Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          cPgyv0op8pcq20nG/ei6PRgDpn3oNHlgQQOtmP/ryV4=
Subject key identifier:   3D:BC:80:B6:DB:DA:26:8B:D4:40:2D:55:3F:D1:04:B0:D9:12:CC:70
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0199FBEBA95318FAB649BE773BFE1466AA68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0E7B
Signing time:             Sun 19 Oct 2025 10:02:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:29 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: 7yyH76g+MUr5ACz/jsCjVJcHOAmkwtcGfJ7z4+JHa00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:a9:53:18:fa:b6:49:be:77:3b:fe:14:66:aa:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Oct 19 10:02:29 2025 GMT
            Not After : Oct 20 10:02:29 2025 GMT
        Subject: CN=3dbc80b6dbda268bd4402d553fd104b0d912cc70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:12:0c:01:bc:4a:b1:5a:20:4a:f1:30:dd:56:
                    3b:d8:94:55:f0:f0:36:e9:22:c4:c4:32:e0:96:78:
                    4b:df:25:ac:d1:e4:ae:13:69:b2:dc:3a:98:36:c8:
                    ae:c2:a0:5f:28:61:95:df:33:84:93:b8:10:e2:d2:
                    78:09:77:6a:79:dc:39:32:c2:6b:09:a3:be:d2:fe:
                    74:b0:81:57:c1:0b:0d:d4:2d:76:ab:87:be:f1:88:
                    12:c0:38:d1:bc:ae:a3:32:be:49:a3:5d:15:a6:8f:
                    00:be:8e:3d:80:61:49:32:42:92:11:04:18:75:c0:
                    60:a0:98:8a:e8:33:4c:47:3b:80:08:06:5a:bf:09:
                    ea:fb:e7:bb:67:c1:5a:b5:1b:7b:5a:9b:66:f5:07:
                    f2:97:cc:5c:a9:d4:4d:d6:54:32:1d:5a:c4:43:a2:
                    19:1f:ef:0c:3a:7d:28:1b:5b:c0:51:77:c2:40:75:
                    d9:5d:29:8a:db:c3:6c:95:8d:9d:8f:dc:aa:ac:2b:
                    87:56:c7:d8:db:24:69:de:31:a1:a0:ce:a2:3a:e3:
                    99:2c:7c:2a:03:9e:ed:3c:98:c8:06:99:38:11:b6:
                    cd:18:d3:0c:26:22:8c:db:e2:19:1b:60:4f:73:54:
                    79:27:34:a6:d3:4c:7e:1f:cd:41:4b:3e:9b:c6:fe:
                    03:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:BC:80:B6:DB:DA:26:8B:D4:40:2D:55:3F:D1:04:B0:D9:12:CC:70
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ba:52:b2:de:f1:2b:2c:c6:b6:87:e6:31:69:22:b9:07:df:
         4c:b5:da:16:e7:76:64:30:7a:90:6e:d7:d5:18:8a:2e:0f:9f:
         eb:8a:d5:c3:f0:59:02:c3:d2:ff:81:9a:86:b0:4a:06:db:a3:
         59:9b:a2:0f:b8:9e:e7:59:33:32:5d:ca:30:2d:1b:40:8f:20:
         4c:7f:c4:6d:37:a0:be:29:b5:8b:99:d4:0c:c1:80:c7:59:b9:
         4e:c5:2f:b2:af:0e:2f:0e:78:59:e5:d7:cb:2b:64:8d:9d:aa:
         f0:78:ef:ee:65:d9:8f:c1:6d:38:e1:68:78:5a:db:a0:4a:77:
         04:22:4b:a1:43:56:28:fe:aa:9d:30:98:ff:69:7b:62:f9:44:
         0a:27:54:45:33:97:0b:7b:ab:e7:f8:1d:d0:aa:65:25:e0:47:
         80:11:8a:ca:36:28:87:8d:1e:65:b2:f5:fc:cb:7a:9f:f9:55:
         bf:37:f1:bf:4b:0a:ec:3f:d8:63:8f:22:14:5d:eb:df:a3:68:
         e6:a6:e5:1b:a9:59:91:32:d4:dd:ae:21:8a:15:f1:36:18:eb:
         f4:61:b6:40:a5:cc:f6:e7:37:f2:ca:9d:c0:8b:f7:c2:2b:e0:
         2d:5f:cf:c8:78:69:5a:5e:aa:71:d2:ab:81:20:7b:45:3a:05:
         c7:fc:b6:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766lTGPq2Sb53O/4UZqpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUxMDE5MTAwMjI5WhcNMjUxMDIwMTAwMjI5WjAzMTEwLwYDVQQD
EygzZGJjODBiNmRiZGEyNjhiZDQ0MDJkNTUzZmQxMDRiMGQ5MTJjYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xIMAbxKsVogSvEw3VY72JRV8PA2
6SLExDLglnhL3yWs0eSuE2my3DqYNsiuwqBfKGGV3zOEk7gQ4tJ4CXdqedw5MsJr
CaO+0v50sIFXwQsN1C12q4e+8YgSwDjRvK6jMr5Jo10Vpo8Avo49gGFJMkKSEQQY
dcBgoJiK6DNMRzuACAZavwnq++e7Z8FatRt7Wptm9Qfyl8xcqdRN1lQyHVrEQ6IZ
H+8MOn0oG1vAUXfCQHXZXSmK28NslY2dj9yqrCuHVsfY2yRp3jGhoM6iOuOZLHwq
A57tPJjIBpk4EbbNGNMMJiKM2+IZG2BPc1R5JzSm00x+H81BSz6bxv4DFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD28gLbb2iaL1EAtVT/RBLDZEsxwMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB7pSst7x
KyzGtofmMWkiuQffTLXaFud2ZDB6kG7X1RiKLg+f64rVw/BZAsPS/4GahrBKBtuj
WZuiD7ie51kzMl3KMC0bQI8gTH/EbTegvim1i5nUDMGAx1m5TsUvsq8OLw54WeXX
yytkjZ2q8Hjv7mXZj8FtOOFoeFrboEp3BCJLoUNWKP6qnTCY/2l7YvlECidURTOX
C3ur5/gd0KplJeBHgBGKyjYoh40eZbL1/Mt6n/lVvzfxv0sK7D/YY48iFF3r36No
5qblG6lZkTLU3a4hihXxNhjr9GG2QKXM9uc38sqdwIv3wivgLV/PyHhpWl6qcdKr
gSB7RToFx/y2Uw==
-----END CERTIFICATE-----