Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          vGGQmtbJRmNMUcUYAEkiW5vnyUEktELHdoPPORGadE8=
Subject key identifier:   D8:5F:54:D3:2F:71:9A:E8:4A:DD:0A:6B:D9:29:3A:41:49:39:F4:9D
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       0198D660CCFE88DC21031F1EB35BB0F34728
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:02:04 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:04 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:04 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: 8AQijHwQpMddy57ymwJ1TyTLxYDS4X/1kuaYFuCEsKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:cc:fe:88:dc:21:03:1f:1e:b3:5b:b0:f3:47:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Aug 23 10:02:04 2025 GMT
            Not After : Aug 24 10:02:04 2025 GMT
        Subject: CN=d85f54d32f719ae84add0a6bd9293a414939f49d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:83:d4:fa:1a:e9:b3:c9:6c:5d:78:40:2f:25:
                    11:9c:99:c1:60:ff:e9:1e:82:c8:c0:28:f4:00:5a:
                    4e:df:1d:f2:09:6c:6a:47:1a:11:4e:87:d7:00:bc:
                    00:05:ab:bb:fe:f7:db:94:27:01:9a:97:70:77:9f:
                    08:b9:15:fa:fe:9a:0c:19:16:ed:b3:5a:6d:43:e2:
                    92:5b:5e:9b:40:1e:5f:40:92:30:fa:a5:12:26:f3:
                    d4:aa:cf:42:6b:50:ad:97:77:1f:ff:b0:bd:91:5a:
                    81:76:89:6e:97:bd:42:a7:9a:41:f0:ad:05:8a:ff:
                    20:df:b9:1e:16:89:89:57:c8:6e:6e:dd:3b:67:fa:
                    47:34:38:1a:9b:72:cd:77:86:9b:80:e4:8b:eb:e7:
                    5a:2e:99:56:ec:08:d8:55:53:eb:51:fc:cb:94:1c:
                    e1:09:03:de:9c:b7:df:b2:1d:1d:5b:7b:45:5a:c0:
                    48:59:bb:3b:fd:a6:a0:8e:e5:24:df:41:82:7c:cc:
                    ec:46:e2:60:7d:d7:98:74:d3:f9:67:be:80:ab:1f:
                    2f:f1:d7:89:32:b9:f3:55:75:8a:94:66:1b:eb:ae:
                    57:85:31:65:21:ad:43:b3:86:29:68:91:29:4e:00:
                    a6:c9:b5:2e:f5:3c:15:6a:a9:0d:f0:f2:94:b5:5c:
                    02:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:5F:54:D3:2F:71:9A:E8:4A:DD:0A:6B:D9:29:3A:41:49:39:F4:9D
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:2c:de:15:26:2c:e2:73:77:26:12:47:c3:a2:78:68:4f:fc:
         df:d1:c5:73:7d:1a:b3:ab:2e:f2:34:62:d1:6a:e8:51:98:11:
         f9:84:7d:ed:5a:73:17:fd:36:94:69:77:45:f0:64:b6:b2:5c:
         db:c1:92:75:c4:49:aa:ff:93:71:33:5d:c1:72:e0:19:8a:28:
         5b:58:60:5c:bf:0b:20:ee:ad:44:81:7e:b9:39:bb:7d:c3:6f:
         ec:20:fe:c2:2e:24:a2:e3:67:ab:4d:5d:1d:09:87:9a:b7:c9:
         86:e0:ea:90:e3:78:72:31:04:91:d3:66:6b:24:20:62:95:3c:
         83:d1:d6:6d:3c:07:eb:f2:d5:ef:d2:f2:35:16:14:65:98:8a:
         ca:e9:c3:51:f3:ac:a3:ab:5b:56:c6:30:ce:2f:7d:be:5e:26:
         03:2b:b0:8d:79:64:a6:09:82:87:67:9d:3e:cd:d7:cf:5d:ce:
         ec:8e:75:31:78:1b:ed:79:ac:c5:a7:30:a7:94:ee:fc:99:b2:
         c5:84:62:72:49:09:f6:dc:8f:d9:5f:fa:4c:cb:26:bd:77:f4:
         dc:1e:cd:7a:44:b3:ea:04:9d:6a:bf:a3:54:33:da:ac:cc:dc:
         c1:84:5d:61:d0:a1:4c:85:84:97:37:5a:9c:f4:6d:8f:f9:bc:
         a8:9f:31:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMz+iNwhAx8es1uw80coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwODIzMTAwMjA0WhcNMjUwODI0MTAwMjA0WjAzMTEwLwYDVQQD
EyhkODVmNTRkMzJmNzE5YWU4NGFkZDBhNmJkOTI5M2E0MTQ5MzlmNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYPU+hrps8lsXXhALyURnJnBYP/p
HoLIwCj0AFpO3x3yCWxqRxoRTofXALwABau7/vfblCcBmpdwd58IuRX6/poMGRbt
s1ptQ+KSW16bQB5fQJIw+qUSJvPUqs9Ca1Ctl3cf/7C9kVqBdolul71Cp5pB8K0F
iv8g37keFomJV8hubt07Z/pHNDgam3LNd4abgOSL6+daLplW7AjYVVPrUfzLlBzh
CQPenLffsh0dW3tFWsBIWbs7/aagjuUk30GCfMzsRuJgfdeYdNP5Z76Aqx8v8deJ
MrnzVXWKlGYb665XhTFlIa1Ds4YpaJEpTgCmybUu9TwVaqkN8PKUtVwC8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhfVNMvcZroSt0Ka9kpOkFJOfSdMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXizeFSYs
4nN3JhJHw6J4aE/839HFc30as6su8jRi0WroUZgR+YR97VpzF/02lGl3RfBktrJc
28GSdcRJqv+TcTNdwXLgGYooW1hgXL8LIO6tRIF+uTm7fcNv7CD+wi4kouNnq01d
HQmHmrfJhuDqkON4cjEEkdNmayQgYpU8g9HWbTwH6/LV79LyNRYUZZiKyunDUfOs
o6tbVsYwzi99vl4mAyuwjXlkpgmCh2edPs3Xz13O7I51MXgb7Xmsxacwp5Tu/Jmy
xYRickkJ9tyP2V/6TMsmvXf03B7NekSz6gSdar+jVDParMzcwYRdYdChTIWElzda
nPRtj/m8qJ8xAg==
-----END CERTIFICATE-----