Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File:                     Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier:          fyGpVVftdOIAvj0cnI5Up7rHayOpARf/ADVjbe84YME=
Subject key identifier:   17:56:72:EC:A1:D4:7C:46:D3:8D:0D:6F:F2:3A:10:86:7D:5D:17:C3
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       0197665F8888BBC54AA748B567B380A3B049
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number:          066B
Signing time:             Thu 12 Jun 2025 23:00:26 +0000
Manifest this update:     Thu 12 Jun 2025 23:00:26 +0000
Manifest next update:     Fri 13 Jun 2025 23:00:26 +0000
Files and hashes:         1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
                          2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: BFvVp4KcqUol0A2q/nhtg+/ZwmWswlhMpuEZtMPxs0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:5f:88:88:bb:c5:4a:a7:48:b5:67:b3:80:a3:b0:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Jun 12 23:00:26 2025 GMT
            Not After : Jun 13 23:00:26 2025 GMT
        Subject: CN=175672eca1d47c46d38d0d6ff23a10867d5d17c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:52:c3:05:55:72:3f:4a:c3:38:f1:e9:4a:c6:
                    e7:ce:c6:31:88:94:9b:1f:71:53:82:01:b7:bf:63:
                    74:eb:75:69:15:5a:d9:61:ed:8b:3b:63:a0:f3:6b:
                    e2:65:5c:95:76:51:c5:4d:38:1c:52:84:a8:bc:2e:
                    21:0d:8b:8c:e3:b0:aa:9d:b8:22:00:47:1c:8a:98:
                    84:81:89:ef:c9:d9:56:b3:fc:c8:78:b3:74:56:5b:
                    03:8f:1c:f3:5f:f4:a1:41:7d:d7:c9:6f:6e:b4:73:
                    aa:0e:7b:c1:57:5a:60:0f:78:8d:49:8a:6d:22:ce:
                    7d:aa:9a:df:fa:3c:9f:b0:8a:2f:4e:96:a4:3f:8f:
                    05:80:13:81:fe:e1:65:a2:e8:91:4c:de:5f:77:da:
                    bd:69:0b:3a:e7:5c:de:d9:cd:5e:63:a9:33:d2:05:
                    cd:fe:ae:09:64:7b:3b:27:31:f3:e6:2e:eb:af:8d:
                    d2:f9:47:a5:c2:32:e4:23:7a:08:bf:ce:c3:3a:f7:
                    df:f4:e0:ea:3e:89:7b:3d:b3:5b:24:f1:8c:e9:9e:
                    11:d0:c6:22:20:40:02:6b:15:3d:9d:6e:1d:68:f3:
                    2f:d0:5b:81:d4:32:f4:a9:8b:04:5b:84:41:8a:cb:
                    29:ad:08:04:b8:52:10:25:9b:47:ae:0b:d9:13:21:
                    42:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:56:72:EC:A1:D4:7C:46:D3:8D:0D:6F:F2:3A:10:86:7D:5D:17:C3
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:04:3c:1c:85:3c:1c:c7:6e:bf:57:e8:c0:82:e2:9f:d2:8b:
         9f:ef:ed:d7:dc:6d:02:d6:f5:a0:22:5f:f4:bb:bd:7c:33:3a:
         a8:c2:37:f7:2c:9c:fb:e1:b9:f2:e0:af:e8:83:4a:92:96:b3:
         92:11:63:4f:30:c2:23:12:e9:e9:67:9a:95:fd:7c:92:73:d4:
         fc:0b:3a:4d:6f:78:a4:32:a2:b2:2b:74:2b:d2:8d:b3:16:2b:
         6f:df:e3:b0:ba:ea:52:12:f7:2a:1a:96:1c:ae:3e:03:ed:7a:
         c4:b2:79:b2:c2:8d:30:11:0d:97:0f:2d:c2:73:96:bd:45:ec:
         0e:6e:3a:3e:e9:47:af:28:e5:54:d7:44:02:59:48:de:cd:c6:
         a0:70:5f:b0:52:44:01:83:0c:cc:1d:41:a9:3b:3d:e6:85:9b:
         ca:0e:ea:3c:c3:1f:e4:ce:ce:07:6d:12:85:7d:90:80:b7:cf:
         2a:af:e5:f2:a9:94:99:51:97:ae:eb:5d:6b:77:88:24:d7:18:
         04:ba:e3:c6:bf:ab:ec:a7:0c:eb:bb:aa:06:80:ea:81:69:35:
         a2:89:22:05:03:97:86:56:ea:4b:8f:53:01:66:36:88:22:6c:
         ac:b5:18:48:57:24:cd:23:6c:60:4a:e1:17:f7:98:01:08:ba:
         27:e1:b7:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmX4iIu8VKp0i1Z7OAo7BJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjEyMjMwMDI2WhcNMjUwNjEzMjMwMDI2WjAzMTEwLwYDVQQD
EygxNzU2NzJlY2ExZDQ3YzQ2ZDM4ZDBkNmZmMjNhMTA4NjdkNWQxN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFLDBVVyP0rDOPHpSsbnzsYxiJSb
H3FTggG3v2N063VpFVrZYe2LO2Og82viZVyVdlHFTTgcUoSovC4hDYuM47Cqnbgi
AEccipiEgYnvydlWs/zIeLN0VlsDjxzzX/ShQX3XyW9utHOqDnvBV1pgD3iNSYpt
Is59qprf+jyfsIovTpakP48FgBOB/uFlouiRTN5fd9q9aQs651ze2c1eY6kz0gXN
/q4JZHs7JzHz5i7rr43S+UelwjLkI3oIv87DOvff9ODqPol7PbNbJPGM6Z4R0MYi
IEACaxU9nW4daPMv0FuB1DL0qYsEW4RBissprQgEuFIQJZtHrgvZEyFC/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdWcuyh1HxG040Nb/I6EIZ9XRfDMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASwQ8HIU8
HMduv1fowILin9KLn+/t19xtAtb1oCJf9Lu9fDM6qMI39yyc++G58uCv6INKkpaz
khFjTzDCIxLp6Wealf18knPU/As6TW94pDKisit0K9KNsxYrb9/jsLrqUhL3KhqW
HK4+A+16xLJ5ssKNMBENlw8twnOWvUXsDm46PulHryjlVNdEAllI3s3GoHBfsFJE
AYMMzB1BqTs95oWbyg7qPMMf5M7OB20ShX2QgLfPKq/l8qmUmVGXrutda3eIJNcY
BLrjxr+r7KcM67uqBoDqgWk1ookiBQOXhlbqS49TAWY2iCJsrLUYSFckzSNsYErh
F/eYAQi6J+G3yA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:53:52 2025 by rpki-client