Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          L9wEXj8Df10MKFgyktnobH416TiXg3AZnrq5AcCSnSc=
Subject key identifier:   04:0A:4E:89:D1:84:69:69:E9:D1:64:02:6C:3F:4F:10:53:86:20:83
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       018F8748658123BE0309CF98579C8949F6DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          4F
Signing time:             Fri 17 May 2024 16:00:18 +0000
Manifest this update:     Fri 17 May 2024 16:00:18 +0000
Manifest next update:     Sat 18 May 2024 16:00:18 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: 2fKGdcRltCHlV1iYRYsNe8OJMoXJQXb5o15PZWQ/fHM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:65:81:23:be:03:09:cf:98:57:9c:89:49:f6:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: May 17 16:00:18 2024 GMT
            Not After : May 18 16:00:18 2024 GMT
        Subject: CN=040a4e89d1846969e9d164026c3f4f1053862083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:94:22:23:3b:6e:62:ad:af:cb:de:64:86:84:
                    91:53:09:84:2a:d2:4b:ee:be:77:cd:0a:e1:55:eb:
                    70:86:73:ac:32:8c:06:c0:56:67:a3:7a:e7:7a:5e:
                    97:de:e0:96:a5:21:e9:1d:6e:d3:6d:1f:38:36:95:
                    18:4a:1a:b5:0d:af:8d:9d:80:e1:68:4b:2c:b1:14:
                    31:ad:cf:98:d1:cd:e7:8f:45:cd:50:98:71:b0:1e:
                    96:fd:0b:c1:eb:b0:f1:d1:46:ed:0d:da:d8:83:2c:
                    26:6c:03:fb:ad:c3:eb:43:fa:af:bc:bb:43:15:31:
                    ca:f4:8b:e7:8f:3a:35:b4:06:fe:dd:76:84:f0:5b:
                    4b:a1:46:bf:e4:d1:c8:55:64:fc:77:b6:46:13:d8:
                    28:95:72:7a:78:a4:62:d7:aa:9a:50:dc:0d:81:67:
                    b1:f2:30:c2:7f:35:81:78:f1:2f:3f:fc:47:e3:36:
                    c3:5a:00:4c:d9:1a:f5:2f:b4:79:75:8f:d0:7e:42:
                    3a:89:67:62:ad:86:70:48:7b:6f:3e:a3:58:21:2c:
                    f4:73:b6:da:71:63:85:e8:17:67:e4:06:a6:31:eb:
                    52:c5:83:d1:aa:f9:2f:f0:34:0b:45:61:f4:85:5c:
                    1a:fd:ef:02:8c:bd:5a:a2:56:c3:62:92:3b:e1:e1:
                    6c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:0A:4E:89:D1:84:69:69:E9:D1:64:02:6C:3F:4F:10:53:86:20:83
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:1f:e2:ba:2b:45:ea:ea:35:71:df:ea:28:ee:cd:c2:fc:98:
         47:03:85:39:eb:ce:4c:7d:60:a0:33:bc:f2:ce:50:c2:47:67:
         2a:ab:45:40:a3:55:b0:7f:91:b5:ee:3d:8f:14:2c:2c:46:79:
         f5:96:d1:16:0d:39:15:e7:33:62:a8:b1:0c:0e:cb:b5:5e:02:
         7d:40:e8:8f:fd:ee:f6:c7:8d:11:0c:3a:90:d3:ff:0d:de:0f:
         e6:51:cf:25:cb:67:65:dc:90:1e:07:eb:44:da:f1:81:a9:36:
         3c:f9:c7:9d:b9:f7:95:19:ff:7d:5d:5c:70:42:a9:e2:56:d0:
         5d:08:ce:85:2f:13:8e:a2:18:b3:ce:7a:c0:76:73:87:c3:91:
         4c:4f:03:53:a0:0d:76:80:14:f6:76:e7:19:d0:70:e8:79:4c:
         33:3e:67:5a:63:c4:9b:00:c3:16:fb:b6:75:c9:ee:12:d2:24:
         0c:cf:ed:56:d6:80:db:be:cf:3b:8d:f6:87:d2:1e:bc:ea:fa:
         f2:06:21:83:62:fa:d1:43:f9:29:43:f5:2f:1c:89:67:42:1d:
         99:15:de:6d:16:4b:3e:ab:64:6a:cc:ad:eb:96:ba:75:78:28:
         47:a9:a4:ca:fb:67:3f:7c:45:da:fb:11:30:8a:05:e1:17:b7:
         de:fb:f7:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSGWBI74DCc+YV5yJSfbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjQwNTE3MTYwMDE4WhcNMjQwNTE4MTYwMDE4WjAzMTEwLwYDVQQD
EygwNDBhNGU4OWQxODQ2OTY5ZTlkMTY0MDI2YzNmNGYxMDUzODYyMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZQiIztuYq2vy95khoSRUwmEKtJL
7r53zQrhVetwhnOsMowGwFZno3rnel6X3uCWpSHpHW7TbR84NpUYShq1Da+NnYDh
aEsssRQxrc+Y0c3nj0XNUJhxsB6W/QvB67Dx0UbtDdrYgywmbAP7rcPrQ/qvvLtD
FTHK9Ivnjzo1tAb+3XaE8FtLoUa/5NHIVWT8d7ZGE9golXJ6eKRi16qaUNwNgWex
8jDCfzWBePEvP/xH4zbDWgBM2Rr1L7R5dY/QfkI6iWdirYZwSHtvPqNYISz0c7ba
cWOF6Bdn5AamMetSxYPRqvkv8DQLRWH0hVwa/e8CjL1aolbDYpI74eFswwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQKTonRhGlp6dFkAmw/TxBThiCDMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVh/iuitF
6uo1cd/qKO7NwvyYRwOFOevOTH1goDO88s5QwkdnKqtFQKNVsH+Rte49jxQsLEZ5
9ZbRFg05FeczYqixDA7LtV4CfUDoj/3u9seNEQw6kNP/Dd4P5lHPJctnZdyQHgfr
RNrxgak2PPnHnbn3lRn/fV1ccEKp4lbQXQjOhS8TjqIYs856wHZzh8ORTE8DU6AN
doAU9nbnGdBw6HlMMz5nWmPEmwDDFvu2dcnuEtIkDM/tVtaA277PO432h9IevOr6
8gYhg2L60UP5KUP1LxyJZ0IdmRXebRZLPqtkasyt65a6dXgoR6mkyvtnP3xF2vsR
MIoF4Re33vv3DA==
-----END CERTIFICATE-----