Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          gnSFEQ3S0fQ1A0En1+xkdC/zKda0COktvVIXiEQHd+8=
Subject key identifier:   3B:43:3B:AF:CD:5D:CE:35:D4:99:D5:2C:A1:1B:52:C6:8B:0C:90:FE
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       0198D660955CF103CCF219D20BC9733B5849
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:01:50 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:50 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:50 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: XRhTg8ne0xfYh/ab1DSgmaMx82SkHJXmeuqA2n8F1x0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:95:5c:f1:03:cc:f2:19:d2:0b:c9:73:3b:58:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Aug 23 10:01:50 2025 GMT
            Not After : Aug 24 10:01:50 2025 GMT
        Subject: CN=3b433bafcd5dce35d499d52ca11b52c68b0c90fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2c:20:21:9a:87:32:19:f8:64:47:00:71:c3:
                    83:91:af:9d:63:cb:30:2f:23:3a:d6:c0:0a:1a:81:
                    cf:7f:91:82:b9:b6:c5:41:cf:cb:cc:cc:05:e5:db:
                    28:41:3d:36:08:c6:c9:b9:07:3d:54:57:f3:87:af:
                    87:a7:ab:5c:94:54:c8:c6:be:dc:27:0e:72:88:d7:
                    5f:62:4d:a2:c2:69:06:17:08:71:e8:d7:d0:49:92:
                    75:e3:e8:3e:5f:9d:8c:17:ef:cd:9d:65:89:29:25:
                    bc:d5:d9:e8:ef:f7:6c:e1:08:1d:a5:b0:b4:94:5d:
                    cc:a2:88:be:83:84:c8:17:7f:5a:47:0b:c6:f8:38:
                    03:7f:7e:b1:fd:f9:38:48:99:0f:2c:dc:aa:06:f6:
                    85:22:02:34:9c:4a:42:29:e8:bd:ce:30:2a:69:55:
                    cb:fc:24:90:5b:7f:37:9a:cb:d5:cb:6a:48:4c:a5:
                    d8:cf:9d:c6:e2:45:7f:a4:b8:77:f7:57:7b:4d:1c:
                    ec:22:53:63:e9:e1:3f:9a:d1:bd:4b:3f:0d:85:0f:
                    0d:2e:ab:6d:96:66:0f:49:b6:be:be:b4:ec:5b:9b:
                    56:74:3b:15:f5:20:26:38:f2:79:3b:a1:b7:e1:09:
                    77:62:d3:14:75:df:ca:df:d2:5b:b1:5f:b5:65:b3:
                    82:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:43:3B:AF:CD:5D:CE:35:D4:99:D5:2C:A1:1B:52:C6:8B:0C:90:FE
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:f6:dc:9c:50:74:02:b2:a5:3e:56:9a:e0:fa:77:ab:35:4e:
         42:44:32:40:17:9c:c8:cd:14:d5:46:3c:b1:e1:d8:69:71:f8:
         33:7a:f6:63:f0:11:69:03:96:01:f4:b4:c7:78:75:e3:8e:9d:
         6d:e1:4a:aa:73:3b:1d:72:59:3f:9d:e2:e9:0b:20:72:6f:7e:
         20:76:f3:f2:81:68:97:7e:c9:43:5b:38:ff:d4:53:46:9d:14:
         02:46:d0:be:84:a0:f0:04:a1:31:ad:4a:31:86:94:ae:72:94:
         11:4f:02:4a:ed:13:7d:95:e6:b2:38:59:b9:77:92:75:5f:83:
         31:f7:e5:41:32:96:22:c1:0b:04:4e:3e:4c:fb:e2:ad:d4:d9:
         c4:06:2e:e0:8b:31:e3:ae:10:bc:c4:51:de:fc:6b:13:1f:22:
         24:60:bb:6d:78:06:03:6e:9a:b8:ae:2c:ae:a4:19:95:34:26:
         ae:a4:cc:21:67:07:61:5c:80:78:97:6a:ec:f2:0b:8b:33:52:
         82:35:7a:89:9f:53:5e:a7:64:67:e7:1f:71:25:f4:a3:92:16:
         74:78:d9:3b:a9:ba:b5:e3:34:88:77:00:69:ba:67:20:c0:9b:
         03:8a:35:bf:43:e4:fe:a8:ec:5c:23:59:30:f2:f4:d1:40:ce:
         30:d3:e7:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYJVc8QPM8hnSC8lzO1hJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjUwODIzMTAwMTUwWhcNMjUwODI0MTAwMTUwWjAzMTEwLwYDVQQD
EygzYjQzM2JhZmNkNWRjZTM1ZDQ5OWQ1MmNhMTFiNTJjNjhiMGM5MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiwgIZqHMhn4ZEcAccODka+dY8sw
LyM61sAKGoHPf5GCubbFQc/LzMwF5dsoQT02CMbJuQc9VFfzh6+Hp6tclFTIxr7c
Jw5yiNdfYk2iwmkGFwhx6NfQSZJ14+g+X52MF+/NnWWJKSW81dno7/ds4QgdpbC0
lF3Mooi+g4TIF39aRwvG+DgDf36x/fk4SJkPLNyqBvaFIgI0nEpCKei9zjAqaVXL
/CSQW383msvVy2pITKXYz53G4kV/pLh391d7TRzsIlNj6eE/mtG9Sz8NhQ8NLqtt
lmYPSba+vrTsW5tWdDsV9SAmOPJ5O6G34Ql3YtMUdd/K39JbsV+1ZbOC9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtDO6/NXc411JnVLKEbUsaLDJD+MB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/bcnFB0
ArKlPlaa4Pp3qzVOQkQyQBecyM0U1UY8seHYaXH4M3r2Y/ARaQOWAfS0x3h1446d
beFKqnM7HXJZP53i6Qsgcm9+IHbz8oFol37JQ1s4/9RTRp0UAkbQvoSg8AShMa1K
MYaUrnKUEU8CSu0TfZXmsjhZuXeSdV+DMfflQTKWIsELBE4+TPvirdTZxAYu4Isx
464QvMRR3vxrEx8iJGC7bXgGA26auK4srqQZlTQmrqTMIWcHYVyAeJdq7PILizNS
gjV6iZ9TXqdkZ+cfcSX0o5IWdHjZO6m6teM0iHcAabpnIMCbA4o1v0Pk/qjsXCNZ
MPL00UDOMNPntA==
-----END CERTIFICATE-----