Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          sGIvPEHR6o/ZFyXAep0rpPMR9+5Cq1TkrmotrQfr4j4=
Subject key identifier:   D9:4E:82:46:E0:DF:D6:E3:F2:5D:DF:30:8E:F5:39:1D:BD:3D:58:CA
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       019D2704B753FF7AC9AFB98BE5B8F7902776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          101F
Signing time:             Wed 25 Mar 2026 22:01:53 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:53 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:53 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: T1bkT2LgRq+l8qFZLGJlj0DyF2iZNN7G1ELP1KFFvE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:b7:53:ff:7a:c9:af:b9:8b:e5:b8:f7:90:27:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Mar 25 22:01:53 2026 GMT
            Not After : Mar 26 22:01:53 2026 GMT
        Subject: CN=d94e8246e0dfd6e3f25ddf308ef5391dbd3d58ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0f:0c:3f:b6:91:4d:e6:29:4e:b6:d3:94:ab:
                    82:9f:3c:d8:ea:2c:a8:c9:59:df:b3:47:d3:35:40:
                    6a:a2:2b:da:ff:ef:aa:5e:ae:45:cd:8c:13:e1:a1:
                    f9:15:cd:b9:51:25:b1:6c:bb:ae:4f:4a:d7:ae:1a:
                    3f:04:ec:54:ec:6c:df:44:17:ac:bb:ec:80:e1:52:
                    13:cc:78:24:bf:db:12:e0:b8:01:eb:49:0f:ab:25:
                    01:c5:7d:68:71:41:be:67:bf:52:1e:b7:42:22:a4:
                    7b:d1:99:9a:40:1f:d7:50:22:51:3b:b9:d3:7e:0b:
                    9f:72:d4:aa:31:2b:f3:ff:69:79:95:d7:cb:47:18:
                    79:40:f6:d9:68:6d:4c:c8:e8:c3:65:11:c8:ee:a3:
                    8d:cd:2c:a3:a7:e2:73:64:64:6e:8a:40:c9:e8:34:
                    bd:50:61:00:b7:ca:fe:51:51:aa:3b:29:d9:ac:14:
                    bf:f1:51:e3:53:f8:dd:77:bf:c4:ce:0f:be:7f:f9:
                    5e:c5:90:bc:34:fa:3a:c5:4f:28:3a:e8:d7:ee:6f:
                    81:fd:a7:9c:db:b5:0e:42:a2:45:c3:1b:ce:fc:ff:
                    ef:e9:6f:ba:72:e3:2c:97:6a:a6:d5:83:f2:f2:c2:
                    d2:68:0f:e6:6c:cd:15:46:c8:b0:17:65:1c:68:91:
                    c7:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:4E:82:46:E0:DF:D6:E3:F2:5D:DF:30:8E:F5:39:1D:BD:3D:58:CA
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:95:da:4d:7e:9d:e1:ec:c3:ae:a8:38:6b:19:48:e2:2d:b7:
         3a:1f:37:02:66:a1:c0:c9:c2:29:a6:8d:69:71:ee:83:92:57:
         44:40:24:85:5a:b8:d8:2e:07:7a:b4:fe:84:31:79:b9:92:f2:
         5c:3d:e9:b3:cf:de:5f:8e:fb:26:9b:2e:7c:3b:ce:f3:e4:e7:
         7b:c9:10:7f:6d:1f:77:9a:d1:ae:39:90:da:41:69:53:47:be:
         21:e6:bb:d6:ac:53:39:d9:68:53:10:26:c9:7f:ec:f2:2e:b7:
         60:71:c7:a3:c8:9b:3f:4d:cc:fa:75:6d:77:3a:dd:bc:9b:d0:
         68:bd:22:06:e4:f6:b9:38:49:cc:a1:89:51:6f:3f:8f:8d:be:
         c0:02:4f:73:c6:06:b7:2e:20:0c:36:9e:03:cd:82:a3:12:31:
         7a:3a:84:7f:98:b2:4d:6a:fd:32:29:87:16:7d:8e:d1:3b:dc:
         21:87:15:b2:01:93:1a:95:bd:fe:2e:8c:9c:0e:c7:68:ba:27:
         5a:38:d2:7a:01:2e:25:3c:83:65:64:99:b3:9a:41:ea:d3:72:
         cc:c9:10:09:7c:0e:61:1f:8a:6a:87:e5:8f:90:8c:7b:88:d1:
         1f:a5:33:ee:82:c8:3c:8f:f3:70:2c:3a:47:84:7a:96:0b:93:
         f8:a5:c9:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLdT/3rJr7mL5bj3kCd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjYwMzI1MjIwMTUzWhcNMjYwMzI2MjIwMTUzWjAzMTEwLwYDVQQD
EyhkOTRlODI0NmUwZGZkNmUzZjI1ZGRmMzA4ZWY1MzkxZGJkM2Q1OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA8MP7aRTeYpTrbTlKuCnzzY6iyo
yVnfs0fTNUBqoiva/++qXq5FzYwT4aH5Fc25USWxbLuuT0rXrho/BOxU7GzfRBes
u+yA4VITzHgkv9sS4LgB60kPqyUBxX1ocUG+Z79SHrdCIqR70ZmaQB/XUCJRO7nT
fgufctSqMSvz/2l5ldfLRxh5QPbZaG1MyOjDZRHI7qONzSyjp+JzZGRuikDJ6DS9
UGEAt8r+UVGqOynZrBS/8VHjU/jdd7/Ezg++f/lexZC8NPo6xU8oOujX7m+B/aec
27UOQqJFwxvO/P/v6W+6cuMsl2qm1YPy8sLSaA/mbM0VRsiwF2UcaJHHVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlOgkbg39bj8l3fMI71OR29PVjKMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0JXaTX6d
4ezDrqg4axlI4i23Oh83AmahwMnCKaaNaXHug5JXREAkhVq42C4HerT+hDF5uZLy
XD3ps8/eX477JpsufDvO8+Tne8kQf20fd5rRrjmQ2kFpU0e+Iea71qxTOdloUxAm
yX/s8i63YHHHo8ibP03M+nVtdzrdvJvQaL0iBuT2uThJzKGJUW8/j42+wAJPc8YG
ty4gDDaeA82CoxIxejqEf5iyTWr9MimHFn2O0TvcIYcVsgGTGpW9/i6MnA7HaLon
WjjSegEuJTyDZWSZs5pB6tNyzMkQCXwOYR+Kaoflj5CMe4jRH6Uz7oLIPI/zcCw6
R4R6lguT+KXJMA==
-----END CERTIFICATE-----