Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          OoPWmLCx3L89L8gmGCs205Xwtg7S41ZpfwKi2fc1ErE=
Subject key identifier:   14:C1:0F:33:14:84:A7:30:89:1B:EB:70:60:D7:36:1A:C8:16:D6:05
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       0198A04E8A7C5A15634D323C03F0E951DFDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          0505
Signing time:             Tue 12 Aug 2025 22:02:38 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:38 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:38 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: GrI6WKBmnJFytEQYtoPjp1rIsQrkkCEx3jdNKRDf5C0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:8a:7c:5a:15:63:4d:32:3c:03:f0:e9:51:df:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Aug 12 22:02:38 2025 GMT
            Not After : Aug 13 22:02:38 2025 GMT
        Subject: CN=14c10f331484a730891beb7060d7361ac816d605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c2:50:47:53:5e:56:16:de:cd:80:ec:6f:d3:
                    59:be:1e:9b:c6:f5:c8:a5:67:38:68:c2:3e:e9:9d:
                    f6:ec:35:44:cb:66:d6:60:b8:8a:78:02:c6:57:01:
                    71:31:aa:fa:be:8b:1a:16:b3:ad:1b:5d:e1:83:76:
                    45:25:23:11:03:24:34:8d:66:12:f5:5c:26:6e:39:
                    66:33:c5:f4:ad:58:44:f8:9b:b7:20:4b:e7:6e:98:
                    e2:6e:a4:3e:19:97:b8:16:cc:6c:58:1e:ed:06:93:
                    20:3b:78:b9:58:f7:06:f9:c1:82:32:e5:b4:55:04:
                    1f:e6:6a:44:b5:d6:9b:67:27:6e:57:44:e9:49:69:
                    4f:df:7f:fc:34:76:0a:d1:10:9a:08:3b:51:ab:75:
                    9a:64:1a:43:59:1f:0e:f0:51:8c:03:9b:ea:c0:13:
                    b9:8c:c2:b4:11:32:91:19:7e:fb:c7:8a:d6:2b:cf:
                    fb:eb:d9:6b:5a:b9:d5:bd:1f:c5:05:05:3a:86:cf:
                    8b:8e:b3:75:5e:4a:f3:a6:b4:86:3a:3a:22:8c:cb:
                    91:fb:a3:d5:9f:bd:b6:df:01:17:96:ba:46:96:15:
                    bf:83:d8:2c:72:0d:e4:e6:aa:17:23:20:f0:46:b1:
                    a8:e1:55:cd:12:47:79:79:fc:38:70:55:40:d1:c1:
                    a8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C1:0F:33:14:84:A7:30:89:1B:EB:70:60:D7:36:1A:C8:16:D6:05
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:2d:e8:12:0e:15:a6:8a:a6:c2:60:3a:37:f7:4f:df:bf:0f:
         b8:e6:23:ab:e2:5a:23:46:46:f6:08:26:7f:b4:ae:75:1c:44:
         b8:0b:b1:8b:2d:08:2d:f3:2a:20:ea:26:ae:ac:db:93:ef:21:
         aa:f9:af:40:dc:04:fb:4e:5d:cb:89:da:3f:91:92:be:c6:3a:
         7a:43:8a:32:35:e2:a8:5e:86:dd:ec:cb:ca:c9:64:97:d9:71:
         8f:a7:5b:8f:8e:4f:9e:6f:97:ab:de:6d:4d:b7:43:1c:d2:fb:
         ef:48:36:b0:1f:44:1a:a4:78:df:fb:d4:21:69:a7:6c:6d:38:
         49:5e:93:42:27:8f:f9:54:7b:a3:78:dc:07:6a:43:f1:5f:0d:
         a7:54:03:3c:41:58:04:e0:47:52:08:1c:1d:d6:36:b2:55:80:
         53:89:b8:4b:80:ce:ac:d2:15:3e:19:1d:29:5b:6e:37:34:92:
         fa:fc:4b:e9:38:7c:07:15:99:03:c9:65:35:13:d9:2a:60:ad:
         91:d9:96:f1:c2:19:1c:78:f8:a0:80:29:ea:5d:a5:2c:c4:d5:
         0f:73:81:c2:a1:0d:f4:a8:2d:60:8a:db:c4:14:19:7f:07:a3:
         3d:91:c7:a1:b8:2d:ac:d2:d0:27:69:72:84:f5:14:ab:68:71:
         d6:f6:cc:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTop8WhVjTTI8A/DpUd/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUwODEyMjIwMjM4WhcNMjUwODEzMjIwMjM4WjAzMTEwLwYDVQQD
EygxNGMxMGYzMzE0ODRhNzMwODkxYmViNzA2MGQ3MzYxYWM4MTZkNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8JQR1NeVhbezYDsb9NZvh6bxvXI
pWc4aMI+6Z327DVEy2bWYLiKeALGVwFxMar6vosaFrOtG13hg3ZFJSMRAyQ0jWYS
9VwmbjlmM8X0rVhE+Ju3IEvnbpjibqQ+GZe4FsxsWB7tBpMgO3i5WPcG+cGCMuW0
VQQf5mpEtdabZyduV0TpSWlP33/8NHYK0RCaCDtRq3WaZBpDWR8O8FGMA5vqwBO5
jMK0ETKRGX77x4rWK8/769lrWrnVvR/FBQU6hs+LjrN1XkrzprSGOjoijMuR+6PV
n7223wEXlrpGlhW/g9gscg3k5qoXIyDwRrGo4VXNEkd5efw4cFVA0cGoxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTBDzMUhKcwiRvrcGDXNhrIFtYFMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkC3oEg4V
poqmwmA6N/dP378PuOYjq+JaI0ZG9ggmf7SudRxEuAuxiy0ILfMqIOomrqzbk+8h
qvmvQNwE+05dy4naP5GSvsY6ekOKMjXiqF6G3ezLyslkl9lxj6dbj45Pnm+Xq95t
TbdDHNL770g2sB9EGqR43/vUIWmnbG04SV6TQieP+VR7o3jcB2pD8V8Np1QDPEFY
BOBHUggcHdY2slWAU4m4S4DOrNIVPhkdKVtuNzSS+vxL6Th8BxWZA8llNRPZKmCt
kdmW8cIZHHj4oIAp6l2lLMTVD3OBwqEN9KgtYIrbxBQZfwejPZHHobgtrNLQJ2ly
hPUUq2hx1vbMjw==
-----END CERTIFICATE-----