f:ed:c7:60:1f:eb:8f:39:09:da:df:ce:86:df:
         18:b0:c4:48:83:c9:9d:60:28:6b:87:02:a5:8e:e9:e2:36:a5:
         87:a9:65:4a:07:b8:04:9d:38:a6:4e:c7:7b:e1:ee:84:68:c1:
         6d:ec:60:57:7f:cd:df:e1:3f:44:f6:56:d4:a3:38:b4:8f:af:
         e5:7d:27:9e:ac:0f:04:9a:34:56:95:0b:28:76:e7:c6:e5:9f:
         61:07:a7:04:b3:81:36:27:7a:d7:cf:ca:df:1c:7f:fd:1e:7a:
         46:2b:cc:a1:15:08:7b:08:e3:67:73:6b:b9:e1:a7:c4:e2:2a:
         84:7b:4b:c2:96:5a:4a:cb:29:43:83:ff:79:34:f7:c0:0f:dc:
         ce:0d:93:85:7e:48:ec:f6:71:fc:4d:05:99:22:03:5f:54:7e:
         b2:89:e1:3a:38:f7:bd:c2:e9:7c:67:32:a9:f8:ed:26:2b:a2:
         dc:bb:20:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaVZcYOd/rDbQIKW3JRMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwNjA3MjIwMTAxWhcNMjUwNjA4MjIwMTAxWjAzMTEwLwYDVQQD
EygyZjczZDVkMTJiNmNiZmUxOThhNmMxMjNhOWQzNGMxN2U2ZjA1MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7Mjv+2xIc+0z8i1xNRxgKFC19Sy
bA5L/KvSvpVhsajPUWUoN2yMOGnWd37C2eUb9/DlB+KD9O7NKxkoGTp+962JZfE1
NMY7S1XC1E9RKfCjau7zfsMKiu+JPA9Zq7ITvF9p73ZeEVrnk9mG+TZALyylS4QS
vDpH7cEw7zR186tL2dLzxL92u90rWiXIsTXeW60NXZ/liK9kAqNFMI5pozv4lugZ
AKmdpB5n9M8hLT+wTlxRHWPVGCH7bY9gMOpts/xXb/Ub3UR0rTHre6pfyLsqDDAG
3ptzfESp9av2Bd9IyoW3Rl0TEsLqwulx+UdGPyslFC/L3eju33d7yKTjAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9z1dErbL/hmKbBI6nTTBfm8FDKMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATU8MslMJ
ApdB/4+vRR5tE1KUr5omAxE0s1CObEfs0L7td8X2M2jImwdn6x0ueFN7xeW6Rv9o
IDhxrKzJJohHlRj8lSoDJTDKZazLBj/tx2Af6485CdrfzobfGLDESIPJnWAoa4cC
pY7p4jalh6llSge4BJ04pk7He+HuhGjBbexgV3/N3+E/RPZW1KM4tI+v5X0nnqwP
BJo0VpULKHbnxuWfYQenBLOBNid618/K3xx//R56RivMoRUIewjjZ3NrueGnxOIq
hHtLwpZaSsspQ4P/eTT3wA/czg2ThX5I7PZx/E0FmSIDX1R+sonhOjj3vcLpfGcy
qfjtJiui3LsgRA==
-----END CERTIFICATE-----