Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          aOWgF7Vak430WW78xW/5JQcjUXKl/Xbg2p/8Ybwym1w=
Subject key identifier:   6F:86:10:F5:1B:7D:7F:44:16:B1:EF:90:C6:C7:DD:96:F1:9A:9D:55
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       0197B6A204A2CD7F1534575056A7E3AC75E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:02:40 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:40 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:40 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: q+o9gLV3OspjUWAsar0oV7LZhhoA7WA/q71tpThXkJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:04:a2:cd:7f:15:34:57:50:56:a7:e3:ac:75:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Jun 28 13:02:40 2025 GMT
            Not After : Jun 29 13:02:40 2025 GMT
        Subject: CN=6f8610f51b7d7f4416b1ef90c6c7dd96f19a9d55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:de:c9:72:c6:15:e8:68:5d:e3:25:df:5c:41:
                    09:88:ed:29:7e:44:50:15:57:61:a1:28:dd:b3:b9:
                    3a:5f:d3:31:d3:57:30:1b:fa:53:f1:a7:c5:f8:c3:
                    a5:50:8d:d5:55:5b:82:6e:1c:30:50:ca:ff:3a:1f:
                    ad:fa:f6:77:bf:f1:8e:a5:0a:e2:33:c3:a5:2b:ae:
                    1e:89:a0:fc:06:eb:45:f6:50:4a:c7:f5:36:b7:58:
                    e4:2a:c7:17:ea:a7:8f:2f:aa:26:ba:f8:e2:2d:b2:
                    95:fa:29:30:bd:81:b8:29:3a:59:0b:5e:87:77:1c:
                    99:f3:ef:16:85:94:34:60:f3:a6:61:f6:67:56:40:
                    e8:f8:c7:ee:d3:9f:c6:25:2a:31:a9:a9:5c:6b:02:
                    b7:c8:c4:53:77:09:ad:9d:35:bd:36:ca:b9:19:b2:
                    3d:72:a5:5c:0e:bf:32:fe:d4:56:56:66:39:fc:10:
                    82:80:31:dd:37:b6:86:e2:34:b2:d4:b1:10:f1:c7:
                    87:3c:30:ea:6f:0d:74:6a:ee:4d:17:c3:f5:f2:93:
                    53:54:c3:6f:b2:57:dd:1c:af:f8:b0:b2:af:73:59:
                    a1:28:06:87:fa:db:bf:62:c3:39:ae:9c:16:58:99:
                    a3:bc:a2:cb:85:87:a9:0f:cf:62:2e:4f:ed:a3:a0:
                    77:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:86:10:F5:1B:7D:7F:44:16:B1:EF:90:C6:C7:DD:96:F1:9A:9D:55
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:5c:eb:93:23:b3:9d:db:44:bb:f7:14:e4:44:69:2d:db:93:
         ca:4f:f7:39:f4:f6:ba:a4:9a:c5:33:e3:f3:ef:e7:c2:ce:c1:
         e2:03:cf:dc:85:c9:a2:b9:32:8e:58:fa:72:c0:e9:94:c9:60:
         3a:0e:06:00:87:d8:e9:2b:d3:2d:9f:58:7e:df:8c:b9:39:31:
         93:e0:ab:46:6e:b1:f7:f6:85:cd:2a:5b:2c:8e:4c:87:07:f9:
         ee:0b:7d:01:72:ff:5b:1c:3e:96:fc:3b:79:1a:09:c8:56:69:
         95:f3:4f:36:0b:09:77:a6:30:30:46:69:5c:16:b5:4e:c1:12:
         cb:4e:63:86:a3:17:a8:28:9b:77:f8:f0:ab:60:57:91:f2:a3:
         24:9d:42:f7:e8:f3:8d:83:11:d6:72:b4:37:18:20:2a:e8:4a:
         bc:10:12:30:30:ec:52:85:01:9c:a6:f1:f2:d6:3b:de:3a:b4:
         81:8e:9a:6a:e4:57:af:6b:d2:86:53:87:2f:c9:41:04:60:4c:
         f8:a5:04:f8:80:04:c6:23:f8:bc:b9:2a:e1:bf:51:9c:d8:61:
         75:4d:b7:dd:a1:e7:4f:15:06:c9:23:95:6b:9b:e4:13:67:bc:
         42:ae:ea:c4:18:81:42:67:eb:f2:e5:36:cc:9a:f5:ab:79:af:
         9e:48:12:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ogSizX8VNFdQVqfjrHXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUwNjI4MTMwMjQwWhcNMjUwNjI5MTMwMjQwWjAzMTEwLwYDVQQD
Eyg2Zjg2MTBmNTFiN2Q3ZjQ0MTZiMWVmOTBjNmM3ZGQ5NmYxOWE5ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo97JcsYV6Ghd4yXfXEEJiO0pfkRQ
FVdhoSjds7k6X9Mx01cwG/pT8afF+MOlUI3VVVuCbhwwUMr/Oh+t+vZ3v/GOpQri
M8OlK64eiaD8ButF9lBKx/U2t1jkKscX6qePL6omuvjiLbKV+ikwvYG4KTpZC16H
dxyZ8+8WhZQ0YPOmYfZnVkDo+Mfu05/GJSoxqalcawK3yMRTdwmtnTW9Nsq5GbI9
cqVcDr8y/tRWVmY5/BCCgDHdN7aG4jSy1LEQ8ceHPDDqbw10au5NF8P18pNTVMNv
slfdHK/4sLKvc1mhKAaH+tu/YsM5rpwWWJmjvKLLhYepD89iLk/to6B3DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+GEPUbfX9EFrHvkMbH3Zbxmp1VMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFzrkyOz
ndtEu/cU5ERpLduTyk/3OfT2uqSaxTPj8+/nws7B4gPP3IXJorkyjlj6csDplMlg
Og4GAIfY6SvTLZ9Yft+MuTkxk+CrRm6x9/aFzSpbLI5Mhwf57gt9AXL/Wxw+lvw7
eRoJyFZplfNPNgsJd6YwMEZpXBa1TsESy05jhqMXqCibd/jwq2BXkfKjJJ1C9+jz
jYMR1nK0NxggKuhKvBASMDDsUoUBnKbx8tY73jq0gY6aauRXr2vShlOHL8lBBGBM
+KUE+IAExiP4vLkq4b9RnNhhdU233aHnTxUGySOVa5vkE2e8Qq7qxBiBQmfr8uU2
zJr1q3mvnkgSCA==
-----END CERTIFICATE-----