Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          H7y2IIVIeETTni/9JG1Pk3/k6/uFqbAxBkGWgEWS6UI=
Subject key identifier:   53:8F:65:29:AA:EC:7B:F8:FF:B9:FE:84:6F:71:DC:05:4C:14:50:B2
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       019923A09D416FFFA93D234D8C59F83BE5F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:32 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: Iy6zxV2EI/QPRukVruPOhhD5eEnwSRyirM6HQv3hZHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:9d:41:6f:ff:a9:3d:23:4d:8c:59:f8:3b:e5:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Sep  7 10:02:32 2025 GMT
            Not After : Sep  8 10:02:32 2025 GMT
        Subject: CN=538f6529aaec7bf8ffb9fe846f71dc054c1450b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:af:c5:11:c0:75:ad:05:f9:b0:19:26:99:9e:
                    0d:e8:14:dd:6f:15:a2:6c:54:c1:58:4e:63:dc:5b:
                    f6:43:bd:3e:9b:cc:ff:51:4f:60:83:9f:4c:17:c4:
                    bd:0c:aa:df:22:90:9c:e3:08:a9:93:d9:f7:6b:ec:
                    9a:29:74:83:64:5a:05:68:df:b6:3a:c1:45:ec:ce:
                    2f:68:b7:cc:a0:e8:2c:c0:bc:5b:9a:ed:de:2b:15:
                    6c:1d:38:b2:47:db:56:2a:45:7f:b5:df:f1:34:6b:
                    10:42:61:db:2b:76:92:60:e2:75:5d:da:fb:81:65:
                    55:ac:25:94:65:4a:03:61:b6:6c:c0:fe:82:e9:38:
                    56:8a:55:58:b2:81:29:47:12:f3:ed:f2:c1:f3:25:
                    c8:72:02:9f:d4:51:32:7a:60:c4:8b:2c:37:a2:e0:
                    bc:e2:e3:d3:b7:8a:90:5a:bf:99:b4:0c:2b:13:c8:
                    72:ac:04:78:fd:8d:9e:a6:52:a0:15:b7:91:99:21:
                    01:a1:a4:5c:80:19:56:b1:84:0d:ad:1a:c7:a3:90:
                    c7:9e:43:51:80:c9:61:b2:1b:08:35:79:c6:7f:dc:
                    75:07:3c:68:10:39:54:7d:98:c1:e5:c8:35:d9:3c:
                    fd:f7:ba:2f:8a:58:e8:e6:81:90:a9:7a:06:b1:f2:
                    6e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:8F:65:29:AA:EC:7B:F8:FF:B9:FE:84:6F:71:DC:05:4C:14:50:B2
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:91:6b:7c:be:b2:a4:99:8e:e8:3b:d9:04:a7:4c:77:96:09:
         47:df:5b:34:72:33:59:66:6b:e1:8d:6e:62:61:9e:8b:5f:e2:
         0b:88:a2:9b:05:2a:a7:4d:22:2e:16:ca:98:8a:a3:d8:d1:51:
         95:14:ed:d8:ca:d6:cf:ac:0e:56:a6:23:13:b4:90:df:f9:06:
         c3:2f:76:c7:6a:47:76:c1:93:26:e5:a2:b2:50:8a:54:21:d3:
         ac:e3:f9:80:07:d9:ea:00:59:a5:e6:58:d5:14:f3:ee:7c:6f:
         b9:e7:d3:8a:37:fa:ec:ce:4b:5b:ae:63:84:94:6c:92:11:03:
         9f:37:e9:c4:1b:9b:d3:19:65:9e:e1:be:ec:2c:d2:2a:f2:d0:
         ec:4f:67:f5:e6:c8:0d:2b:67:d8:83:97:c4:74:d8:04:24:1b:
         49:6a:52:06:55:84:3e:68:0e:0a:56:ad:7f:e1:8d:69:2a:fc:
         f8:ff:af:27:13:da:63:54:ff:85:ca:60:88:7a:46:15:88:65:
         47:2c:38:37:91:fe:9f:92:e8:db:47:ec:02:1b:cc:58:78:fb:
         27:10:af:18:af:4b:6b:c8:96:17:36:21:5a:30:ed:28:0b:65:
         4e:d9:e6:cb:da:14:00:33:1c:09:20:64:08:3b:36:48:34:b3:
         c5:df:18:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoJ1Bb/+pPSNNjFn4O+XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwOTA3MTAwMjMyWhcNMjUwOTA4MTAwMjMyWjAzMTEwLwYDVQQD
Eyg1MzhmNjUyOWFhZWM3YmY4ZmZiOWZlODQ2ZjcxZGMwNTRjMTQ1MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq/FEcB1rQX5sBkmmZ4N6BTdbxWi
bFTBWE5j3Fv2Q70+m8z/UU9gg59MF8S9DKrfIpCc4wipk9n3a+yaKXSDZFoFaN+2
OsFF7M4vaLfMoOgswLxbmu3eKxVsHTiyR9tWKkV/td/xNGsQQmHbK3aSYOJ1Xdr7
gWVVrCWUZUoDYbZswP6C6ThWilVYsoEpRxLz7fLB8yXIcgKf1FEyemDEiyw3ouC8
4uPTt4qQWr+ZtAwrE8hyrAR4/Y2eplKgFbeRmSEBoaRcgBlWsYQNrRrHo5DHnkNR
gMlhshsINXnGf9x1BzxoEDlUfZjB5cg12Tz997oviljo5oGQqXoGsfJu5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOPZSmq7Hv4/7n+hG9x3AVMFFCyMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS5FrfL6y
pJmO6DvZBKdMd5YJR99bNHIzWWZr4Y1uYmGei1/iC4iimwUqp00iLhbKmIqj2NFR
lRTt2MrWz6wOVqYjE7SQ3/kGwy92x2pHdsGTJuWislCKVCHTrOP5gAfZ6gBZpeZY
1RTz7nxvuefTijf67M5LW65jhJRskhEDnzfpxBub0xllnuG+7CzSKvLQ7E9n9ebI
DStn2IOXxHTYBCQbSWpSBlWEPmgOClatf+GNaSr8+P+vJxPaY1T/hcpgiHpGFYhl
Ryw4N5H+n5Lo20fsAhvMWHj7JxCvGK9La8iWFzYhWjDtKAtlTtnmy9oUADMcCSBk
CDs2SDSzxd8YQg==
-----END CERTIFICATE-----