Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          55mfzZkf/gwArt3TGlZo31BQ1V5piv8X5xVbrKWjveQ=
Subject key identifier:   FC:46:55:06:76:5C:32:C8:DF:45:DB:2F:BE:66:93:8E:59:A1:B2:B4
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0197B6A046A9A5A730F405629805F959FA88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0D4E
Signing time:             Sat 28 Jun 2025 13:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:46 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: w4ZJQ6iyRZA8WPcupKaBQG+b66YOokQwt2FfDZR8Mrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:46:a9:a5:a7:30:f4:05:62:98:05:f9:59:fa:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Jun 28 13:00:46 2025 GMT
            Not After : Jun 29 13:00:46 2025 GMT
        Subject: CN=fc465506765c32c8df45db2fbe66938e59a1b2b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:95:8f:df:eb:c7:bc:2d:b4:60:ca:c5:a2:15:
                    92:fc:a1:b5:1a:2f:2e:19:54:d8:c5:d1:a2:86:b1:
                    5c:51:b2:ab:17:bb:e9:d4:99:d7:c2:56:12:21:b8:
                    cd:78:67:6c:bf:5b:6a:54:7a:74:f1:ab:14:76:a7:
                    a7:3c:d0:0b:8d:df:51:c0:8a:0a:70:35:b9:dd:4e:
                    d9:41:20:0e:04:f9:1f:68:58:9b:db:c2:7c:a3:f0:
                    c3:8d:a3:34:0b:df:f2:7e:02:38:67:8e:da:e5:b9:
                    be:e7:09:02:ba:9a:19:67:8f:bc:05:54:93:60:5e:
                    37:36:de:6d:30:3d:02:86:f9:c7:c1:8d:76:91:0e:
                    0e:87:a4:45:3b:f0:bb:1f:1e:bc:bd:39:45:83:e4:
                    02:a7:e1:5b:aa:0e:28:5b:cc:8e:1d:b6:44:4f:43:
                    3a:26:87:d3:3d:7e:b9:87:db:43:35:4b:33:f2:5b:
                    78:bd:22:02:f0:81:2f:26:22:07:2b:9c:46:c9:35:
                    2a:de:fe:cd:d4:9a:33:16:e3:0c:66:a5:9b:68:5f:
                    7d:03:b6:e9:82:ee:9d:5c:24:53:d2:dd:05:32:1d:
                    83:ab:a1:98:ff:60:88:ca:a7:c6:88:76:52:fb:97:
                    06:c0:c8:5c:a7:0a:7b:28:60:c0:a5:72:4d:f8:b6:
                    be:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:46:55:06:76:5C:32:C8:DF:45:DB:2F:BE:66:93:8E:59:A1:B2:B4
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:29:c4:8a:0c:ba:57:b6:82:6b:1d:ad:c4:ff:bb:04:6a:8a:
         95:5f:17:c5:1d:96:c6:40:dc:74:03:d9:13:5a:5a:fa:94:e0:
         08:99:01:b3:f5:ec:08:ba:69:2b:fe:43:93:ab:96:f1:c3:26:
         4a:89:06:3b:5b:dd:d6:46:b7:7e:46:a3:6e:a1:4e:fe:d1:0a:
         5e:db:49:a4:2e:1e:22:f9:9e:8b:ad:ef:62:77:9d:46:62:ab:
         a9:f1:e5:0b:1c:d8:d0:67:3b:48:b5:8c:fc:1e:13:dd:b7:6a:
         1b:72:31:2b:d9:7d:76:be:24:13:77:5b:9b:23:ec:81:0a:59:
         dc:8b:c3:87:c7:1e:39:4f:4e:d1:e2:a1:9c:bd:fa:86:42:ba:
         b1:a3:02:de:ee:db:a0:bd:41:02:c9:09:05:e6:d9:3a:6b:ba:
         aa:d4:8c:94:7c:74:69:ce:ae:01:fc:92:3b:e1:64:14:83:47:
         cd:2c:1d:6c:d6:6c:b3:b4:6d:9a:5c:ce:38:37:3e:a0:fc:2a:
         dd:0e:2b:7e:80:cc:16:43:87:0f:17:fd:75:02:67:39:2b:26:
         7d:64:29:a9:e8:86:81:31:90:d6:6e:5b:7a:50:07:46:5d:4a:
         ea:73:d9:30:8f:c2:e9:45:c4:66:97:50:80:26:cd:10:cd:61:
         9f:5e:90:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oEappacw9AVimAX5WfqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwNjI4MTMwMDQ2WhcNMjUwNjI5MTMwMDQ2WjAzMTEwLwYDVQQD
EyhmYzQ2NTUwNjc2NWMzMmM4ZGY0NWRiMmZiZTY2OTM4ZTU5YTFiMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZWP3+vHvC20YMrFohWS/KG1Gi8u
GVTYxdGihrFcUbKrF7vp1JnXwlYSIbjNeGdsv1tqVHp08asUdqenPNALjd9RwIoK
cDW53U7ZQSAOBPkfaFib28J8o/DDjaM0C9/yfgI4Z47a5bm+5wkCupoZZ4+8BVST
YF43Nt5tMD0ChvnHwY12kQ4Oh6RFO/C7Hx68vTlFg+QCp+Fbqg4oW8yOHbZET0M6
JofTPX65h9tDNUsz8lt4vSIC8IEvJiIHK5xGyTUq3v7N1JozFuMMZqWbaF99A7bp
gu6dXCRT0t0FMh2Dq6GY/2CIyqfGiHZS+5cGwMhcpwp7KGDApXJN+La+DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxGVQZ2XDLI30XbL75mk45ZobK0MB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSnEigy6
V7aCax2txP+7BGqKlV8XxR2WxkDcdAPZE1pa+pTgCJkBs/XsCLppK/5Dk6uW8cMm
SokGO1vd1ka3fkajbqFO/tEKXttJpC4eIvmei63vYnedRmKrqfHlCxzY0Gc7SLWM
/B4T3bdqG3IxK9l9dr4kE3dbmyPsgQpZ3IvDh8ceOU9O0eKhnL36hkK6saMC3u7b
oL1BAskJBebZOmu6qtSMlHx0ac6uAfySO+FkFINHzSwdbNZss7RtmlzOODc+oPwq
3Q4rfoDMFkOHDxf9dQJnOSsmfWQpqeiGgTGQ1m5belAHRl1K6nPZMI/C6UXEZpdQ
gCbNEM1hn16QFg==
-----END CERTIFICATE-----