Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File:                     Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier:          YkW2moVCq6zzLGmmyVV4Gkp8fv07d4atlZwFdGnqibA=
Subject key identifier:   B2:EB:A5:D4:8F:AB:80:22:44:DD:85:92:D4:2F:75:95:00:E2:33:AC
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       019758DAC29EBF42218F7D516FA50905CB64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number:          0664
Signing time:             Tue 10 Jun 2025 08:00:20 +0000
Manifest this update:     Tue 10 Jun 2025 08:00:20 +0000
Manifest next update:     Wed 11 Jun 2025 08:00:20 +0000
Files and hashes:         1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
                          2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: IwiV+UuzYXl42h5loz5Htq68TLwJHogD9hic4GuqIWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:da:c2:9e:bf:42:21:8f:7d:51:6f:a5:09:05:cb:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Jun 10 08:00:20 2025 GMT
            Not After : Jun 11 08:00:20 2025 GMT
        Subject: CN=b2eba5d48fab802244dd8592d42f759500e233ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9f:1e:8d:a6:a3:07:57:ae:5d:32:3f:24:08:
                    f0:bc:91:cb:11:b5:30:7e:59:1d:a3:42:46:65:95:
                    e0:ef:9f:37:25:39:31:93:41:58:af:a1:2d:ea:56:
                    87:e7:78:1c:ec:13:e6:4e:af:05:a8:98:b8:65:c6:
                    93:29:7c:bf:0e:d0:3b:e6:46:f8:f4:c5:c3:8e:4f:
                    30:5c:97:7d:c7:14:55:06:9d:bf:2b:43:7a:0c:db:
                    7e:60:78:a0:96:23:09:38:40:41:f4:ca:f2:21:ad:
                    ad:85:5c:77:50:29:c7:16:01:9d:93:30:86:7f:11:
                    79:05:31:7e:69:b3:2c:d5:07:8b:da:25:a8:2e:3a:
                    66:f9:7c:bb:fe:04:f4:92:1d:43:cf:7f:31:60:62:
                    cc:c1:22:73:8a:66:7e:83:5f:a3:05:b1:ac:43:eb:
                    cb:9d:b8:70:b2:d4:88:a1:84:c3:e1:9e:95:c4:63:
                    6d:5f:41:df:d0:ce:ea:7b:cb:f4:7c:c8:ee:bd:e5:
                    c6:9c:20:76:c2:7a:6b:b8:fd:ec:b7:1a:50:20:8c:
                    57:cd:d4:79:6c:24:1d:4e:f1:1d:be:d2:14:35:c0:
                    21:3b:dc:f1:9c:13:6a:85:13:22:4a:cb:66:62:36:
                    6c:4d:96:c2:6a:a6:bf:83:37:5b:ea:7a:ae:91:8c:
                    f7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:EB:A5:D4:8F:AB:80:22:44:DD:85:92:D4:2F:75:95:00:E2:33:AC
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:0f:0f:01:1c:7f:45:ac:f7:6c:44:37:42:c1:b1:8d:f9:51:
         31:92:c5:7f:46:f8:a2:0d:f6:cd:88:37:d2:c5:e6:30:29:18:
         56:b1:50:f9:e5:07:fd:cc:34:d1:d7:94:73:7b:92:fb:7e:ec:
         a7:b4:2f:6c:da:a9:b3:04:c0:29:15:c9:28:f4:10:75:6b:2d:
         28:64:b8:f0:32:67:cc:6b:f5:f8:53:3b:cf:a6:02:a8:2e:2d:
         41:1a:4e:64:5f:50:a6:52:8a:4a:1f:f1:92:d6:f9:6a:98:89:
         0f:26:7a:73:c3:0e:92:1d:78:8f:2f:bb:50:69:fd:e9:43:86:
         76:dc:03:1c:46:bd:18:38:d2:74:09:b5:3c:27:3c:e6:1a:1a:
         d6:43:a9:2b:fc:27:32:63:74:d1:f6:a5:7e:e3:01:f3:56:d4:
         18:4b:07:49:25:04:b0:47:34:60:ef:91:a8:6e:e5:d7:cf:01:
         0a:45:e0:09:c1:87:1e:4f:4a:86:e7:3e:df:58:2c:d9:0c:27:
         c1:4a:fa:ba:f8:f5:7f:a8:df:37:a7:34:b1:bd:4c:53:4a:ec:
         a5:a7:2a:37:33:63:53:ac:df:fd:c1:51:ff:50:ba:98:70:72:
         84:70:3a:37:f4:1c:1a:16:42:0d:20:0a:23:da:50:fb:58:6f:
         64:a5:52:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdY2sKev0Ihj31Rb6UJBctkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjEwMDgwMDIwWhcNMjUwNjExMDgwMDIwWjAzMTEwLwYDVQQD
EyhiMmViYTVkNDhmYWI4MDIyNDRkZDg1OTJkNDJmNzU5NTAwZTIzM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ8ejaajB1euXTI/JAjwvJHLEbUw
flkdo0JGZZXg7583JTkxk0FYr6Et6laH53gc7BPmTq8FqJi4ZcaTKXy/DtA75kb4
9MXDjk8wXJd9xxRVBp2/K0N6DNt+YHigliMJOEBB9MryIa2thVx3UCnHFgGdkzCG
fxF5BTF+abMs1QeL2iWoLjpm+Xy7/gT0kh1Dz38xYGLMwSJzimZ+g1+jBbGsQ+vL
nbhwstSIoYTD4Z6VxGNtX0Hf0M7qe8v0fMjuveXGnCB2wnpruP3stxpQIIxXzdR5
bCQdTvEdvtIUNcAhO9zxnBNqhRMiSstmYjZsTZbCaqa/gzdb6nqukYz3wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLrpdSPq4AiRN2FktQvdZUA4jOsMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAug8PARx/
Raz3bEQ3QsGxjflRMZLFf0b4og32zYg30sXmMCkYVrFQ+eUH/cw00deUc3uS+37s
p7QvbNqpswTAKRXJKPQQdWstKGS48DJnzGv1+FM7z6YCqC4tQRpOZF9QplKKSh/x
ktb5apiJDyZ6c8MOkh14jy+7UGn96UOGdtwDHEa9GDjSdAm1PCc85hoa1kOpK/wn
MmN00falfuMB81bUGEsHSSUEsEc0YO+RqG7l188BCkXgCcGHHk9Khuc+31gs2Qwn
wUr6uvj1f6jfN6c0sb1MU0rspacqNzNjU6zf/cFR/1C6mHByhHA6N/QcGhZCDSAK
I9pQ+1hvZKVSYw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:42:58 2025 by rpki-client