Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          fVBBRR6t+HmncNn0v7ecZQHw99cyGQzrfw+YBn3sSJw=
Subject key identifier:   EE:B8:21:7A:F0:3F:C0:A6:DC:49:29:CC:7C:42:30:88:EA:76:F6:1E
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       0197B6A1B707128C040C011FF688CC1B525C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:02:20 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:20 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:20 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: TMx50TXJQGKFV9cnBU/cR+8WuSkSojttJJrG1Bqa9Ac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:b7:07:12:8c:04:0c:01:1f:f6:88:cc:1b:52:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Jun 28 13:02:20 2025 GMT
            Not After : Jun 29 13:02:20 2025 GMT
        Subject: CN=eeb8217af03fc0a6dc4929cc7c423088ea76f61e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c3:5b:a0:88:6f:63:61:c1:93:2d:6c:22:23:
                    08:0d:f2:be:d8:5c:bd:a7:bd:71:ff:9e:a5:ed:48:
                    8c:b2:37:7c:7d:a4:a7:fe:3e:27:a8:89:ef:25:61:
                    9f:32:40:61:7a:71:65:c8:49:46:ed:73:60:6f:9c:
                    2e:b1:c2:bc:39:73:55:ce:e5:93:ec:a3:03:fe:57:
                    d8:ed:74:57:eb:e3:f3:fd:01:a0:f9:e1:a9:d9:5c:
                    81:0a:49:c2:60:a9:8d:dd:c4:65:46:26:8f:63:ee:
                    9e:59:30:2b:21:fe:ce:e7:13:ee:84:8c:f6:0c:73:
                    93:d2:f4:d9:35:e5:08:42:58:f0:07:a6:fe:f8:5f:
                    fb:30:91:dd:df:70:69:6d:a7:97:37:a2:d5:9c:51:
                    95:73:26:28:e6:79:5e:92:c7:a4:37:19:be:fd:ed:
                    24:52:fa:0e:61:9d:80:f2:de:56:4a:1b:38:cd:10:
                    69:bb:25:a1:d2:63:87:0c:36:1b:4b:31:67:76:e7:
                    cf:26:8a:7e:cb:c5:c4:3a:a7:c8:c4:c6:9a:34:a2:
                    c4:42:08:17:11:85:b3:1c:f2:3e:3f:b0:96:34:22:
                    fe:d6:79:e9:ba:2d:cf:92:f8:ec:d3:f0:7a:9d:5f:
                    45:1d:13:6e:53:a6:54:34:17:ea:47:c3:69:d5:04:
                    f1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B8:21:7A:F0:3F:C0:A6:DC:49:29:CC:7C:42:30:88:EA:76:F6:1E
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:07:37:02:b6:aa:41:bb:85:20:27:f0:70:f1:ec:e1:d0:ed:
         d4:a0:22:34:ef:f1:97:a5:ee:68:9d:38:92:40:ca:d6:50:cd:
         41:95:8b:33:3c:3e:9e:38:e0:73:9b:37:b0:3b:a1:d1:d6:2a:
         6a:c2:32:51:4f:21:9c:89:ce:a5:b9:c9:2f:c9:1b:0d:91:bd:
         31:d7:8c:e0:29:88:23:8a:6c:f8:85:e1:67:14:b1:72:8e:1b:
         83:6f:bb:0f:2e:45:bd:b2:06:2e:fd:5e:b2:9f:96:b7:77:bd:
         f3:e9:bb:40:88:3a:4b:47:11:2e:0c:ab:d5:bd:1e:24:5c:f5:
         03:d7:7a:73:a6:51:04:7d:aa:05:44:7e:ad:22:e9:83:e5:ee:
         31:8a:f0:78:8a:60:4f:da:e6:e0:8b:65:64:4d:03:76:47:b1:
         cf:16:9e:7e:bc:fa:6a:eb:50:b3:86:f3:8c:c9:60:d1:3a:f2:
         28:fd:2c:49:9e:c8:80:3e:0a:90:5a:83:c8:64:29:e6:3c:ed:
         30:55:b9:96:06:9a:23:34:bd:c6:19:0f:eb:66:51:72:8e:82:
         5f:5d:c1:c2:6c:21:34:10:f8:8b:e9:13:b5:4b:c2:49:b9:bd:
         11:84:ca:ac:65:7c:ad:f6:ef:8a:bf:91:d7:a6:b8:6e:ed:2f:
         80:fe:cd:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2obcHEowEDAEf9ojMG1JcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwNjI4MTMwMjIwWhcNMjUwNjI5MTMwMjIwWjAzMTEwLwYDVQQD
EyhlZWI4MjE3YWYwM2ZjMGE2ZGM0OTI5Y2M3YzQyMzA4OGVhNzZmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cNboIhvY2HBky1sIiMIDfK+2Fy9
p71x/56l7UiMsjd8faSn/j4nqInvJWGfMkBhenFlyElG7XNgb5wuscK8OXNVzuWT
7KMD/lfY7XRX6+Pz/QGg+eGp2VyBCknCYKmN3cRlRiaPY+6eWTArIf7O5xPuhIz2
DHOT0vTZNeUIQljwB6b++F/7MJHd33BpbaeXN6LVnFGVcyYo5nleksekNxm+/e0k
UvoOYZ2A8t5WShs4zRBpuyWh0mOHDDYbSzFndufPJop+y8XEOqfIxMaaNKLEQggX
EYWzHPI+P7CWNCL+1nnpui3Pkvjs0/B6nV9FHRNuU6ZUNBfqR8Np1QTx+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO64IXrwP8Cm3EkpzHxCMIjqdvYeMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAc3Araq
QbuFICfwcPHs4dDt1KAiNO/xl6XuaJ04kkDK1lDNQZWLMzw+njjgc5s3sDuh0dYq
asIyUU8hnInOpbnJL8kbDZG9MdeM4CmII4ps+IXhZxSxco4bg2+7Dy5FvbIGLv1e
sp+Wt3e98+m7QIg6S0cRLgyr1b0eJFz1A9d6c6ZRBH2qBUR+rSLpg+XuMYrweIpg
T9rm4ItlZE0Ddkexzxaefrz6autQs4bzjMlg0TryKP0sSZ7IgD4KkFqDyGQp5jzt
MFW5lgaaIzS9xhkP62ZRco6CX13BwmwhNBD4i+kTtUvCSbm9EYTKrGV8rfbvir+R
16a4bu0vgP7NxA==
-----END CERTIFICATE-----