Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          t2Dsb0497fE4U8xJ8QTSl9gZTENQs6JhSfo3RhLxTLQ=
Subject key identifier:   7D:D2:0D:69:C5:15:04:07:BA:C7:BD:5D:59:DC:A0:80:DA:B4:E9:F8
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       0199FFC873CA0D954EA75BF85A485423B02A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          0198
Signing time:             Mon 20 Oct 2025 04:02:30 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:30 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:30 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: slKlNdcEOa+XI+uBIFN0uGFVsyDxHkeIDf8SJbKOTxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:73:ca:0d:95:4e:a7:5b:f8:5a:48:54:23:b0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Oct 20 04:02:30 2025 GMT
            Not After : Oct 21 04:02:30 2025 GMT
        Subject: CN=7dd20d69c5150407bac7bd5d59dca080dab4e9f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:03:e3:45:85:5e:fe:b5:c1:85:d1:28:74:ea:
                    38:42:bd:25:43:0d:42:5a:56:95:07:38:31:61:81:
                    74:75:c2:34:57:a8:95:db:09:85:3d:35:ea:df:bd:
                    fe:17:eb:6c:29:00:87:b8:0c:84:b5:03:80:07:34:
                    c5:e2:b8:f0:3c:3c:f8:1c:de:9c:8b:17:f8:11:34:
                    6c:4b:73:5f:f9:1e:6a:5e:5d:49:39:ef:64:56:9d:
                    6a:cf:7c:93:31:c0:2c:06:4d:a4:3c:46:b7:17:e5:
                    13:80:7b:30:75:ea:d1:8d:e0:0c:19:cf:e3:0c:c9:
                    53:f6:b7:f4:3d:a7:99:b1:a6:bb:38:15:92:8f:a9:
                    11:e8:68:2a:44:b2:c1:da:7a:bf:63:0e:e3:75:d0:
                    e7:61:de:29:99:a4:e0:47:9c:b6:4c:08:e8:5c:f4:
                    5f:3b:e1:cd:e7:0a:e6:2d:b8:ec:51:6f:7f:89:60:
                    5b:63:25:5d:1b:79:76:00:9c:15:66:b0:7b:01:d8:
                    cc:8b:52:d4:4f:41:a3:e5:16:c7:4a:9f:e5:07:0a:
                    9b:45:be:3f:71:b3:02:d5:f0:ee:ca:ea:dd:2f:3c:
                    63:40:9b:04:17:7e:6d:60:28:62:2e:4a:b1:c1:04:
                    3c:cf:01:ab:05:4d:f6:a0:74:45:63:c2:7e:36:59:
                    f0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D2:0D:69:C5:15:04:07:BA:C7:BD:5D:59:DC:A0:80:DA:B4:E9:F8
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:fb:05:ce:53:d0:44:6c:10:2c:e9:b3:09:e0:0d:33:39:62:
         63:7f:23:bf:73:22:2c:de:21:3f:3e:9f:4d:0d:af:ba:56:70:
         36:13:60:d5:f4:61:0e:32:77:09:6d:97:d6:51:94:b4:1f:f3:
         12:53:09:2c:e7:eb:fb:2b:d9:3d:d5:93:bc:b1:57:d1:fb:2a:
         26:1d:a0:53:a8:db:81:7f:49:c3:ff:1a:d1:9c:84:6d:9f:a3:
         84:03:c0:96:a7:6f:22:6c:d1:d5:0f:1d:e0:6c:fe:b7:c4:c2:
         0b:01:bd:c5:b6:59:8a:93:c9:14:77:5e:61:e0:21:ce:ad:92:
         14:6a:91:74:5e:41:74:58:e8:62:5a:0c:d4:d2:7f:1e:18:71:
         d1:8e:2b:92:92:ef:e3:b9:b7:56:02:4f:a7:3e:71:30:c8:a1:
         ff:84:f4:13:aa:e2:5b:b7:17:8d:2a:fe:bd:2d:29:2c:0a:f5:
         92:4b:75:a3:fc:9b:58:81:9f:53:86:84:aa:46:a9:65:52:3c:
         ef:07:14:d7:eb:f6:c5:50:2a:97:fd:8c:5e:a3:11:e0:58:64:
         b9:f0:93:d3:99:65:28:bc:37:4b:9d:51:c3:5b:66:8e:b7:d7:
         b4:be:ce:4d:b7:f8:cc:31:96:be:cb:e2:7a:6d:4d:4e:75:cb:
         73:ce:14:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yHPKDZVOp1v4WkhUI7AqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUxMDIwMDQwMjMwWhcNMjUxMDIxMDQwMjMwWjAzMTEwLwYDVQQD
Eyg3ZGQyMGQ2OWM1MTUwNDA3YmFjN2JkNWQ1OWRjYTA4MGRhYjRlOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgPjRYVe/rXBhdEodOo4Qr0lQw1C
WlaVBzgxYYF0dcI0V6iV2wmFPTXq373+F+tsKQCHuAyEtQOABzTF4rjwPDz4HN6c
ixf4ETRsS3Nf+R5qXl1JOe9kVp1qz3yTMcAsBk2kPEa3F+UTgHswderRjeAMGc/j
DMlT9rf0PaeZsaa7OBWSj6kR6GgqRLLB2nq/Yw7jddDnYd4pmaTgR5y2TAjoXPRf
O+HN5wrmLbjsUW9/iWBbYyVdG3l2AJwVZrB7AdjMi1LUT0Gj5RbHSp/lBwqbRb4/
cbMC1fDuyurdLzxjQJsEF35tYChiLkqxwQQ8zwGrBU32oHRFY8J+NlnwHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3SDWnFFQQHuse9XVncoIDatOn4MB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuPsFzlPQ
RGwQLOmzCeANMzliY38jv3MiLN4hPz6fTQ2vulZwNhNg1fRhDjJ3CW2X1lGUtB/z
ElMJLOfr+yvZPdWTvLFX0fsqJh2gU6jbgX9Jw/8a0ZyEbZ+jhAPAlqdvImzR1Q8d
4Gz+t8TCCwG9xbZZipPJFHdeYeAhzq2SFGqRdF5BdFjoYloM1NJ/Hhhx0Y4rkpLv
47m3VgJPpz5xMMih/4T0E6riW7cXjSr+vS0pLAr1kkt1o/ybWIGfU4aEqkapZVI8
7wcU1+v2xVAql/2MXqMR4FhkufCT05llKLw3S51Rw1tmjrfXtL7OTbf4zDGWvsvi
em1NTnXLc84UOg==
-----END CERTIFICATE-----