Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          SRh48svIph46dw1ZNbPMJ6ZZG6RI3zD2EdfdKp2l8uw=
Subject key identifier:   34:0E:BC:F0:1B:F4:87:95:C3:1C:5B:0D:DD:E1:05:C9:71:9E:3F:BB
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       0198D472D4D3782C4F8E015661425D63020A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:02:31 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:31 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:31 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: B5ZJm77BL8qF8chl27S7KjRHjNmXbmrCYuwunXNDZqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:d4:d3:78:2c:4f:8e:01:56:61:42:5d:63:02:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Aug 23 01:02:31 2025 GMT
            Not After : Aug 24 01:02:31 2025 GMT
        Subject: CN=340ebcf01bf48795c31c5b0ddde105c9719e3fbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:7f:34:95:9b:de:51:f8:93:14:c7:51:2e:c7:
                    01:9c:d1:bf:18:1a:a1:63:df:87:db:c0:3c:6a:47:
                    a8:fb:1a:8b:10:42:65:db:79:aa:58:d1:0e:21:b6:
                    5c:20:12:2f:99:c4:41:b6:fe:5f:04:68:8d:b2:16:
                    e0:16:ac:9f:ff:e7:c5:95:c9:46:16:eb:03:9f:c2:
                    2c:e3:7d:fb:83:f5:b5:57:ce:d8:0b:a4:02:89:6c:
                    6a:ca:ac:50:b3:d6:36:66:f1:b3:93:ed:df:1c:ea:
                    aa:8d:af:6d:82:74:54:f3:40:f1:05:f5:56:8b:c5:
                    57:69:33:69:2e:61:72:05:88:8d:17:7e:5b:7d:54:
                    bd:d2:f5:cc:39:ed:23:1f:32:81:b4:fb:a2:58:ea:
                    5c:f0:3a:13:a6:79:4c:02:83:67:a9:71:47:2c:61:
                    c6:f7:af:fa:fc:54:82:9d:c3:f8:0e:5d:d0:ac:86:
                    58:1b:97:cc:80:39:45:c0:b7:d1:bd:22:f7:78:3d:
                    e5:c0:df:9e:e7:a9:2a:94:f1:97:30:5f:b5:46:67:
                    fb:0d:76:94:bf:9e:ac:6c:32:42:3f:c2:7f:1c:98:
                    30:93:62:99:73:c9:8b:d6:18:51:1e:22:37:92:85:
                    b9:79:43:c1:86:63:08:45:0d:8b:e8:0f:20:2d:3e:
                    11:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:0E:BC:F0:1B:F4:87:95:C3:1C:5B:0D:DD:E1:05:C9:71:9E:3F:BB
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:f1:e3:1d:d5:0a:b5:0e:39:c1:80:60:65:fb:5b:55:dd:c2:
         5c:b1:f1:5f:14:be:2c:a8:9d:bf:18:93:73:38:9d:49:4f:33:
         22:be:17:f5:bd:32:f4:a8:6d:de:5e:67:78:52:13:40:a1:a7:
         a2:c3:d4:7d:21:a2:aa:c4:fc:fc:be:f9:3d:eb:af:b1:48:d8:
         d4:41:eb:26:83:a3:54:7e:e1:16:20:1c:61:cf:f0:70:94:50:
         81:fd:fb:f2:59:8b:e9:90:9c:da:18:dd:11:cf:8c:91:9c:b0:
         2c:bb:79:7b:1f:42:e1:b0:4b:59:57:97:26:06:8b:66:5c:34:
         78:a9:4f:1d:2a:f8:4d:82:8b:8c:7a:92:9f:51:27:a7:a4:7b:
         8f:7a:c3:cf:86:96:49:9f:f5:02:a3:7f:ff:5d:bf:e4:96:08:
         4a:22:ac:70:5e:73:a3:17:b2:62:f5:f3:8b:80:ea:84:2a:95:
         92:c0:0f:80:59:03:37:c0:3b:17:58:81:b9:e9:29:40:18:21:
         e1:f3:80:88:60:23:1c:3c:91:d2:8a:01:86:d4:0e:4d:8e:d1:
         02:1f:77:4f:26:9f:5d:ee:ef:60:2e:56:d8:ed:fd:7d:a7:bb:
         9a:1a:52:b9:78:aa:ba:1b:0a:5b:86:e1:c5:9f:87:6f:93:60:
         6c:0e:02:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUctTTeCxPjgFWYUJdYwIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwODIzMDEwMjMxWhcNMjUwODI0MDEwMjMxWjAzMTEwLwYDVQQD
EygzNDBlYmNmMDFiZjQ4Nzk1YzMxYzViMGRkZGUxMDVjOTcxOWUzZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH80lZveUfiTFMdRLscBnNG/GBqh
Y9+H28A8akeo+xqLEEJl23mqWNEOIbZcIBIvmcRBtv5fBGiNshbgFqyf/+fFlclG
FusDn8Is4337g/W1V87YC6QCiWxqyqxQs9Y2ZvGzk+3fHOqqja9tgnRU80DxBfVW
i8VXaTNpLmFyBYiNF35bfVS90vXMOe0jHzKBtPuiWOpc8DoTpnlMAoNnqXFHLGHG
96/6/FSCncP4Dl3QrIZYG5fMgDlFwLfRvSL3eD3lwN+e56kqlPGXMF+1Rmf7DXaU
v56sbDJCP8J/HJgwk2KZc8mL1hhRHiI3koW5eUPBhmMIRQ2L6A8gLT4RtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQOvPAb9IeVwxxbDd3hBclxnj+7MB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnvHjHdUK
tQ45wYBgZftbVd3CXLHxXxS+LKidvxiTczidSU8zIr4X9b0y9Kht3l5neFITQKGn
osPUfSGiqsT8/L75PeuvsUjY1EHrJoOjVH7hFiAcYc/wcJRQgf378lmL6ZCc2hjd
Ec+MkZywLLt5ex9C4bBLWVeXJgaLZlw0eKlPHSr4TYKLjHqSn1Enp6R7j3rDz4aW
SZ/1AqN//12/5JYISiKscF5zoxeyYvXzi4DqhCqVksAPgFkDN8A7F1iBuekpQBgh
4fOAiGAjHDyR0ooBhtQOTY7RAh93TyafXe7vYC5W2O39fae7mhpSuXiquhsKW4bh
xZ+Hb5NgbA4C5w==
-----END CERTIFICATE-----