Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File:                     lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier:          QO/SCl/oG8T7sPSIX77BeLvnpOv4GYcDL6JwmXJD61A=
Subject key identifier:   E9:10:9C:CE:3E:54:5C:0D:0E:2F:A8:21:A5:90:FA:5F:9F:EB:27:6E
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer:       /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial:       019923A093A9058C8087ED64E40DEA139E86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number:          0549
Signing time:             Sun 07 Sep 2025 10:02:30 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:30 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:30 +0000
Files and hashes:         1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: DZxFp3fACY8OCS0RwHlf0u74onmhHNf9603gdHWqvUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:93:a9:05:8c:80:87:ed:64:e4:0d:ea:13:9e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
        Validity
            Not Before: Sep  7 10:02:30 2025 GMT
            Not After : Sep  8 10:02:30 2025 GMT
        Subject: CN=e9109cce3e545c0d0e2fa821a590fa5f9feb276e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:d3:bf:18:9b:82:93:2b:e4:d4:cf:62:95:4f:
                    a7:d1:3b:ae:b1:17:26:3a:3e:21:28:29:30:84:07:
                    1a:4c:0a:d2:a7:00:86:55:62:06:bc:8b:85:8c:47:
                    6c:13:87:5a:46:73:1a:4b:bb:d0:80:05:e5:89:56:
                    7c:10:9f:b8:18:97:36:d5:cf:98:f0:80:11:5e:ee:
                    0e:81:f3:35:76:0e:d3:0e:ec:87:2f:99:72:85:99:
                    23:d4:f0:f6:23:02:4f:b3:14:16:51:74:72:b9:4c:
                    7e:31:37:16:7b:68:57:bf:cd:45:cc:97:6d:ee:5f:
                    7b:a4:07:c4:19:0e:ff:c9:30:c9:0b:10:b5:87:d5:
                    ce:38:5f:69:bf:f5:b7:cb:6b:3f:d5:20:09:51:86:
                    ec:34:ab:50:f0:2a:98:98:1e:43:0b:d3:40:97:21:
                    38:13:b9:37:4b:aa:08:fd:84:fd:b7:42:2e:ce:6d:
                    e4:9c:a2:99:c6:1d:eb:5b:cf:47:77:22:50:65:be:
                    c6:16:02:33:24:50:75:5e:53:f7:3f:2f:02:22:57:
                    c3:80:c9:19:3f:1f:82:2b:2e:f6:c8:25:07:87:bd:
                    d1:e4:08:43:0a:00:f5:3d:9d:77:00:2c:f1:82:9c:
                    a0:5e:a7:68:cb:56:b6:ea:81:67:ad:26:4a:dd:42:
                    d7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:10:9C:CE:3E:54:5C:0D:0E:2F:A8:21:A5:90:FA:5F:9F:EB:27:6E
            X509v3 Authority Key Identifier:
                keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:11:6c:4d:76:70:83:5f:3c:3e:43:9d:5f:a3:f7:ce:8a:1d:
         89:e7:4c:9b:4b:d4:33:7a:05:29:3d:14:aa:cb:3d:0e:d2:f7:
         9d:8a:b6:a0:46:45:a5:59:24:58:81:6f:2e:98:2b:c3:27:cb:
         b3:45:64:58:92:53:23:e4:16:7b:71:e4:63:db:07:56:35:54:
         cc:ce:3d:8f:96:1b:1e:69:8c:39:01:53:ee:d5:c7:25:20:b9:
         88:94:72:77:ba:41:c6:28:c8:dd:18:79:82:77:29:37:0c:5c:
         84:7e:f7:2a:de:c5:31:2b:90:05:d4:75:bb:a5:a3:2a:05:d5:
         34:30:0e:5c:37:21:e9:98:cd:b8:2e:0b:45:aa:64:e8:1b:5d:
         06:9e:ba:36:59:a7:4d:23:a9:7e:f4:4c:21:ed:e2:71:2c:ac:
         fc:1a:04:2b:6f:ff:90:3c:45:54:a7:1d:20:34:16:58:10:77:
         30:f1:74:19:4a:3b:0b:a5:52:77:7a:ba:f6:b5:01:21:91:e9:
         64:0b:3a:20:03:16:38:ee:64:db:f2:15:3d:92:80:ac:51:99:
         40:81:5c:97:18:5d:6e:cc:53:d3:a9:7d:fa:59:e7:b1:92:48:
         09:8f:12:f2:56:9e:6f:a0:a6:16:25:1f:2a:5c:61:1d:f3:5b:
         c7:7c:0f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoJOpBYyAh+1k5A3qE56GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjUwOTA3MTAwMjMwWhcNMjUwOTA4MTAwMjMwWjAzMTEwLwYDVQQD
EyhlOTEwOWNjZTNlNTQ1YzBkMGUyZmE4MjFhNTkwZmE1ZjlmZWIyNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tO/GJuCkyvk1M9ilU+n0TuusRcm
Oj4hKCkwhAcaTArSpwCGVWIGvIuFjEdsE4daRnMaS7vQgAXliVZ8EJ+4GJc21c+Y
8IARXu4OgfM1dg7TDuyHL5lyhZkj1PD2IwJPsxQWUXRyuUx+MTcWe2hXv81FzJdt
7l97pAfEGQ7/yTDJCxC1h9XOOF9pv/W3y2s/1SAJUYbsNKtQ8CqYmB5DC9NAlyE4
E7k3S6oI/YT9t0Iuzm3knKKZxh3rW89HdyJQZb7GFgIzJFB1XlP3Py8CIlfDgMkZ
Px+CKy72yCUHh73R5AhDCgD1PZ13ACzxgpygXqdoy1a26oFnrSZK3ULXoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkQnM4+VFwNDi+oIaWQ+l+f6yduMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyBFsTXZw
g188PkOdX6P3zoodiedMm0vUM3oFKT0Uqss9DtL3nYq2oEZFpVkkWIFvLpgrwyfL
s0VkWJJTI+QWe3HkY9sHVjVUzM49j5YbHmmMOQFT7tXHJSC5iJRyd7pBxijI3Rh5
gncpNwxchH73Kt7FMSuQBdR1u6WjKgXVNDAOXDch6ZjNuC4LRapk6BtdBp66Nlmn
TSOpfvRMIe3icSys/BoEK2//kDxFVKcdIDQWWBB3MPF0GUo7C6VSd3q69rUBIZHp
ZAs6IAMWOO5k2/IVPZKArFGZQIFclxhdbsxT06l9+lnnsZJICY8S8laeb6CmFiUf
KlxhHfNbx3wPsw==
-----END CERTIFICATE-----