Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          ySeO5N+iHCG+bvaU+Nq6l2bjdBMeysWb2jZ4WKEX4bs=
Subject key identifier:   5A:5E:B3:AB:25:CE:55:3A:1D:FF:D5:BE:A0:C0:05:7C:7B:F7:4E:60
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       0196760C67EA62215D74010BEE4B4BCE0700
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 07:00:46 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:46 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:46 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: N0OfLE+b/8Ab6n2cX8GRziWA6HyVz4SOHmYAd865gZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:67:ea:62:21:5d:74:01:0b:ee:4b:4b:ce:07:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Apr 27 07:00:46 2025 GMT
            Not After : Apr 28 07:00:46 2025 GMT
        Subject: CN=5a5eb3ab25ce553a1dffd5bea0c0057c7bf74e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6f:16:3f:9c:0b:46:6a:be:18:c6:3f:24:91:
                    42:3d:76:29:ea:6e:32:7c:24:88:a3:e3:14:e4:6c:
                    42:e4:6f:a2:0e:21:aa:8b:0c:5c:d4:07:54:1d:62:
                    f9:7b:4a:35:5f:31:0f:6a:fc:61:1b:85:30:19:18:
                    c0:8b:d2:c1:66:df:02:a7:4b:e8:64:98:bf:56:bd:
                    28:e7:73:a0:80:d2:fb:ff:27:46:52:8b:17:6e:aa:
                    29:69:93:77:77:db:86:6b:e7:06:57:44:c0:80:a5:
                    ed:a3:94:56:b5:e5:30:08:1d:fc:bb:fb:8c:a4:90:
                    2c:49:84:d7:cd:52:c2:ff:d5:84:3f:93:53:9d:b4:
                    f2:ef:45:bb:bb:fc:6f:61:42:2f:19:50:c9:92:c6:
                    47:13:35:4b:b8:69:a8:64:c7:b4:60:84:c4:36:9e:
                    3a:25:af:1d:a4:9e:8a:47:d2:b4:33:52:b1:d5:be:
                    14:5c:24:b8:d5:b7:93:6b:c2:31:3d:76:f6:e2:b6:
                    22:fa:78:d5:bb:05:61:da:f6:b2:da:8d:e5:f4:44:
                    f9:bf:f5:a8:3a:d3:6f:24:4a:26:e5:18:f4:15:5e:
                    80:fc:9a:0f:7e:d9:ff:6a:a1:11:33:77:53:3b:ce:
                    c7:d3:39:26:f1:09:15:30:89:ca:da:22:fa:b9:08:
                    cc:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:5E:B3:AB:25:CE:55:3A:1D:FF:D5:BE:A0:C0:05:7C:7B:F7:4E:60
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:1e:ef:a4:33:c7:42:3e:a6:16:b6:00:ec:39:b4:2e:47:64:
         41:7b:f2:dc:5e:02:82:01:ef:b1:d3:f1:00:4f:d7:e6:cc:59:
         1d:a9:fc:2a:11:57:13:63:4e:75:5b:88:83:0b:1d:63:df:56:
         87:e3:3b:40:c9:b6:99:02:64:d6:fa:7b:e0:dc:09:bd:02:13:
         91:65:ae:b5:18:4e:27:34:dd:0c:8e:ca:cd:fa:71:cf:ca:35:
         56:8a:bf:8f:37:b3:e5:24:53:d7:68:9a:6f:ef:3d:c2:3a:58:
         4b:69:93:16:2a:ac:58:b2:3c:01:50:87:1f:02:44:fc:43:01:
         98:8b:06:bd:bc:48:9f:c8:3e:ae:19:4a:ab:b3:bd:50:c4:cd:
         b2:6c:10:3f:09:08:93:ca:a6:40:bf:76:5b:b4:9d:a6:f6:88:
         78:01:dd:0f:fd:8e:f8:ae:c4:de:83:ca:36:ac:46:a0:1b:e9:
         51:39:db:90:2b:3c:7f:bf:b2:40:1c:79:5c:aa:ed:2f:9a:e6:
         34:49:9e:94:f1:20:bc:85:1f:aa:05:4e:9e:d6:57:53:b9:b1:
         f3:a2:a7:7d:e7:23:2c:fb:7a:f6:3f:04:81:ba:b5:1f:9a:cb:
         2c:3c:b3:db:d3:99:d9:25:2b:5a:49:d4:c6:70:47:9e:78:1a:
         0a:14:14:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DGfqYiFddAEL7ktLzgcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjUwNDI3MDcwMDQ2WhcNMjUwNDI4MDcwMDQ2WjAzMTEwLwYDVQQD
Eyg1YTVlYjNhYjI1Y2U1NTNhMWRmZmQ1YmVhMGMwMDU3YzdiZjc0ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm8WP5wLRmq+GMY/JJFCPXYp6m4y
fCSIo+MU5GxC5G+iDiGqiwxc1AdUHWL5e0o1XzEPavxhG4UwGRjAi9LBZt8Cp0vo
ZJi/Vr0o53OggNL7/ydGUosXbqopaZN3d9uGa+cGV0TAgKXto5RWteUwCB38u/uM
pJAsSYTXzVLC/9WEP5NTnbTy70W7u/xvYUIvGVDJksZHEzVLuGmoZMe0YITENp46
Ja8dpJ6KR9K0M1Kx1b4UXCS41beTa8IxPXb24rYi+njVuwVh2vay2o3l9ET5v/Wo
OtNvJEom5Rj0FV6A/JoPftn/aqERM3dTO87H0zkm8QkVMInK2iL6uQjMLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpes6slzlU6Hf/VvqDABXx7905gMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlh7vpDPH
Qj6mFrYA7Dm0LkdkQXvy3F4CggHvsdPxAE/X5sxZHan8KhFXE2NOdVuIgwsdY99W
h+M7QMm2mQJk1vp74NwJvQITkWWutRhOJzTdDI7Kzfpxz8o1Voq/jzez5SRT12ia
b+89wjpYS2mTFiqsWLI8AVCHHwJE/EMBmIsGvbxIn8g+rhlKq7O9UMTNsmwQPwkI
k8qmQL92W7SdpvaIeAHdD/2O+K7E3oPKNqxGoBvpUTnbkCs8f7+yQBx5XKrtL5rm
NEmelPEgvIUfqgVOntZXU7mx86KnfecjLPt69j8Egbq1H5rLLDyz29OZ2SUrWknU
xnBHnngaChQUVA==
-----END CERTIFICATE-----