Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          TBQxP+eoPWc6CTcqrgS4jYjHcRx2vRSC5CHzGBSRZZI=
Subject key identifier:   FE:87:4B:CF:DA:F2:C0:DF:BC:28:EC:50:92:64:05:A1:40:1C:A6:87
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       019369D99C618E36EFB5E728E9E121280B68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          0252
Signing time:             Tue 26 Nov 2024 19:01:29 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:29 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:29 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: Kk1R06CgnUsdvLrX7YAaZOMHeHf7wq5boXMehPgz9Hs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:9c:61:8e:36:ef:b5:e7:28:e9:e1:21:28:0b:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Nov 26 19:01:29 2024 GMT
            Not After : Nov 27 19:01:29 2024 GMT
        Subject: CN=fe874bcfdaf2c0dfbc28ec50926405a1401ca687
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4b:6e:6c:95:31:48:8e:80:09:3c:dc:fb:c9:
                    55:ab:8a:09:19:b2:42:84:67:f7:31:0d:aa:ce:de:
                    28:11:b1:73:9f:95:45:b1:a8:c6:27:6d:b1:85:27:
                    10:4e:c6:1a:da:6a:c3:ac:36:9b:3f:de:79:18:39:
                    08:cd:0e:c4:c7:c0:cc:19:b4:3f:ce:b3:17:39:a3:
                    9a:93:71:a6:f5:eb:b4:1c:5c:ec:df:2f:ee:e5:86:
                    75:80:7e:3c:8d:2b:ce:ac:cc:9a:c7:83:dc:ed:f7:
                    24:c1:bd:2c:4e:f0:29:39:32:19:39:a7:a2:f4:7b:
                    20:30:f6:c5:0f:ee:aa:a9:e0:0e:98:95:a6:e2:7c:
                    a7:6b:49:b1:e2:85:e7:f4:17:2e:94:33:0a:87:06:
                    fe:12:21:8f:09:c9:d0:38:7a:89:95:f5:47:b7:3d:
                    bd:fb:2e:f7:31:6b:67:65:a9:d8:2c:a7:7f:cb:db:
                    26:a9:98:5c:7e:3b:e1:6b:39:e8:28:3e:cd:d3:b1:
                    48:4a:0b:80:72:ff:2d:76:cd:d0:5b:5d:f5:26:f2:
                    54:a3:81:fa:89:a4:ba:b6:fa:80:88:14:4b:3f:16:
                    9e:f6:d5:2c:e5:26:fc:a7:43:0b:c6:69:98:72:7a:
                    eb:ff:7e:8f:44:89:2f:e4:f6:01:2f:8a:64:ed:1c:
                    c4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:87:4B:CF:DA:F2:C0:DF:BC:28:EC:50:92:64:05:A1:40:1C:A6:87
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:32:c5:3e:6d:93:52:5d:d1:8d:54:37:15:9c:da:7a:ee:12:
         f8:b1:52:48:20:89:34:de:e3:97:4c:3b:ae:9c:06:93:9d:e9:
         89:23:7e:3b:34:4f:54:e9:58:b0:75:86:64:59:8e:b2:ca:a7:
         0d:0e:07:fd:60:1f:6a:1c:d5:5c:c3:7e:41:9f:4c:b9:5d:96:
         ba:26:eb:0c:91:ff:b9:dd:0c:6d:69:9a:53:37:4f:35:e3:92:
         14:ec:ca:cf:27:20:4e:f7:60:f1:c3:94:c1:1e:dd:14:bc:da:
         70:65:0e:f0:f9:da:30:fb:21:1c:0c:a2:61:72:00:16:89:a2:
         00:37:d2:4c:db:85:91:2b:94:0b:b1:03:e5:25:35:30:b3:b4:
         70:36:96:41:35:51:2c:52:03:c5:b7:f8:08:0d:c3:29:07:b6:
         b5:b6:67:67:49:ee:f1:95:2e:12:ac:b5:ac:66:fa:49:33:f1:
         c6:21:e7:e4:af:4d:16:2b:a2:36:31:4d:0c:5d:f3:fe:db:46:
         fe:ff:81:eb:ee:0e:12:b8:7e:c8:a9:89:70:b5:ec:08:d0:97:
         54:78:33:03:64:c2:50:ad:82:bb:8f:a4:2e:fb:55:aa:5c:d0:
         0d:e5:be:21:5f:f7:9a:e1:68:d8:2a:7f:ee:02:8b:d1:a7:1a:
         bc:0f:2d:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2Zxhjjbvteco6eEhKAtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjQxMTI2MTkwMTI5WhcNMjQxMTI3MTkwMTI5WjAzMTEwLwYDVQQD
EyhmZTg3NGJjZmRhZjJjMGRmYmMyOGVjNTA5MjY0MDVhMTQwMWNhNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10tubJUxSI6ACTzc+8lVq4oJGbJC
hGf3MQ2qzt4oEbFzn5VFsajGJ22xhScQTsYa2mrDrDabP955GDkIzQ7Ex8DMGbQ/
zrMXOaOak3Gm9eu0HFzs3y/u5YZ1gH48jSvOrMyax4Pc7fckwb0sTvApOTIZOaei
9HsgMPbFD+6qqeAOmJWm4nyna0mx4oXn9BculDMKhwb+EiGPCcnQOHqJlfVHtz29
+y73MWtnZanYLKd/y9smqZhcfjvhaznoKD7N07FISguAcv8tds3QW131JvJUo4H6
iaS6tvqAiBRLPxae9tUs5Sb8p0MLxmmYcnrr/36PRIkv5PYBL4pk7RzEwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6HS8/a8sDfvCjsUJJkBaFAHKaHMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDLFPm2T
Ul3RjVQ3FZzaeu4S+LFSSCCJNN7jl0w7rpwGk53piSN+OzRPVOlYsHWGZFmOssqn
DQ4H/WAfahzVXMN+QZ9MuV2WuibrDJH/ud0MbWmaUzdPNeOSFOzKzycgTvdg8cOU
wR7dFLzacGUO8PnaMPshHAyiYXIAFomiADfSTNuFkSuUC7ED5SU1MLO0cDaWQTVR
LFIDxbf4CA3DKQe2tbZnZ0nu8ZUuEqy1rGb6STPxxiHn5K9NFiuiNjFNDF3z/ttG
/v+B6+4OErh+yKmJcLXsCNCXVHgzA2TCUK2Cu4+kLvtVqlzQDeW+IV/3muFo2Cp/
7gKL0acavA8tpA==
-----END CERTIFICATE-----