Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
File:                     la6L0zJJzx7V8NQ5gUfv0y0lQho.mft (raw, json)
Hash identifier:          wNS3nSdgM7Z0AH5F0/8FjZV1QEurCONfM4b6Pt87dUs=
Subject key identifier:   99:A3:74:47:79:AA:24:A1:52:89:B4:11:0A:D8:E4:3B:B1:40:88:C7
Authority key identifier: 95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A
Certificate issuer:       /CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
Certificate serial:       0199FDDA07D653E41E8266E48247C1DACE6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
Manifest number:          0E52
Signing time:             Sun 19 Oct 2025 19:02:28 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:28 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:28 +0000
Files and hashes:         1: la6L0zJJzx7V8NQ5gUfv0y0lQho.crl (hash: WY5NIEilNeVjxX/dTA3sdu0WZwUAtyNq1O1/1KeSD4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:07:d6:53:e4:1e:82:66:e4:82:47:c1:da:ce:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
        Validity
            Not Before: Oct 19 19:02:28 2025 GMT
            Not After : Oct 20 19:02:28 2025 GMT
        Subject: CN=99a3744779aa24a15289b4110ad8e43bb14088c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3a:ed:59:41:19:8d:74:3d:85:8d:37:5f:54:
                    86:9d:1c:26:4e:a7:f8:6f:cc:87:37:a8:e4:54:35:
                    a7:23:a2:52:ae:17:77:c6:9e:22:72:fb:f8:95:de:
                    41:0b:f7:f7:8d:e0:38:08:a8:90:c5:e6:46:c8:79:
                    ba:21:ca:fe:fd:32:a8:6e:eb:aa:0f:1c:29:a2:31:
                    3d:6f:f0:93:da:09:b1:90:6b:a7:3a:d2:09:c1:c0:
                    da:91:20:69:14:d2:b9:81:22:12:9d:e3:6a:db:c0:
                    cd:58:72:8f:a8:95:a1:8d:b1:ec:86:8b:c5:3e:89:
                    f5:e8:4e:83:f9:54:c6:d6:78:18:2d:da:56:50:8d:
                    04:86:33:75:a0:92:50:52:df:0d:e6:56:4f:11:97:
                    de:59:09:21:7a:db:01:7a:7e:37:27:8f:69:a9:eb:
                    9a:e9:dc:1a:e0:ea:28:07:43:22:28:16:90:18:77:
                    5b:c5:97:fd:4a:3b:f7:27:b3:ec:9a:2f:79:88:d2:
                    78:4b:20:21:e4:6c:37:7a:84:10:16:b3:cd:6a:3e:
                    7d:57:dd:9f:38:8d:75:2c:65:4d:3d:65:23:b4:39:
                    70:11:5c:1d:76:e1:7d:4a:bd:e4:f9:48:dc:2a:30:
                    9a:f5:47:10:b6:91:8d:47:8a:90:2b:87:66:44:16:
                    b5:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A3:74:47:79:AA:24:A1:52:89:B4:11:0A:D8:E4:3B:B1:40:88:C7
            X509v3 Authority Key Identifier:
                keyid:95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:36:64:cb:71:1f:18:68:79:1e:49:1a:b3:7d:f1:db:cc:b8:
         aa:af:7d:5e:f4:76:14:dc:f2:64:2c:e2:95:53:d1:de:9e:c5:
         7d:ca:26:5e:5e:79:4c:1b:fa:b6:31:5d:24:06:4f:59:b9:3b:
         0e:3d:4f:24:56:b1:9d:42:20:59:9d:ba:11:0b:20:8b:62:f7:
         bd:7e:75:5b:39:19:2f:8a:92:b1:5c:03:0a:0b:5f:2b:d4:45:
         07:a2:4c:a2:65:b9:70:09:8a:5d:85:ae:8d:50:3e:bd:f2:cc:
         55:e4:05:d8:c7:8c:e1:9a:ad:a2:d8:a0:cf:ff:50:9e:15:2f:
         4d:ef:f4:f9:8c:57:d9:91:43:ba:61:25:36:1a:ea:81:61:fd:
         6a:21:56:3d:18:c7:4a:ef:7f:d2:d3:a2:5f:32:c6:00:17:bf:
         44:1f:25:6a:e8:36:68:60:1d:ba:69:86:f0:7c:b8:2a:8a:7d:
         98:45:e2:18:c0:64:2a:17:b9:84:84:39:d8:57:d8:bc:b9:a1:
         c2:f2:6d:b2:3c:05:4d:30:5d:df:91:5f:93:96:b2:21:2c:87:
         d0:2f:a2:dd:7d:3a:64:4d:e0:74:2d:cd:fa:13:5d:6f:fb:59:
         14:2e:c0:61:45:30:84:7e:d0:ee:81:ac:05:8a:2b:2a:74:be:
         14:36:35:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92gfWU+QegmbkgkfB2s5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YWU4YmQzMzI0OWNmMWVkNWYwZDQzOTgxNDdlZmQzMmQy
NTQyMWEwHhcNMjUxMDE5MTkwMjI4WhcNMjUxMDIwMTkwMjI4WjAzMTEwLwYDVQQD
Eyg5OWEzNzQ0Nzc5YWEyNGExNTI4OWI0MTEwYWQ4ZTQzYmIxNDA4OGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjrtWUEZjXQ9hY03X1SGnRwmTqf4
b8yHN6jkVDWnI6JSrhd3xp4icvv4ld5BC/f3jeA4CKiQxeZGyHm6Icr+/TKobuuq
DxwpojE9b/CT2gmxkGunOtIJwcDakSBpFNK5gSISneNq28DNWHKPqJWhjbHshovF
Pon16E6D+VTG1ngYLdpWUI0EhjN1oJJQUt8N5lZPEZfeWQkhetsBen43J49pqeua
6dwa4OooB0MiKBaQGHdbxZf9Sjv3J7Psmi95iNJ4SyAh5Gw3eoQQFrPNaj59V92f
OI11LGVNPWUjtDlwEVwdduF9Sr3k+UjcKjCa9UcQtpGNR4qQK4dmRBa1IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmjdEd5qiShUom0EQrY5DuxQIjHMB8GA1UdIwQY
MBaAFJWui9MySc8e1fDUOYFH79MtJUIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUt
OGZmYmQ2YzczYmY1LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUtOGZmYmQ2YzczYmY1
LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDZky3Ef
GGh5Hkkas33x28y4qq99XvR2FNzyZCzilVPR3p7FfcomXl55TBv6tjFdJAZPWbk7
Dj1PJFaxnUIgWZ26EQsgi2L3vX51WzkZL4qSsVwDCgtfK9RFB6JMomW5cAmKXYWu
jVA+vfLMVeQF2MeM4Zqtotigz/9QnhUvTe/0+YxX2ZFDumElNhrqgWH9aiFWPRjH
Su9/0tOiXzLGABe/RB8laug2aGAdummG8Hy4Kop9mEXiGMBkKhe5hIQ52FfYvLmh
wvJtsjwFTTBd35Ffk5ayISyH0C+i3X06ZE3gdC3N+hNdb/tZFC7AYUUwhH7Q7oGs
BYorKnS+FDY1ng==
-----END CERTIFICATE-----