Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File:                     Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier:          l8GDKjNwl8mJRqWLGjxJN/86UkkEN2zJlvKUUqMx664=
Subject key identifier:   4E:38:88:B7:34:6A:1A:78:F2:BF:E6:41:39:7F:8D:80:EC:BC:5A:07
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       01975EA606F584B44951AEB0AAFA622D4A3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number:          0667
Signing time:             Wed 11 Jun 2025 11:00:28 +0000
Manifest this update:     Wed 11 Jun 2025 11:00:28 +0000
Manifest next update:     Thu 12 Jun 2025 11:00:28 +0000
Files and hashes:         1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
                          2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: c2A6rUVPbPUeGRyxpte0fblVhrgtnyM1e8tiH3ymVd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:a6:06:f5:84:b4:49:51:ae:b0:aa:fa:62:2d:4a:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Jun 11 11:00:28 2025 GMT
            Not After : Jun 12 11:00:28 2025 GMT
        Subject: CN=4e3888b7346a1a78f2bfe641397f8d80ecbc5a07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e0:9e:cc:b4:57:c4:29:05:13:bc:25:3e:96:
                    ae:9d:c0:6a:f5:1f:56:be:45:e6:74:5e:f6:31:fd:
                    af:16:27:75:9a:ec:f5:ec:d5:12:ce:14:c4:33:02:
                    a0:51:5a:5e:2d:d4:a1:c3:a7:2c:22:b3:b5:d5:e7:
                    98:0b:19:de:5c:0a:4f:51:41:eb:a3:56:f1:50:1b:
                    45:ac:79:38:68:ec:fe:0f:0b:68:75:40:ad:a1:ee:
                    fc:17:6a:9b:cd:4e:95:8c:0c:6c:bc:bf:14:dc:76:
                    c6:d9:af:3e:d9:cf:35:65:8b:10:dd:f3:10:e2:eb:
                    25:4f:88:68:79:d9:f9:88:95:20:49:13:37:21:25:
                    64:0d:88:f9:60:1e:8f:94:0e:e5:89:50:3c:5a:07:
                    a2:21:13:a8:b3:c5:e8:97:0b:23:0b:bf:64:2b:0e:
                    45:ec:ad:28:93:61:6c:22:4c:1a:88:c1:29:a1:62:
                    31:9c:e0:7a:29:0d:18:48:7b:17:68:14:7e:56:f6:
                    4f:0a:e4:f5:d5:3f:62:87:17:3c:4c:d6:22:3b:52:
                    96:b1:1d:ec:02:55:71:a5:fe:f3:bd:02:7e:9e:12:
                    ff:55:e1:d2:41:f0:55:1e:8a:06:98:0a:b1:d1:8c:
                    f5:78:cf:c4:78:bc:62:e4:e6:7b:95:22:e5:ce:4b:
                    5e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:38:88:B7:34:6A:1A:78:F2:BF:E6:41:39:7F:8D:80:EC:BC:5A:07
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:c6:30:01:fb:7b:6f:21:21:15:f0:ab:8b:7f:9b:c7:54:b8:
         7b:c1:94:93:c1:ff:fe:af:c0:fa:90:5d:f9:a6:8b:ea:e1:a5:
         d0:f5:2a:05:17:30:00:fd:84:aa:ff:a1:2f:89:cc:0d:0b:d4:
         2d:7a:fa:4c:80:58:d4:63:5f:dc:66:60:e9:26:96:83:af:e1:
         ee:b9:ea:91:c2:03:73:3d:08:be:60:4b:e8:42:7b:fb:ed:4a:
         76:41:69:af:b6:22:0b:7f:98:7b:90:aa:75:10:1e:be:07:7b:
         b8:4a:e0:62:aa:ad:78:e4:7f:df:56:f7:23:b7:7b:6f:06:f6:
         fb:db:6a:50:bd:bf:8c:00:21:27:25:b5:f2:62:9f:fa:8e:38:
         34:71:91:2e:8f:97:33:b2:48:90:d6:5c:09:77:d3:73:28:3e:
         78:26:44:24:c2:7b:7f:94:29:d8:f1:d1:a1:b7:79:d0:48:e0:
         0c:c1:66:2c:d9:66:70:db:96:3a:56:d7:fc:06:dd:6b:e8:31:
         36:29:d2:2f:1c:c6:e3:f9:a9:34:f9:dc:68:d0:99:c7:40:ca:
         37:7d:9a:48:b5:24:57:03:f1:ea:2f:64:ed:ae:0a:32:2f:de:
         44:d9:ee:f6:77:aa:e8:1b:32:8e:e4:27:03:2e:a5:8e:4b:6f:
         07:6a:53:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdepgb1hLRJUa6wqvpiLUo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjExMTEwMDI4WhcNMjUwNjEyMTEwMDI4WjAzMTEwLwYDVQQD
Eyg0ZTM4ODhiNzM0NmExYTc4ZjJiZmU2NDEzOTdmOGQ4MGVjYmM1YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OCezLRXxCkFE7wlPpauncBq9R9W
vkXmdF72Mf2vFid1muz17NUSzhTEMwKgUVpeLdShw6csIrO11eeYCxneXApPUUHr
o1bxUBtFrHk4aOz+DwtodUCtoe78F2qbzU6VjAxsvL8U3HbG2a8+2c81ZYsQ3fMQ
4uslT4hoedn5iJUgSRM3ISVkDYj5YB6PlA7liVA8WgeiIROos8XolwsjC79kKw5F
7K0ok2FsIkwaiMEpoWIxnOB6KQ0YSHsXaBR+VvZPCuT11T9ihxc8TNYiO1KWsR3s
AlVxpf7zvQJ+nhL/VeHSQfBVHooGmAqx0Yz1eM/EeLxi5OZ7lSLlzktecQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE44iLc0ahp48r/mQTl/jYDsvFoHMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfsYwAft7
byEhFfCri3+bx1S4e8GUk8H//q/A+pBd+aaL6uGl0PUqBRcwAP2Eqv+hL4nMDQvU
LXr6TIBY1GNf3GZg6SaWg6/h7rnqkcIDcz0IvmBL6EJ7++1KdkFpr7YiC3+Ye5Cq
dRAevgd7uErgYqqteOR/31b3I7d7bwb2+9tqUL2/jAAhJyW18mKf+o44NHGRLo+X
M7JIkNZcCXfTcyg+eCZEJMJ7f5Qp2PHRobd50EjgDMFmLNlmcNuWOlbX/Abda+gx
NinSLxzG4/mpNPncaNCZx0DKN32aSLUkVwPx6i9k7a4KMi/eRNnu9neq6BsyjuQn
Ay6ljktvB2pTbA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:06:19 2025 by rpki-client