Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          /cc8kgO7tx2ww0DRSrRMKOt37IZ7S/DVnZ7dgP6exH4=
Subject key identifier:   51:F2:A9:04:EF:77:AA:B7:23:64:6E:B4:86:5D:B1:DB:79:39:16:2A
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       0198A04F059B9F5A91910195A03806EC8160
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          162A
Signing time:             Tue 12 Aug 2025 22:03:09 +0000
Manifest this update:     Tue 12 Aug 2025 22:03:09 +0000
Manifest next update:     Wed 13 Aug 2025 22:03:09 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: 1U/WDz2tcPWA92EbwASUmpFTXhBfLsfunNc9RLcpibo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4f:05:9b:9f:5a:91:91:01:95:a0:38:06:ec:81:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Aug 12 22:03:09 2025 GMT
            Not After : Aug 13 22:03:09 2025 GMT
        Subject: CN=51f2a904ef77aab723646eb4865db1db7939162a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ea:83:7a:91:f8:90:4a:a2:6e:db:52:9c:9d:
                    98:be:9c:e5:01:1c:0f:8d:7b:35:ac:32:72:ad:1e:
                    57:9f:10:55:34:01:84:99:f2:f6:30:3d:7d:d9:7d:
                    6d:1f:01:a7:b0:00:c2:a6:91:8a:66:19:91:b4:d7:
                    ff:2d:ef:54:96:84:c2:51:ac:41:e6:99:f5:66:5e:
                    51:d1:eb:3f:e6:6a:52:c1:d0:59:1b:15:42:7f:01:
                    22:ef:ad:70:89:5d:fc:d0:d6:a7:5a:bc:04:36:1e:
                    11:24:fc:fd:93:c0:7c:3e:7e:67:f4:b0:42:73:6b:
                    c1:06:15:b1:81:b1:e8:50:09:e4:77:83:6e:ae:01:
                    ff:9a:83:c7:33:7d:eb:94:2c:8a:cd:33:43:68:dd:
                    d4:ba:17:b3:23:d7:bd:19:80:35:8d:69:e0:ce:88:
                    32:05:c2:eb:f6:7a:20:ad:9e:55:ed:ad:f0:4f:93:
                    1c:61:2d:9e:87:e4:06:35:ec:0c:bb:61:3c:8a:e4:
                    98:51:2f:fb:e0:64:ab:72:bd:3a:a0:0f:fe:3d:be:
                    aa:9d:aa:af:0b:20:30:19:ea:a2:6b:91:dc:c4:36:
                    51:98:d8:bd:3c:b9:42:39:b4:48:39:46:b1:39:1c:
                    84:72:98:38:78:16:7a:1f:97:23:27:fe:c7:be:e0:
                    78:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F2:A9:04:EF:77:AA:B7:23:64:6E:B4:86:5D:B1:DB:79:39:16:2A
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:d4:0c:13:13:36:31:fa:09:f7:6f:2e:7e:bf:2e:00:b1:2b:
         67:7f:5b:56:1d:98:6c:0a:98:46:f0:b9:44:5c:ce:63:95:bc:
         59:3d:9d:21:70:a9:fb:64:8a:e1:1d:d1:f0:20:73:83:25:c0:
         21:a4:d3:87:19:e8:d5:fc:c4:32:5c:6a:d4:b2:b8:f7:29:ad:
         18:b4:06:7a:aa:70:d4:83:f7:82:c2:ca:74:a8:01:97:a9:59:
         51:c8:31:a2:c1:ed:00:e7:c6:8f:be:82:e2:82:09:62:7c:83:
         ee:91:f3:7a:74:8c:fb:16:02:dc:d9:1a:81:ca:4b:71:3d:0e:
         39:50:23:e2:53:82:08:92:d4:30:e9:ee:5c:78:d9:76:67:95:
         d6:84:b6:68:79:c4:0b:ae:cb:1c:c6:5f:db:99:47:1e:26:58:
         8a:64:49:36:07:e9:e2:94:31:1e:4c:3b:57:1c:e2:3f:31:73:
         c3:4a:c0:e1:5d:44:df:4f:69:c3:86:6c:f9:8d:a8:f0:82:35:
         45:37:fa:e2:0d:7f:a2:dd:dc:5f:cd:e1:b7:57:f2:42:e5:11:
         e7:f0:9e:f4:b8:06:aa:f4:90:21:19:b9:f4:db:c7:34:32:5d:
         de:90:13:f9:ef:e5:34:d0:78:0c:d4:72:83:0b:fd:2e:2f:51:
         be:5e:50:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTwWbn1qRkQGVoDgG7IFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwODEyMjIwMzA5WhcNMjUwODEzMjIwMzA5WjAzMTEwLwYDVQQD
Eyg1MWYyYTkwNGVmNzdhYWI3MjM2NDZlYjQ4NjVkYjFkYjc5MzkxNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+qDepH4kEqibttSnJ2YvpzlARwP
jXs1rDJyrR5XnxBVNAGEmfL2MD192X1tHwGnsADCppGKZhmRtNf/Le9UloTCUaxB
5pn1Zl5R0es/5mpSwdBZGxVCfwEi761wiV380NanWrwENh4RJPz9k8B8Pn5n9LBC
c2vBBhWxgbHoUAnkd4NurgH/moPHM33rlCyKzTNDaN3UuhezI9e9GYA1jWngzogy
BcLr9nogrZ5V7a3wT5McYS2eh+QGNewMu2E8iuSYUS/74GSrcr06oA/+Pb6qnaqv
CyAwGeqia5HcxDZRmNi9PLlCObRIOUaxORyEcpg4eBZ6H5cjJ/7HvuB41wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHyqQTvd6q3I2RutIZdsdt5ORYqMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtQMExM2
MfoJ928ufr8uALErZ39bVh2YbAqYRvC5RFzOY5W8WT2dIXCp+2SK4R3R8CBzgyXA
IaTThxno1fzEMlxq1LK49ymtGLQGeqpw1IP3gsLKdKgBl6lZUcgxosHtAOfGj76C
4oIJYnyD7pHzenSM+xYC3NkagcpLcT0OOVAj4lOCCJLUMOnuXHjZdmeV1oS2aHnE
C67LHMZf25lHHiZYimRJNgfp4pQxHkw7VxziPzFzw0rA4V1E309pw4Zs+Y2o8II1
RTf64g1/ot3cX83ht1fyQuUR5/Ce9LgGqvSQIRm59NvHNDJd3pAT+e/lNNB4DNRy
gwv9Li9Rvl5QTw==
-----END CERTIFICATE-----