Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          Hv5epm23GcH6wkBqN5bwnpSjS8lpNR+nB7qS4of33eU=
Subject key identifier:   FF:B6:DB:F4:8E:91:AA:D5:DE:E0:6C:45:B5:7F:AE:44:FD:6D:C8:0D
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       0199FBEB96FFAC4C5684F1019AE5FF22C21A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:24 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:24 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:24 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: +kONYbR+uQhF7aAlnqUYy1xi7ArXivHIGgmWnoAHhUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:96:ff:ac:4c:56:84:f1:01:9a:e5:ff:22:c2:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Oct 19 10:02:24 2025 GMT
            Not After : Oct 20 10:02:24 2025 GMT
        Subject: CN=ffb6dbf48e91aad5dee06c45b57fae44fd6dc80d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:04:e8:60:85:01:a5:c5:ae:ab:dd:71:b3:04:
                    a5:7b:27:78:0c:d4:51:f0:8a:0a:09:55:a2:1c:da:
                    84:b9:1b:1e:e0:42:75:59:91:51:ba:07:19:41:ba:
                    2e:a7:27:2e:6d:80:16:e9:ec:7f:ad:c4:eb:9f:5d:
                    32:4f:0f:4b:c4:4f:b6:19:56:41:db:01:37:0e:40:
                    26:69:b1:d4:b8:00:34:8d:2a:51:d4:e9:a7:3a:b5:
                    a9:72:78:0a:f1:0c:ce:a4:dc:fe:07:1b:03:2b:2a:
                    bb:47:5d:c2:81:d5:30:a3:67:0d:58:66:3d:97:48:
                    bd:d9:7a:33:e4:09:7e:07:3b:92:6c:6c:71:f6:37:
                    ae:f7:fd:11:ce:54:ae:97:53:aa:d1:23:3e:e5:78:
                    a9:4e:51:8b:75:93:e6:35:32:36:a9:92:0f:3a:73:
                    63:4b:4c:33:9b:66:6f:21:ad:fc:5d:d8:16:9f:5e:
                    70:5f:c0:e3:13:1c:03:8e:41:68:22:2d:77:e4:b7:
                    81:37:af:d8:38:d3:13:7d:a1:a5:35:cd:0a:2d:c5:
                    96:a7:76:23:b3:18:9d:b1:73:e4:ba:4f:1f:0d:11:
                    70:61:5a:99:23:dc:a3:28:80:f4:29:23:b5:2a:4b:
                    37:30:fd:ca:51:aa:04:b9:24:e2:2d:3b:a0:c5:0c:
                    95:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B6:DB:F4:8E:91:AA:D5:DE:E0:6C:45:B5:7F:AE:44:FD:6D:C8:0D
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:7d:41:36:02:26:8f:4f:20:f2:f8:f0:23:8f:ed:08:87:b2:
         d5:37:ee:f9:e1:1a:cf:d1:fa:b4:58:ff:6c:43:cf:b2:92:f1:
         8e:14:e7:46:56:4e:7b:d5:97:56:52:80:d5:c6:88:f8:d5:10:
         52:bb:80:bf:95:df:5c:4c:05:44:75:13:33:12:2a:a8:c5:1f:
         ee:b6:a3:0c:2b:5b:21:6c:7d:36:cf:d9:5f:e2:59:20:68:c0:
         4d:f3:fd:19:9b:85:6f:47:66:b9:79:17:0f:57:76:37:e8:44:
         67:de:0c:ed:39:68:2e:c4:23:8d:20:31:9b:0b:18:41:eb:b4:
         f8:d0:75:7b:13:eb:05:ec:14:25:ad:53:2a:48:be:62:1f:8d:
         ca:ef:0f:a8:75:b9:b5:ca:2c:c8:e7:4f:9a:63:5e:97:5a:53:
         45:52:ac:6c:71:01:ec:f8:bd:8c:74:0b:d8:00:19:1b:d3:97:
         c7:7a:24:c0:ae:5d:4c:4f:ef:92:1e:7c:53:e1:30:26:03:4f:
         ef:6f:2b:9a:a6:f9:c1:78:46:36:4d:ef:2d:c7:dd:62:a7:c5:
         28:cf:1b:97:eb:06:60:c3:2a:fb:71:46:e4:ff:23:54:96:0f:
         19:64:5c:78:ec:fe:1f:d5:0f:4e:48:8f:c8:5a:4b:7f:7a:3f:
         db:b8:fb:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765b/rExWhPEBmuX/IsIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUxMDE5MTAwMjI0WhcNMjUxMDIwMTAwMjI0WjAzMTEwLwYDVQQD
EyhmZmI2ZGJmNDhlOTFhYWQ1ZGVlMDZjNDViNTdmYWU0NGZkNmRjODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wToYIUBpcWuq91xswSleyd4DNRR
8IoKCVWiHNqEuRse4EJ1WZFRugcZQboupycubYAW6ex/rcTrn10yTw9LxE+2GVZB
2wE3DkAmabHUuAA0jSpR1OmnOrWpcngK8QzOpNz+BxsDKyq7R13CgdUwo2cNWGY9
l0i92Xoz5Al+BzuSbGxx9jeu9/0RzlSul1Oq0SM+5XipTlGLdZPmNTI2qZIPOnNj
S0wzm2ZvIa38XdgWn15wX8DjExwDjkFoIi135LeBN6/YONMTfaGlNc0KLcWWp3Yj
sxidsXPkuk8fDRFwYVqZI9yjKID0KSO1Kks3MP3KUaoEuSTiLTugxQyVSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+22/SOkarV3uBsRbV/rkT9bcgNMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgn1BNgIm
j08g8vjwI4/tCIey1Tfu+eEaz9H6tFj/bEPPspLxjhTnRlZOe9WXVlKA1caI+NUQ
UruAv5XfXEwFRHUTMxIqqMUf7rajDCtbIWx9Ns/ZX+JZIGjATfP9GZuFb0dmuXkX
D1d2N+hEZ94M7TloLsQjjSAxmwsYQeu0+NB1exPrBewUJa1TKki+Yh+Nyu8PqHW5
tcosyOdPmmNel1pTRVKsbHEB7Pi9jHQL2AAZG9OXx3okwK5dTE/vkh58U+EwJgNP
728rmqb5wXhGNk3vLcfdYqfFKM8bl+sGYMMq+3FG5P8jVJYPGWRceOz+H9UPTkiP
yFpLf3o/27j7kA==
-----END CERTIFICATE-----