Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          2Dt77/5vb1+WfYCkmtGR1LYg/PtobRyrb9xlshCdALs=
Subject key identifier:   B9:F1:11:9E:C3:2E:3C:C4:08:B3:48:E2:CA:B5:18:5F:0B:A2:9E:83
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0198D47346AD45DE719B02EDFC350873CF8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0DE2
Signing time:             Sat 23 Aug 2025 01:03:01 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:01 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:01 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: OGesINt7rAMVkDdVDpZbtWE91dnswvyVKDwWxWHVFTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:46:ad:45:de:71:9b:02:ed:fc:35:08:73:cf:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Aug 23 01:03:01 2025 GMT
            Not After : Aug 24 01:03:01 2025 GMT
        Subject: CN=b9f1119ec32e3cc408b348e2cab5185f0ba29e83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8a:be:b6:e3:fb:c6:86:7f:ad:4b:a1:ff:be:
                    4e:24:d8:4f:b8:07:67:b3:42:b8:ed:a9:79:57:9e:
                    68:3f:0a:0f:47:49:3a:db:e7:9e:ff:8f:43:85:e5:
                    a7:a3:6f:b0:7d:a3:7c:b0:b2:82:4d:b9:c3:5a:72:
                    58:b4:51:96:fe:d9:9e:d7:6d:7e:fa:ee:fa:ce:7a:
                    32:ba:86:18:b1:d5:2e:18:97:f3:dc:bc:9d:60:a7:
                    74:d7:cb:09:3c:fc:89:c1:74:5d:00:b6:27:84:c3:
                    ef:21:ca:3b:f2:6e:05:3d:f2:91:58:79:d2:de:81:
                    15:c5:20:7c:bb:62:d2:e9:d9:5d:ea:20:3e:4d:dc:
                    2f:df:ed:4e:e9:35:70:53:ab:04:c6:6c:07:bb:c1:
                    61:50:cc:d2:e9:f3:5c:4e:a9:4d:42:a9:66:2f:83:
                    68:a2:73:52:bc:99:2e:4b:e7:8c:6b:84:5b:d9:65:
                    5f:89:98:bc:f8:f9:56:0a:43:4e:b9:bb:e2:ac:30:
                    55:1b:d3:db:81:f0:79:55:da:43:25:23:89:f7:47:
                    b3:80:ef:43:56:25:3d:4b:d2:4a:5d:75:7e:1a:d8:
                    c9:86:97:6d:fe:e9:7f:61:06:fa:60:a5:36:0d:85:
                    70:3a:6b:0b:25:b1:fd:9d:74:15:41:77:d1:d6:59:
                    56:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F1:11:9E:C3:2E:3C:C4:08:B3:48:E2:CA:B5:18:5F:0B:A2:9E:83
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:31:88:77:8f:4e:f4:ac:f1:ef:7f:f8:14:5c:2d:51:4a:bf:
         11:8b:a5:99:d6:da:df:de:4d:77:00:04:4c:fe:a2:5d:84:42:
         db:ad:75:1d:cd:73:29:84:17:b0:6f:76:a3:85:79:ef:86:ee:
         66:fd:62:b7:e8:80:68:f1:b4:fd:c7:3b:99:5e:d3:cb:2c:ff:
         a2:1d:bd:30:04:ae:7f:a6:f9:ca:75:dd:40:b1:68:69:32:ed:
         4e:6e:59:5b:a3:68:47:c8:04:cc:b4:c6:9b:2f:6d:43:31:bd:
         ab:36:63:48:45:ee:b8:0b:54:eb:b4:36:b5:cc:c8:85:41:10:
         75:6a:67:09:ce:a1:0a:d4:58:9b:44:11:70:21:64:58:f6:e8:
         a0:0d:53:be:69:46:54:e3:31:c3:d0:f3:81:d4:d6:de:e4:ac:
         25:05:73:32:57:51:c5:e8:c6:d9:b5:13:51:13:7a:3d:fc:d2:
         e6:3f:b9:ac:04:18:38:1f:e1:01:b1:d1:9e:60:41:29:69:b7:
         45:97:b2:8f:51:23:22:8b:07:ea:bb:43:54:f3:57:f6:52:ad:
         54:bf:2c:60:25:73:b5:46:8d:0b:b6:b7:be:36:45:21:09:e2:
         13:8c:c2:f8:2a:92:96:8c:da:5f:64:64:43:3a:e8:35:34:d5:
         1e:93:0e:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc0atRd5xmwLt/DUIc8+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwODIzMDEwMzAxWhcNMjUwODI0MDEwMzAxWjAzMTEwLwYDVQQD
EyhiOWYxMTE5ZWMzMmUzY2M0MDhiMzQ4ZTJjYWI1MTg1ZjBiYTI5ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIq+tuP7xoZ/rUuh/75OJNhPuAdn
s0K47al5V55oPwoPR0k62+ee/49DheWno2+wfaN8sLKCTbnDWnJYtFGW/tme121+
+u76znoyuoYYsdUuGJfz3LydYKd018sJPPyJwXRdALYnhMPvIco78m4FPfKRWHnS
3oEVxSB8u2LS6dld6iA+Tdwv3+1O6TVwU6sExmwHu8FhUMzS6fNcTqlNQqlmL4No
onNSvJkuS+eMa4Rb2WVfiZi8+PlWCkNOubvirDBVG9PbgfB5VdpDJSOJ90ezgO9D
ViU9S9JKXXV+GtjJhpdt/ul/YQb6YKU2DYVwOmsLJbH9nXQVQXfR1llW+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnxEZ7DLjzECLNI4sq1GF8Lop6DMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzGId49O
9Kzx73/4FFwtUUq/EYulmdba395NdwAETP6iXYRC2611Hc1zKYQXsG92o4V574bu
Zv1it+iAaPG0/cc7mV7Tyyz/oh29MASuf6b5ynXdQLFoaTLtTm5ZW6NoR8gEzLTG
my9tQzG9qzZjSEXuuAtU67Q2tczIhUEQdWpnCc6hCtRYm0QRcCFkWPbooA1TvmlG
VOMxw9DzgdTW3uSsJQVzMldRxejG2bUTURN6PfzS5j+5rAQYOB/hAbHRnmBBKWm3
RZeyj1EjIosH6rtDVPNX9lKtVL8sYCVztUaNC7a3vjZFIQniE4zC+CqSlozaX2Rk
QzroNTTVHpMOFw==
-----END CERTIFICATE-----