Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          v5/6PRUQqFQs8SpSLxKxkd1xk20KKe1FDzn8s18kxfU=
Subject key identifier:   EE:69:E8:F2:1B:11:44:07:6F:C6:54:C3:82:AB:52:E4:7F:28:A1:E8
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       019A4EF427997CECCE65CD057AF1E0FDB7D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          05E4
Signing time:             Tue 04 Nov 2025 13:00:15 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:15 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:15 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: ogwGzHUpWxj5tLodwRbtj1S4xCiJE338HhguNe+Ilck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:27:99:7c:ec:ce:65:cd:05:7a:f1:e0:fd:b7:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Nov  4 13:00:15 2025 GMT
            Not After : Nov  5 13:00:15 2025 GMT
        Subject: CN=ee69e8f21b1144076fc654c382ab52e47f28a1e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c4:46:4d:04:01:f4:56:f8:56:84:ff:f7:f5:
                    49:27:38:89:b0:20:57:59:21:30:b3:c4:ae:f8:fb:
                    21:22:ac:d4:82:79:21:1f:f2:ed:a2:2c:13:03:8d:
                    94:c5:73:a5:70:12:42:9c:63:7f:8e:12:a9:bb:af:
                    21:f0:4e:a3:0f:0f:7c:f0:dd:a7:b1:1a:eb:c3:a1:
                    6a:c5:31:99:cd:44:fe:7d:8c:77:90:c3:7f:40:88:
                    4e:23:e8:ea:00:32:c2:be:f5:39:be:7d:a6:36:b9:
                    21:55:16:b1:cb:07:e2:30:2c:bf:5b:f2:5e:95:c0:
                    f4:00:8d:37:c8:11:5d:b4:2d:85:60:50:68:26:0a:
                    bd:82:8c:7a:5b:39:1a:1d:e9:ff:e9:c1:43:b7:21:
                    a8:29:33:90:6f:b3:56:56:10:64:9d:30:23:19:99:
                    e5:ff:67:1a:31:e4:97:66:47:d5:1a:0f:26:26:f2:
                    06:36:f3:06:28:4d:ea:8c:37:4b:3d:b1:47:09:7d:
                    9d:a8:f7:62:fc:0a:6b:52:48:88:96:5d:d3:e4:80:
                    87:73:c3:74:b6:85:49:eb:e0:12:3b:fe:9d:3e:68:
                    64:e0:00:9c:5e:5f:56:7e:86:69:df:55:b9:09:af:
                    34:f6:da:1b:51:dd:13:3b:6f:25:2a:17:ba:63:cf:
                    57:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:69:E8:F2:1B:11:44:07:6F:C6:54:C3:82:AB:52:E4:7F:28:A1:E8
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:4b:fb:21:fb:c8:8b:98:d5:ab:aa:8e:50:af:a4:24:12:a0:
         a5:fa:5b:5f:6e:d9:18:24:41:5f:04:95:14:76:3a:51:5c:d0:
         63:50:b2:b0:28:6d:34:3b:d1:93:f5:5b:ee:71:06:69:8c:a7:
         f2:c0:66:18:c3:99:24:76:52:3a:21:89:d6:e2:9b:f9:66:26:
         41:9f:95:be:52:44:22:50:46:df:1e:29:53:f9:6f:d9:76:20:
         37:91:d9:8c:b7:9d:df:86:0c:3f:94:d2:94:7c:fc:4e:4c:85:
         c1:83:96:b9:1f:a9:60:91:3a:a3:bf:f5:e1:bf:8f:9d:78:78:
         42:26:5d:b3:57:ff:2b:db:8a:54:78:b9:8a:e0:6d:4a:7e:ad:
         53:54:bc:e6:44:cf:78:94:76:74:80:1e:06:c3:da:d6:63:51:
         0e:96:96:b5:13:05:4e:73:82:bd:fe:51:76:b9:34:94:4e:2d:
         1d:94:d0:51:89:8c:3b:34:6e:97:61:05:42:14:8e:7a:03:be:
         5d:8b:94:1a:ee:64:b7:19:c6:de:76:a8:67:45:86:5a:86:80:
         94:b2:6c:0d:71:26:bf:41:86:c8:2a:17:e2:49:a3:d6:9d:82:
         e8:3f:91:80:6c:96:b7:08:83:06:af:5f:18:41:fe:35:5a:1d:
         72:ca:e8:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9CeZfOzOZc0FevHg/bfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUxMTA0MTMwMDE1WhcNMjUxMTA1MTMwMDE1WjAzMTEwLwYDVQQD
EyhlZTY5ZThmMjFiMTE0NDA3NmZjNjU0YzM4MmFiNTJlNDdmMjhhMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsRGTQQB9Fb4VoT/9/VJJziJsCBX
WSEws8Su+PshIqzUgnkhH/LtoiwTA42UxXOlcBJCnGN/jhKpu68h8E6jDw988N2n
sRrrw6FqxTGZzUT+fYx3kMN/QIhOI+jqADLCvvU5vn2mNrkhVRaxywfiMCy/W/Je
lcD0AI03yBFdtC2FYFBoJgq9gox6WzkaHen/6cFDtyGoKTOQb7NWVhBknTAjGZnl
/2caMeSXZkfVGg8mJvIGNvMGKE3qjDdLPbFHCX2dqPdi/AprUkiIll3T5ICHc8N0
toVJ6+ASO/6dPmhk4ACcXl9WfoZp31W5Ca809tobUd0TO28lKhe6Y89XQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5p6PIbEUQHb8ZUw4KrUuR/KKHoMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn0v7IfvI
i5jVq6qOUK+kJBKgpfpbX27ZGCRBXwSVFHY6UVzQY1CysChtNDvRk/Vb7nEGaYyn
8sBmGMOZJHZSOiGJ1uKb+WYmQZ+VvlJEIlBG3x4pU/lv2XYgN5HZjLed34YMP5TS
lHz8TkyFwYOWuR+pYJE6o7/14b+PnXh4QiZds1f/K9uKVHi5iuBtSn6tU1S85kTP
eJR2dIAeBsPa1mNRDpaWtRMFTnOCvf5Rdrk0lE4tHZTQUYmMOzRul2EFQhSOegO+
XYuUGu5ktxnG3naoZ0WGWoaAlLJsDXEmv0GGyCoX4kmj1p2C6D+RgGyWtwiDBq9f
GEH+NVodcsrozw==
-----END CERTIFICATE-----