Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
File:                     la6L0zJJzx7V8NQ5gUfv0y0lQho.mft (raw, json)
Hash identifier:          D1I/oxBRG2QxAvaQm2B/b8NTs6d3Iy5Iy/aqOO7xW6A=
Subject key identifier:   B4:D8:3A:48:C2:3E:E2:BB:22:D2:A2:5E:A6:D6:90:13:EB:E0:82:DB
Authority key identifier: 95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A
Certificate issuer:       /CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
Certificate serial:       0198D84FE6580BA0CCA7F881F3B3929F7B66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
Manifest number:          0DBA
Signing time:             Sat 23 Aug 2025 19:02:51 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:51 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:51 +0000
Files and hashes:         1: la6L0zJJzx7V8NQ5gUfv0y0lQho.crl (hash: Mqa8qOOuYDdycTIA8g+Yo1EAbrZM6IXb3lCa/zKcKgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:e6:58:0b:a0:cc:a7:f8:81:f3:b3:92:9f:7b:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
        Validity
            Not Before: Aug 23 19:02:51 2025 GMT
            Not After : Aug 24 19:02:51 2025 GMT
        Subject: CN=b4d83a48c23ee2bb22d2a25ea6d69013ebe082db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7e:54:25:b9:7f:f4:aa:de:45:1d:18:e7:a0:
                    e7:3c:f2:d8:cb:20:bf:a7:03:c0:c7:ef:b0:6d:4f:
                    7b:d9:68:a0:b6:c8:e6:97:a7:4a:e7:86:dd:b8:b5:
                    94:83:57:b2:95:89:45:2c:1b:88:7a:12:ae:25:db:
                    3d:9e:f7:f3:eb:03:b6:55:fb:67:02:5b:2d:9c:ff:
                    3d:c2:14:58:fa:63:4c:7e:1e:b6:19:fa:7b:21:47:
                    30:d6:8e:d8:f5:d6:f8:f2:50:05:d1:02:dc:43:49:
                    18:f8:ea:9e:79:03:7a:42:e8:13:6a:37:1a:b3:f2:
                    22:0a:d1:d8:c7:2c:11:9b:f9:dc:fc:1f:8d:80:d2:
                    c1:c8:60:a7:b1:6e:ee:af:f8:ab:9e:1b:d9:cb:d5:
                    fa:10:94:52:d9:dc:f0:10:96:c5:f1:9c:6a:03:8f:
                    7c:71:f7:85:c8:23:99:74:16:de:af:bd:d7:b4:79:
                    c8:c0:ea:2f:59:fb:ff:3b:5b:5b:05:58:47:ca:54:
                    19:7a:b0:6e:89:ba:44:06:6b:42:4f:f9:69:94:08:
                    45:f2:c3:80:3c:69:56:8f:23:95:74:60:99:e9:8b:
                    ce:eb:4e:c5:0d:25:dc:a5:e1:c8:54:09:bf:04:6e:
                    b0:04:7d:e4:96:9e:53:89:74:59:45:59:c9:b9:8d:
                    3e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D8:3A:48:C2:3E:E2:BB:22:D2:A2:5E:A6:D6:90:13:EB:E0:82:DB
            X509v3 Authority Key Identifier:
                keyid:95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:9d:85:cd:63:e1:2e:60:c5:f1:21:39:eb:80:69:99:99:39:
         f7:e4:3b:1a:10:e7:fe:78:88:17:07:2c:c1:d7:89:8f:e6:37:
         0a:af:54:04:71:0f:11:04:ce:28:4a:d0:09:5b:28:8b:5a:b8:
         03:f0:c6:67:d3:33:d2:f7:00:57:3e:9b:d0:89:7f:a7:ed:73:
         a2:66:63:39:e4:ba:f2:d8:f9:c4:f4:0e:50:3e:b3:53:37:8d:
         3f:bb:b7:b2:4c:74:8c:ec:91:55:5c:0f:02:53:4f:9f:83:15:
         7a:63:9c:e2:8a:c1:14:30:8f:f7:cd:52:6b:c6:20:f3:07:eb:
         98:39:44:df:ff:14:ea:2d:e8:b5:54:6f:52:8a:ab:65:f4:bf:
         d5:63:1f:c6:50:bd:93:4c:c1:e0:03:31:e5:19:a9:42:e4:b2:
         9a:13:2d:2e:65:b9:ea:56:c1:51:8f:c3:9d:f2:78:a5:44:a4:
         ef:10:8b:11:5d:f1:79:f9:1c:ed:22:bd:ec:f7:62:7e:53:14:
         07:d7:c1:70:ac:b4:0e:de:42:23:c7:18:9b:37:2f:f9:cc:ee:
         8d:66:5b:c4:27:44:1b:11:77:99:7a:7b:3a:13:cc:80:76:f1:
         7f:7e:2f:4f:43:82:71:e2:4d:be:a1:07:4f:cb:4b:c6:be:bc:
         81:07:8a:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT+ZYC6DMp/iB87OSn3tmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YWU4YmQzMzI0OWNmMWVkNWYwZDQzOTgxNDdlZmQzMmQy
NTQyMWEwHhcNMjUwODIzMTkwMjUxWhcNMjUwODI0MTkwMjUxWjAzMTEwLwYDVQQD
EyhiNGQ4M2E0OGMyM2VlMmJiMjJkMmEyNWVhNmQ2OTAxM2ViZTA4MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq35UJbl/9KreRR0Y56DnPPLYyyC/
pwPAx++wbU972Wigtsjml6dK54bduLWUg1eylYlFLBuIehKuJds9nvfz6wO2Vftn
AlstnP89whRY+mNMfh62Gfp7IUcw1o7Y9db48lAF0QLcQ0kY+OqeeQN6QugTajca
s/IiCtHYxywRm/nc/B+NgNLByGCnsW7ur/irnhvZy9X6EJRS2dzwEJbF8ZxqA498
cfeFyCOZdBber73XtHnIwOovWfv/O1tbBVhHylQZerBuibpEBmtCT/lplAhF8sOA
PGlWjyOVdGCZ6YvO607FDSXcpeHIVAm/BG6wBH3klp5TiXRZRVnJuY0+mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTYOkjCPuK7ItKiXqbWkBPr4ILbMB8GA1UdIwQY
MBaAFJWui9MySc8e1fDUOYFH79MtJUIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUt
OGZmYmQ2YzczYmY1LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUtOGZmYmQ2YzczYmY1
LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP52FzWPh
LmDF8SE564BpmZk59+Q7GhDn/niIFwcswdeJj+Y3Cq9UBHEPEQTOKErQCVsoi1q4
A/DGZ9Mz0vcAVz6b0Il/p+1zomZjOeS68tj5xPQOUD6zUzeNP7u3skx0jOyRVVwP
AlNPn4MVemOc4orBFDCP981Sa8Yg8wfrmDlE3/8U6i3otVRvUoqrZfS/1WMfxlC9
k0zB4AMx5RmpQuSymhMtLmW56lbBUY/DnfJ4pUSk7xCLEV3xefkc7SK97PdiflMU
B9fBcKy0Dt5CI8cYmzcv+czujWZbxCdEGxF3mXp7OhPMgHbxf34vT0OCceJNvqEH
T8tLxr68gQeKjA==
-----END CERTIFICATE-----