Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File:                     Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier:          7QRoEvMy3wbuPRu97jXLcYDg0nGnoEL8ocWH3AgFqfw=
Subject key identifier:   8F:58:35:0B:1F:0E:F1:64:9F:96:98:57:D0:4F:F4:08:7D:1C:3A:EF
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       019760946136AA7C8F9DC88CE31146F28BC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number:          0668
Signing time:             Wed 11 Jun 2025 20:00:26 +0000
Manifest this update:     Wed 11 Jun 2025 20:00:26 +0000
Manifest next update:     Thu 12 Jun 2025 20:00:26 +0000
Files and hashes:         1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
                          2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: fxqaorQSGYKCumLLBn/R6TbrCOMajeE0ic08qo2G8N8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:94:61:36:aa:7c:8f:9d:c8:8c:e3:11:46:f2:8b:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Jun 11 20:00:26 2025 GMT
            Not After : Jun 12 20:00:26 2025 GMT
        Subject: CN=8f58350b1f0ef1649f969857d04ff4087d1c3aef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:c0:bb:e3:33:8c:63:37:35:a4:3a:b6:c5:
                    43:c3:15:90:9f:b5:47:de:2a:67:51:f7:f7:90:01:
                    9d:e5:83:69:7d:98:7b:ff:e9:ad:bf:a9:a8:27:23:
                    1e:43:a6:4a:18:41:55:67:82:bc:50:44:ca:e3:6a:
                    5c:de:ac:ad:f6:50:ff:78:ff:b6:ae:9f:a7:5d:8d:
                    1e:58:26:1c:bd:ad:95:68:c9:30:6d:db:b2:f6:30:
                    a3:f3:2c:16:61:12:22:be:0f:dc:c1:b3:c4:b7:ef:
                    dd:3f:9d:09:7a:48:17:66:7e:03:89:18:36:52:5f:
                    c7:ef:9d:ae:90:c6:c4:75:65:bf:87:0b:c5:87:c1:
                    4f:7c:47:b0:b8:1a:dd:3f:60:74:ef:13:e2:92:81:
                    aa:82:8c:3d:80:79:4c:52:2a:46:cb:9d:4f:be:57:
                    cb:ce:bf:e0:de:28:b7:97:f2:65:ce:1d:71:ef:1d:
                    15:71:3d:11:d0:6e:a3:a3:6e:d3:d6:b1:4f:d2:9b:
                    eb:29:53:47:8d:97:30:15:f0:e3:a0:44:68:03:5c:
                    78:c3:cb:7c:18:61:32:22:88:9a:97:90:94:e8:f3:
                    27:9a:c9:d5:7b:c1:39:52:2c:ce:a7:88:22:db:fc:
                    ea:7c:d3:1c:e9:94:61:bd:3b:9f:70:a1:40:56:72:
                    79:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:58:35:0B:1F:0E:F1:64:9F:96:98:57:D0:4F:F4:08:7D:1C:3A:EF
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:85:8a:7f:0e:06:3e:56:ba:b5:9e:75:7d:3e:39:b7:14:78:
         59:51:0f:6d:0a:7e:69:f1:fc:10:0d:99:26:93:1f:c4:4b:3c:
         ea:9b:31:9c:82:b4:41:07:29:55:1c:20:2e:ca:bc:9a:4f:b7:
         78:ed:5d:65:04:c5:de:5e:cf:c7:78:90:f8:4a:f7:69:07:d8:
         44:07:fc:30:25:89:37:6c:d1:44:e6:06:11:10:21:ca:6b:2a:
         4c:be:5a:f9:12:a4:cb:83:f9:14:ef:7a:6f:2f:23:66:1d:7f:
         ef:79:ed:86:b3:85:35:00:58:47:66:9d:86:0f:83:f8:42:1a:
         74:9c:02:2c:c9:fe:44:dd:c2:5b:80:88:ff:1d:68:ae:b1:2f:
         3f:3f:8c:28:0f:7c:21:08:16:23:e3:4a:c0:d7:fe:39:ea:7e:
         bb:90:f7:55:ae:ab:af:b2:64:33:07:4c:30:49:fc:1d:79:f5:
         d1:28:3d:eb:c1:b4:06:ee:42:10:4b:25:48:0f:d1:e5:6a:0d:
         78:2b:13:41:c2:9b:21:aa:3b:92:5f:24:5e:30:e5:8e:df:67:
         f7:a0:f0:ef:64:c2:2d:d6:f7:eb:55:91:59:d6:95:4c:58:62:
         f5:1d:86:29:fb:9a:45:59:a1:2a:a0:fa:f4:52:10:89:45:cd:
         7f:22:c2:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdglGE2qnyPnciM4xFG8ovFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjExMjAwMDI2WhcNMjUwNjEyMjAwMDI2WjAzMTEwLwYDVQQD
Eyg4ZjU4MzUwYjFmMGVmMTY0OWY5Njk4NTdkMDRmZjQwODdkMWMzYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6DAu+MzjGM3NaQ6tsVDwxWQn7VH
3ipnUff3kAGd5YNpfZh7/+mtv6moJyMeQ6ZKGEFVZ4K8UETK42pc3qyt9lD/eP+2
rp+nXY0eWCYcva2VaMkwbduy9jCj8ywWYRIivg/cwbPEt+/dP50JekgXZn4DiRg2
Ul/H752ukMbEdWW/hwvFh8FPfEewuBrdP2B07xPikoGqgow9gHlMUipGy51PvlfL
zr/g3ii3l/Jlzh1x7x0VcT0R0G6jo27T1rFP0pvrKVNHjZcwFfDjoERoA1x4w8t8
GGEyIoial5CU6PMnmsnVe8E5UizOp4gi2/zqfNMc6ZRhvTufcKFAVnJ5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9YNQsfDvFkn5aYV9BP9Ah9HDrvMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq4WKfw4G
Pla6tZ51fT45txR4WVEPbQp+afH8EA2ZJpMfxEs86psxnIK0QQcpVRwgLsq8mk+3
eO1dZQTF3l7Px3iQ+Er3aQfYRAf8MCWJN2zRROYGERAhymsqTL5a+RKky4P5FO96
by8jZh1/73nthrOFNQBYR2adhg+D+EIadJwCLMn+RN3CW4CI/x1orrEvPz+MKA98
IQgWI+NKwNf+Oep+u5D3Va6rr7JkMwdMMEn8HXn10Sg968G0Bu5CEEslSA/R5WoN
eCsTQcKbIao7kl8kXjDljt9n96Dw72TCLdb361WRWdaVTFhi9R2GKfuaRVmhKqD6
9FIQiUXNfyLC2A==
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:03:40 2025 by rpki-client