Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          OJKLRj5mCx3LCDfNce/Om01fZZCDfjcrXEzKDWrQCzE=
Subject key identifier:   50:DC:FD:1B:59:6B:BC:04:9D:63:DB:59:79:F6:0E:A6:02:1E:F2:34
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       0199FBEBFCE6A0A1E5E62BB43DD66377DB24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          05B9
Signing time:             Sun 19 Oct 2025 10:02:50 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:50 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:50 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: y1P8wRrU1nc3XvrPaAW3Vs1qzpTQMdxkhw91K0GdBgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:fc:e6:a0:a1:e5:e6:2b:b4:3d:d6:63:77:db:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Oct 19 10:02:50 2025 GMT
            Not After : Oct 20 10:02:50 2025 GMT
        Subject: CN=50dcfd1b596bbc049d63db5979f60ea6021ef234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2a:fc:99:50:d4:e0:d9:f6:85:90:7c:ec:04:
                    91:ff:16:b5:8d:1d:2c:ee:51:bd:91:3d:e2:1e:e0:
                    06:1c:76:7c:4c:c0:72:dd:56:65:78:80:a3:5e:77:
                    c7:5e:c5:a6:8e:07:a9:e2:8c:fb:ec:86:40:75:4d:
                    1d:f0:94:ca:55:97:a9:15:c5:38:85:64:0b:e1:39:
                    72:29:ed:d7:08:d4:5b:86:3d:7d:76:df:60:ff:fe:
                    a6:41:14:2a:03:3c:a9:89:55:da:83:7a:4b:1b:cd:
                    a0:68:82:c5:6c:5f:46:eb:ba:81:54:fd:7e:8f:70:
                    3c:99:7a:1b:25:a8:e5:e1:1f:6d:61:71:b9:4d:a6:
                    ac:31:de:cb:f8:bc:bf:67:cb:7a:ec:9f:e7:1d:05:
                    70:1d:d0:c1:4f:19:50:16:7e:79:c5:87:29:82:15:
                    74:59:43:21:84:e8:b5:e5:c9:8f:12:de:0c:8f:24:
                    a5:01:f8:4a:60:62:0e:11:d9:eb:e3:b0:6e:ba:28:
                    3b:a1:b3:a4:0d:73:65:55:81:85:5b:d2:ca:8d:72:
                    0a:52:39:0a:66:c6:a7:dc:d3:f1:43:5d:60:9f:3f:
                    b1:e1:f9:28:0f:3a:a1:88:1e:6d:8c:01:af:14:95:
                    da:56:4d:14:0f:ca:f1:14:2e:a1:2c:39:f8:79:e0:
                    6f:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:DC:FD:1B:59:6B:BC:04:9D:63:DB:59:79:F6:0E:A6:02:1E:F2:34
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:ae:9f:ca:25:14:81:b1:52:ef:26:35:30:93:63:a5:56:3b:
         5a:13:c1:86:9c:aa:60:ab:80:b2:36:38:56:f7:f4:34:4d:29:
         80:56:c4:83:3f:21:18:4c:24:b7:d2:d4:f8:c7:70:85:e1:5d:
         d7:5f:ee:91:23:64:9b:38:57:23:68:45:71:04:02:20:c9:fc:
         b4:be:89:27:ae:30:96:a2:20:9d:29:83:62:6b:9b:21:f2:86:
         a3:f7:ac:f2:25:6c:fe:0d:35:9f:88:67:4c:7c:b9:f5:89:a1:
         19:ba:03:15:ce:8c:19:52:7b:d9:3d:4b:4e:21:6b:08:a1:1d:
         a5:70:05:63:a5:e5:19:80:95:4f:d5:18:87:e0:8e:de:9e:5f:
         b3:ba:72:d7:3a:bc:70:da:2a:63:39:25:de:c7:8c:62:f7:8e:
         af:45:7f:84:fe:9b:79:29:ca:ac:93:14:b2:1b:b4:c9:01:66:
         84:d9:66:ee:8e:96:e1:92:52:ca:c2:49:48:f2:1b:71:73:f8:
         ff:03:08:af:61:f8:08:0b:7b:a1:1e:96:9d:df:58:51:9c:4e:
         63:2e:41:f3:46:1b:9e:e0:44:ec:7e:86:94:f0:e2:dc:56:4c:
         a9:af:d4:ee:05:2c:7e:80:eb:23:c7:29:0f:8b:9c:80:83:47:
         c5:23:d8:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/zmoKHl5iu0PdZjd9skMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUxMDE5MTAwMjUwWhcNMjUxMDIwMTAwMjUwWjAzMTEwLwYDVQQD
Eyg1MGRjZmQxYjU5NmJiYzA0OWQ2M2RiNTk3OWY2MGVhNjAyMWVmMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCr8mVDU4Nn2hZB87ASR/xa1jR0s
7lG9kT3iHuAGHHZ8TMBy3VZleICjXnfHXsWmjgep4oz77IZAdU0d8JTKVZepFcU4
hWQL4TlyKe3XCNRbhj19dt9g//6mQRQqAzypiVXag3pLG82gaILFbF9G67qBVP1+
j3A8mXobJajl4R9tYXG5TaasMd7L+Ly/Z8t67J/nHQVwHdDBTxlQFn55xYcpghV0
WUMhhOi15cmPEt4MjySlAfhKYGIOEdnr47Buuig7obOkDXNlVYGFW9LKjXIKUjkK
Zsan3NPxQ11gnz+x4fkoDzqhiB5tjAGvFJXaVk0UD8rxFC6hLDn4eeBvNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDc/RtZa7wEnWPbWXn2DqYCHvI0MB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwa6fyiUU
gbFS7yY1MJNjpVY7WhPBhpyqYKuAsjY4Vvf0NE0pgFbEgz8hGEwkt9LU+MdwheFd
11/ukSNkmzhXI2hFcQQCIMn8tL6JJ64wlqIgnSmDYmubIfKGo/es8iVs/g01n4hn
THy59YmhGboDFc6MGVJ72T1LTiFrCKEdpXAFY6XlGYCVT9UYh+CO3p5fs7py1zq8
cNoqYzkl3seMYveOr0V/hP6beSnKrJMUshu0yQFmhNlm7o6W4ZJSysJJSPIbcXP4
/wMIr2H4CAt7oR6Wnd9YUZxOYy5B80YbnuBE7H6GlPDi3FZMqa/U7gUsfoDrI8cp
D4ucgINHxSPYvQ==
-----END CERTIFICATE-----