Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          1Vd8IYfZMny5fEZCtqX1ovyYLbf+iLwuPRp46uB0boI=
Subject key identifier:   22:D5:8E:52:DA:22:B8:09:FD:E8:73:EE:89:53:85:D3:1B:6E:95:67
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       019A71B8D5F350BBEBCD3FCD64297E34D350
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0EB8
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: i6x5YHC0J1uP2D2XwcIInyGfFd0N7eiszFC5HniwC1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d5:f3:50:bb:eb:cd:3f:cd:64:29:7e:34:d3:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=22d58e52da22b809fde873ee895385d31b6e9567
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ef:7c:b3:28:e7:dd:f7:39:f3:2b:17:d5:10:
                    92:a9:c2:e3:34:7c:5f:07:5e:7e:39:34:f9:85:61:
                    9b:44:b1:7f:26:70:6d:8b:64:d4:17:bf:27:f7:7f:
                    40:0a:23:53:f7:59:5d:52:ff:f9:71:a7:3f:ab:ea:
                    81:80:28:28:56:86:cd:4b:b3:3c:cf:a8:80:38:81:
                    42:a0:49:10:6c:cd:22:60:c9:58:53:bf:da:ff:30:
                    ab:54:98:1b:cb:56:a7:39:43:6e:df:d9:f3:48:bd:
                    67:40:81:bb:5f:61:26:a7:ae:26:e3:5d:63:9e:11:
                    be:4c:06:46:02:7e:55:ff:df:70:a3:1a:52:06:92:
                    26:ae:45:c4:d5:5b:bf:86:93:8a:33:90:70:13:20:
                    26:35:aa:60:dd:6d:0f:92:5f:66:ad:da:7c:1e:b7:
                    31:af:b9:e8:41:44:80:db:3e:8b:4e:34:60:78:d9:
                    13:5a:6c:2e:67:35:c2:67:28:05:7a:d1:ba:20:0d:
                    30:b2:a5:6c:46:1e:72:2a:10:a3:d0:9b:ed:30:ec:
                    cf:14:92:f5:3f:9c:ea:87:13:8f:6b:ec:86:f8:fa:
                    75:a0:12:2c:e2:da:86:2c:81:fd:0a:24:de:a1:c4:
                    54:dc:42:45:cd:0a:ce:5e:fa:f4:f4:5f:45:64:a2:
                    38:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D5:8E:52:DA:22:B8:09:FD:E8:73:EE:89:53:85:D3:1B:6E:95:67
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:22:37:d4:9b:a2:df:26:a5:25:ed:05:fa:02:85:67:7e:96:
         15:3a:9d:70:0c:e4:1f:26:f0:3b:a5:75:7e:cf:12:79:30:af:
         80:86:4b:d9:da:8b:9f:2c:31:2f:30:95:d7:fe:12:8b:9b:dc:
         31:b7:74:73:8a:21:02:ac:a1:61:8b:b2:d7:d0:6c:da:2d:47:
         86:ed:13:bc:fc:a5:c5:c8:d6:d1:b6:95:eb:d1:fa:a3:ae:c1:
         03:e9:32:72:4f:67:a6:b1:16:54:3a:53:5c:59:0c:65:a7:96:
         1c:4b:67:ee:ae:81:b8:1a:ce:16:a0:b3:7f:32:da:f9:2a:1a:
         12:3c:fd:aa:08:1c:fe:d5:a6:1c:d8:fb:c0:04:9f:dd:47:43:
         c9:cd:e0:38:1b:96:11:73:fb:52:24:02:9f:88:76:d7:68:9a:
         5a:d5:8d:54:ad:5c:91:6d:ef:1c:75:d8:29:96:c5:6d:72:14:
         67:f2:d1:4a:69:b8:ac:c4:2d:54:49:62:b0:de:30:40:ee:98:
         90:4d:17:50:df:19:73:1b:f1:52:38:5b:39:f3:c4:5f:99:62:
         20:01:56:24:b6:4c:17:d9:19:cb:7a:c5:09:f8:22:15:03:d0:
         a2:d0:a5:ea:83:d9:a6:5b:6a:66:e3:c8:43:23:cb:01:3e:7c:
         04:e3:fe:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNXzULvrzT/NZCl+NNNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EygyMmQ1OGU1MmRhMjJiODA5ZmRlODczZWU4OTUzODVkMzFiNmU5NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze98syjn3fc58ysX1RCSqcLjNHxf
B15+OTT5hWGbRLF/JnBti2TUF78n939ACiNT91ldUv/5cac/q+qBgCgoVobNS7M8
z6iAOIFCoEkQbM0iYMlYU7/a/zCrVJgby1anOUNu39nzSL1nQIG7X2Emp64m411j
nhG+TAZGAn5V/99woxpSBpImrkXE1Vu/hpOKM5BwEyAmNapg3W0Pkl9mrdp8Hrcx
r7noQUSA2z6LTjRgeNkTWmwuZzXCZygFetG6IA0wsqVsRh5yKhCj0JvtMOzPFJL1
P5zqhxOPa+yG+Pp1oBIs4tqGLIH9CiTeocRU3EJFzQrOXvr09F9FZKI4cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLVjlLaIrgJ/ehz7olThdMbbpVnMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEyI31Jui
3yalJe0F+gKFZ36WFTqdcAzkHybwO6V1fs8SeTCvgIZL2dqLnywxLzCV1/4Si5vc
Mbd0c4ohAqyhYYuy19Bs2i1Hhu0TvPylxcjW0baV69H6o67BA+kyck9nprEWVDpT
XFkMZaeWHEtn7q6BuBrOFqCzfzLa+SoaEjz9qggc/tWmHNj7wASf3UdDyc3gOBuW
EXP7UiQCn4h212iaWtWNVK1ckW3vHHXYKZbFbXIUZ/LRSmm4rMQtVElisN4wQO6Y
kE0XUN8ZcxvxUjhbOfPEX5liIAFWJLZMF9kZy3rFCfgiFQPQotCl6oPZpltqZuPI
QyPLAT58BOP+fg==
-----END CERTIFICATE-----