Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          4GZqn0vtSCuG1CNo+i/8u+fIlR7VYNwJ0dsirecu5OA=
Subject key identifier:   C6:3C:AE:E2:14:0C:80:A8:59:15:58:1C:52:6B:AA:FC:56:32:3E:D3
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0196BB91DD206DF66E725E56C0279F5A4F08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0CCC
Signing time:             Sat 10 May 2025 19:00:20 +0000
Manifest this update:     Sat 10 May 2025 19:00:20 +0000
Manifest next update:     Sun 11 May 2025 19:00:20 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: 4cJ8IYtyCjvniPaqd5r/9Db5QwTFYuKf/uydvSOC3zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:dd:20:6d:f6:6e:72:5e:56:c0:27:9f:5a:4f:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: May 10 19:00:20 2025 GMT
            Not After : May 11 19:00:20 2025 GMT
        Subject: CN=c63caee2140c80a85915581c526baafc56323ed3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:58:b0:06:fb:2d:ad:08:3e:2d:ea:b8:25:b8:
                    56:2e:c3:87:7a:1e:9a:8e:4b:56:8a:5e:01:d3:50:
                    71:6c:8e:7c:ac:88:38:52:aa:5f:bd:0c:74:5e:be:
                    0f:db:ab:9f:9e:3f:7d:a5:42:e9:f3:ff:5d:25:02:
                    84:84:e6:f6:26:1f:cd:98:9a:53:97:e5:f2:99:fe:
                    b2:d4:92:01:36:da:8e:95:45:00:55:b1:1b:39:18:
                    30:14:22:0a:d2:26:38:e6:d0:e1:a0:54:4c:c9:9e:
                    66:1c:4f:7c:fb:00:1e:17:1d:cd:d7:32:02:5d:36:
                    33:5c:f3:34:b7:cd:d9:af:ac:88:09:6d:95:e6:33:
                    a7:af:29:12:c7:8a:7c:2b:b7:0b:ee:2f:e6:f1:a2:
                    60:ee:a7:c3:19:5a:d0:02:2e:80:3c:7d:9c:ea:74:
                    44:33:ca:34:12:06:82:ad:df:dd:9a:5a:fa:6d:23:
                    ae:f3:a9:6f:a5:06:99:47:90:d0:86:e1:ea:2d:5a:
                    8d:cf:75:26:c6:bb:e3:d8:b5:75:38:86:6d:9b:84:
                    eb:96:f1:a7:52:80:c8:6d:3f:0e:57:ac:7a:23:23:
                    7c:6e:79:fa:ad:21:15:d3:c1:97:dd:fe:84:0a:8b:
                    17:14:d3:32:db:c5:21:3c:07:48:52:9d:e0:24:5e:
                    ed:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3C:AE:E2:14:0C:80:A8:59:15:58:1C:52:6B:AA:FC:56:32:3E:D3
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:6e:9f:28:09:4e:1b:4e:60:dd:4c:9e:dc:2b:89:c1:54:6a:
         eb:a0:02:80:4a:f9:2d:67:8e:94:7d:47:82:0f:25:9d:0a:99:
         d9:de:5f:90:f9:0b:4b:f2:b4:44:9f:39:90:88:a3:1e:71:86:
         bd:72:b0:dd:2f:bc:42:24:07:a4:1a:93:35:97:d6:83:db:74:
         ec:2e:38:4b:bd:19:a1:4b:19:e8:84:d7:1b:d6:55:24:2b:7a:
         f7:cc:c9:ef:34:30:f8:90:aa:ae:ea:48:df:90:ce:de:f2:b7:
         6b:da:ad:a9:76:df:bb:16:5d:04:17:ac:2b:f9:6f:cb:ed:32:
         21:c3:5d:f6:8d:07:3b:92:5a:2d:5a:8c:fc:b8:5e:d6:72:40:
         84:60:20:6a:e7:49:ba:80:61:51:ef:03:ff:33:3f:43:77:bd:
         59:5d:cd:92:e7:6b:38:0f:07:90:bb:92:6b:5f:0e:a4:a1:68:
         93:99:fa:39:93:e8:33:24:ff:a4:fb:86:be:52:25:93:20:77:
         fc:a1:70:26:d5:cf:3f:94:cf:d4:9d:69:eb:7b:37:3f:f0:45:
         a4:20:53:1d:f4:52:55:b6:34:70:32:2c:5f:89:eb:08:bf:62:
         fe:fe:71:50:8a:c6:e2:c1:b7:9e:04:1c:52:1b:2f:48:50:7a:
         b2:20:b5:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kd0gbfZucl5WwCefWk8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwNTEwMTkwMDIwWhcNMjUwNTExMTkwMDIwWjAzMTEwLwYDVQQD
EyhjNjNjYWVlMjE0MGM4MGE4NTkxNTU4MWM1MjZiYWFmYzU2MzIzZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1iwBvstrQg+Leq4JbhWLsOHeh6a
jktWil4B01BxbI58rIg4UqpfvQx0Xr4P26ufnj99pULp8/9dJQKEhOb2Jh/NmJpT
l+Xymf6y1JIBNtqOlUUAVbEbORgwFCIK0iY45tDhoFRMyZ5mHE98+wAeFx3N1zIC
XTYzXPM0t83Zr6yICW2V5jOnrykSx4p8K7cL7i/m8aJg7qfDGVrQAi6APH2c6nRE
M8o0EgaCrd/dmlr6bSOu86lvpQaZR5DQhuHqLVqNz3Umxrvj2LV1OIZtm4TrlvGn
UoDIbT8OV6x6IyN8bnn6rSEV08GX3f6ECosXFNMy28UhPAdIUp3gJF7t3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY8ruIUDICoWRVYHFJrqvxWMj7TMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZW6fKAlO
G05g3Uye3CuJwVRq66ACgEr5LWeOlH1Hgg8lnQqZ2d5fkPkLS/K0RJ85kIijHnGG
vXKw3S+8QiQHpBqTNZfWg9t07C44S70ZoUsZ6ITXG9ZVJCt698zJ7zQw+JCqrupI
35DO3vK3a9qtqXbfuxZdBBesK/lvy+0yIcNd9o0HO5JaLVqM/Lhe1nJAhGAgaudJ
uoBhUe8D/zM/Q3e9WV3NkudrOA8HkLuSa18OpKFok5n6OZPoMyT/pPuGvlIlkyB3
/KFwJtXPP5TP1J1p63s3P/BFpCBTHfRSVbY0cDIsX4nrCL9i/v5xUIrG4sG3ngQc
UhsvSFB6siC1XQ==
-----END CERTIFICATE-----