Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          EBlbmJDvds7nhmU9dFatHKP+unCGwx2jVRDd3TIl3wA=
Subject key identifier:   7D:09:4E:93:8A:F9:BE:E8:22:71:B7:51:CD:66:40:12:33:E3:F2:F3
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       019A50E2968619DB8226633845163C9147DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 22:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:18 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: rwHdYcLKC5mWKSNsySx9U8xv431cF1X3HGB2Or3lqUg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:96:86:19:db:82:26:63:38:45:16:3c:91:47:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Nov  4 22:00:18 2025 GMT
            Not After : Nov  5 22:00:18 2025 GMT
        Subject: CN=7d094e938af9bee82271b751cd66401233e3f2f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7c:b6:e7:4a:11:a5:31:70:99:8a:f0:cf:86:
                    94:d2:5b:84:02:f4:2a:7c:93:54:3a:bd:f1:5f:26:
                    a5:71:37:a6:bc:04:cc:ed:ef:89:c9:dd:c7:e5:38:
                    7f:26:91:06:50:86:26:fd:73:bd:5d:a1:b1:6e:43:
                    de:9d:2a:14:0d:98:d6:5f:42:7a:08:bb:66:a4:9e:
                    39:60:ad:f7:a9:56:cb:17:a1:da:49:f5:99:20:18:
                    de:5f:8e:48:ea:89:19:17:2d:bf:5a:5f:72:12:2f:
                    b4:20:72:8c:f1:56:df:4a:c9:8d:bd:63:f2:37:08:
                    00:ef:94:49:3b:58:fb:cf:ab:0d:9e:e0:90:46:ba:
                    a2:03:ef:f1:89:65:c6:5a:32:ef:4e:54:78:5e:70:
                    6d:04:2a:4e:c2:2e:ab:38:fc:b5:00:25:a1:3d:3e:
                    04:37:52:3d:de:ef:ea:08:65:f7:46:16:ad:ae:81:
                    56:01:90:26:3a:4e:95:50:7d:6f:5a:b5:08:8f:bd:
                    90:2f:c2:ba:d8:d2:79:98:16:41:d8:c4:6c:ce:bf:
                    f6:6c:d2:f6:45:97:31:c6:b3:e6:b8:03:b6:6d:bb:
                    f0:86:be:29:6a:69:4d:fc:c5:47:f2:18:b2:cc:7b:
                    91:dc:8b:bc:0c:ab:1f:b0:65:30:84:3d:9a:bb:35:
                    eb:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:09:4E:93:8A:F9:BE:E8:22:71:B7:51:CD:66:40:12:33:E3:F2:F3
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:89:fe:53:c1:e2:fe:0c:a7:c7:d2:7c:91:36:33:7a:3a:55:
         c0:97:cc:ba:ff:41:52:80:27:66:81:a5:89:04:6f:ab:67:82:
         2c:e5:64:55:7d:1b:46:e4:4a:06:17:16:8c:39:70:62:20:4b:
         a3:83:23:7e:4d:76:b4:5d:b5:0f:12:60:65:52:0b:e3:59:48:
         69:00:04:82:d4:d3:28:54:6e:d1:b6:45:6d:3f:de:34:8d:46:
         e7:e3:bc:c4:bc:fb:8e:a2:d5:fc:2f:11:73:11:71:f2:61:85:
         02:c1:47:eb:a0:1b:ce:a0:46:5e:f1:9f:8b:10:fa:62:e5:64:
         4e:f0:3c:4e:f8:a7:30:4f:04:d8:99:62:50:b3:75:b0:d1:16:
         55:8c:e7:4a:07:c1:47:f2:32:28:6d:d0:39:ad:9f:48:3e:b1:
         ce:be:a7:8f:d3:0a:15:b7:96:4f:c6:35:50:18:2d:49:25:a9:
         7e:fd:c2:0e:5d:0a:9f:d0:d6:bb:88:d8:42:3d:bf:c4:04:47:
         eb:66:eb:47:70:5c:cb:55:aa:1d:22:8b:e1:d2:4e:79:d4:31:
         23:87:3e:20:b6:2e:89:d0:63:5f:45:c8:69:d9:3f:75:12:21:
         38:da:1d:58:e6:f1:b6:1d:89:28:75:dc:8f:b0:da:dd:f2:99:
         8a:dd:41:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4paGGduCJmM4RRY8kUffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUxMTA0MjIwMDE4WhcNMjUxMTA1MjIwMDE4WjAzMTEwLwYDVQQD
Eyg3ZDA5NGU5MzhhZjliZWU4MjI3MWI3NTFjZDY2NDAxMjMzZTNmMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43y250oRpTFwmYrwz4aU0luEAvQq
fJNUOr3xXyalcTemvATM7e+Jyd3H5Th/JpEGUIYm/XO9XaGxbkPenSoUDZjWX0J6
CLtmpJ45YK33qVbLF6HaSfWZIBjeX45I6okZFy2/Wl9yEi+0IHKM8VbfSsmNvWPy
NwgA75RJO1j7z6sNnuCQRrqiA+/xiWXGWjLvTlR4XnBtBCpOwi6rOPy1ACWhPT4E
N1I93u/qCGX3RhatroFWAZAmOk6VUH1vWrUIj72QL8K62NJ5mBZB2MRszr/2bNL2
RZcxxrPmuAO2bbvwhr4pamlN/MVH8hiyzHuR3Iu8DKsfsGUwhD2auzXr4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0JTpOK+b7oInG3Uc1mQBIz4/LzMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM4n+U8Hi
/gynx9J8kTYzejpVwJfMuv9BUoAnZoGliQRvq2eCLOVkVX0bRuRKBhcWjDlwYiBL
o4Mjfk12tF21DxJgZVIL41lIaQAEgtTTKFRu0bZFbT/eNI1G5+O8xLz7jqLV/C8R
cxFx8mGFAsFH66AbzqBGXvGfixD6YuVkTvA8TvinME8E2JliULN1sNEWVYznSgfB
R/IyKG3QOa2fSD6xzr6nj9MKFbeWT8Y1UBgtSSWpfv3CDl0Kn9DWu4jYQj2/xARH
62brR3Bcy1WqHSKL4dJOedQxI4c+ILYuidBjX0XIadk/dRIhONodWObxth2JKHXc
j7Da3fKZit1BwQ==
-----END CERTIFICATE-----