Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          K8M9FEAnLIUX9Voh9N8Rxl6aeDCYBnCg/NeVa+CSnEE=
Subject key identifier:   2B:96:09:5B:7C:3F:D3:0F:1B:91:16:31:83:17:BA:D1:16:BB:9B:B5
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       0196BB92A67F45945D1D63AAB4B3D744E103
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          040A
Signing time:             Sat 10 May 2025 19:01:12 +0000
Manifest this update:     Sat 10 May 2025 19:01:12 +0000
Manifest next update:     Sun 11 May 2025 19:01:12 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: kvKfH1cwRxtbP4exjwKXXTPSq5ZSx40BfPOKoy8vHHI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:a6:7f:45:94:5d:1d:63:aa:b4:b3:d7:44:e1:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: May 10 19:01:12 2025 GMT
            Not After : May 11 19:01:12 2025 GMT
        Subject: CN=2b96095b7c3fd30f1b9116318317bad116bb9bb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f3:50:7f:fa:5c:38:44:63:56:67:54:10:c0:
                    a8:d8:1f:6f:c0:12:af:f7:86:1e:ac:6b:3c:a9:f0:
                    8a:09:d9:3d:13:18:4f:aa:38:c5:62:1f:cd:8d:42:
                    2f:89:70:98:6d:39:aa:17:dd:37:9c:ff:dd:f1:e4:
                    09:8e:f9:71:95:ff:0e:41:0f:5f:19:11:3f:f1:ce:
                    53:cc:2a:ae:1e:37:76:29:ab:fa:44:9f:6b:2f:f6:
                    14:4f:2a:c8:f3:27:01:7f:44:60:ad:3b:b2:19:7b:
                    e4:98:6b:cc:3c:6c:2c:5c:1f:23:ad:e2:e2:4a:5a:
                    3b:2d:22:e0:e8:f8:f6:1a:a5:48:63:2b:86:3f:6f:
                    47:1f:5e:66:77:ff:c4:88:89:00:3d:4f:eb:24:e1:
                    8d:a4:52:25:60:3a:18:00:26:93:0c:f6:3c:ea:57:
                    d5:33:4d:22:c4:af:1f:c6:62:24:ba:4d:76:95:e4:
                    f5:f3:a6:32:81:94:2d:d4:dd:49:aa:6b:cb:57:f0:
                    2c:1a:a7:42:ff:a8:a1:41:63:ed:e6:da:0b:a9:d9:
                    53:f1:89:87:d2:c8:eb:89:73:ae:91:3c:25:f9:96:
                    1b:ce:f4:cb:7c:39:67:4d:f8:7b:90:1c:ac:b6:28:
                    1a:a7:d9:7e:61:ce:b5:25:b7:81:28:ee:cc:5a:09:
                    d9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:96:09:5B:7C:3F:D3:0F:1B:91:16:31:83:17:BA:D1:16:BB:9B:B5
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:43:a1:14:a3:91:b0:40:06:7e:f8:5e:a7:93:fc:8e:c6:75:
         29:d3:91:c8:b5:15:a2:bd:e8:52:d7:45:97:1e:48:2f:f5:dc:
         f1:7d:f5:dc:43:48:ff:6b:fd:24:28:23:a8:c0:3b:f3:32:b4:
         e0:af:48:11:6c:6a:8a:3b:da:5d:a1:17:8a:2e:86:8c:eb:f6:
         73:54:cd:cf:bb:3a:a0:c3:85:f9:95:32:16:03:73:3e:b8:d8:
         ad:45:5b:bb:ac:2d:01:6c:dd:28:a6:b4:96:66:fd:9b:a2:49:
         61:e4:af:af:02:bc:b0:a4:96:45:6f:de:18:82:74:81:0d:5b:
         7f:6a:9f:4c:ad:a9:4b:e1:65:89:e1:e6:6e:f6:62:62:f0:85:
         65:12:46:aa:32:d9:ba:46:80:e1:38:2b:4a:05:f4:18:0f:f0:
         e8:c4:6f:05:74:d8:3c:37:f0:93:ca:b8:08:60:fc:77:28:cb:
         83:c2:ce:b5:08:49:6a:d6:91:d3:52:ec:d7:ad:97:8a:5a:7d:
         1b:61:ac:71:f8:75:72:23:6b:52:05:45:06:01:7f:ac:d3:3b:
         a4:2f:33:79:cb:9d:1a:4f:dd:68:30:60:6c:77:5b:04:e0:95:
         20:0a:a6:e4:af:b5:5e:70:03:37:fb:32:12:3b:dd:cf:88:aa:
         61:fa:b9:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kqZ/RZRdHWOqtLPXROEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUwNTEwMTkwMTEyWhcNMjUwNTExMTkwMTEyWjAzMTEwLwYDVQQD
EygyYjk2MDk1YjdjM2ZkMzBmMWI5MTE2MzE4MzE3YmFkMTE2YmI5YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/NQf/pcOERjVmdUEMCo2B9vwBKv
94YerGs8qfCKCdk9ExhPqjjFYh/NjUIviXCYbTmqF903nP/d8eQJjvlxlf8OQQ9f
GRE/8c5TzCquHjd2Kav6RJ9rL/YUTyrI8ycBf0RgrTuyGXvkmGvMPGwsXB8jreLi
Slo7LSLg6Pj2GqVIYyuGP29HH15md//EiIkAPU/rJOGNpFIlYDoYACaTDPY86lfV
M00ixK8fxmIkuk12leT186YygZQt1N1JqmvLV/AsGqdC/6ihQWPt5toLqdlT8YmH
0sjriXOukTwl+ZYbzvTLfDlnTfh7kBystigap9l+Yc61JbeBKO7MWgnZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuWCVt8P9MPG5EWMYMXutEWu5u1MB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGkOhFKOR
sEAGfvhep5P8jsZ1KdORyLUVor3oUtdFlx5IL/Xc8X313ENI/2v9JCgjqMA78zK0
4K9IEWxqijvaXaEXii6GjOv2c1TNz7s6oMOF+ZUyFgNzPrjYrUVbu6wtAWzdKKa0
lmb9m6JJYeSvrwK8sKSWRW/eGIJ0gQ1bf2qfTK2pS+FlieHmbvZiYvCFZRJGqjLZ
ukaA4TgrSgX0GA/w6MRvBXTYPDfwk8q4CGD8dyjLg8LOtQhJataR01Ls162Xilp9
G2Gscfh1ciNrUgVFBgF/rNM7pC8zecudGk/daDBgbHdbBOCVIAqm5K+1XnADN/sy
Ejvdz4iqYfq5Dg==
-----END CERTIFICATE-----