Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          kCllfIxcpNGLr7I2veDVv06C82un+lzkJ7LuyZU1ByA=
Subject key identifier:   B4:BE:75:50:07:B3:AA:68:88:9B:7E:5B:B6:26:81:FA:5F:83:F9:08
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       019923A0A488DEA7B6D314D114D3D2A1B469
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0E0B
Signing time:             Sun 07 Sep 2025 10:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:34 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: v6i2LIlT23juo2EURHWlTGfkgYi1BNKLAGlC4NTzNSY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:a4:88:de:a7:b6:d3:14:d1:14:d3:d2:a1:b4:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Sep  7 10:02:34 2025 GMT
            Not After : Sep  8 10:02:34 2025 GMT
        Subject: CN=b4be755007b3aa68889b7e5bb62681fa5f83f908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:28:9f:f4:03:21:23:f4:fb:05:b6:6c:0d:ad:
                    ab:f0:d5:e9:0d:09:68:d2:93:4b:18:8f:07:6d:5f:
                    7b:48:dc:da:40:bd:79:b2:c4:1f:07:41:5b:8e:e9:
                    f4:c2:58:31:47:89:4b:c3:f1:ea:a1:3c:a3:ae:f2:
                    e0:3d:a5:f2:e4:58:77:fa:45:0e:bc:80:2a:e5:a9:
                    3d:03:82:44:38:81:35:63:ec:d0:af:b7:a2:49:5a:
                    1e:64:60:a9:5a:c6:62:b6:f7:51:a3:f9:4e:5e:64:
                    e6:af:9b:bb:8f:03:ff:10:9c:a6:59:9f:0c:ac:d8:
                    61:1d:dc:57:fb:0a:af:67:71:ab:84:8c:f8:6a:3a:
                    c0:6d:70:be:87:50:23:c7:30:ea:50:9b:71:6b:92:
                    e2:e1:ed:20:50:68:fb:5b:65:4b:43:47:62:0a:61:
                    9c:33:2e:0f:60:eb:22:23:5b:d0:eb:98:a5:53:1b:
                    4a:d8:98:6d:6f:91:b9:86:9b:f7:f5:73:ab:39:fb:
                    07:e9:64:59:95:26:cf:ce:9b:67:c2:68:65:52:3d:
                    98:4d:31:6c:0e:eb:0d:de:d6:39:e9:df:c0:da:33:
                    0b:28:99:5a:55:2c:18:aa:8d:e5:5a:3e:c6:9d:b1:
                    aa:01:55:3b:c6:80:95:7d:c8:90:38:4f:19:ca:20:
                    bf:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BE:75:50:07:B3:AA:68:88:9B:7E:5B:B6:26:81:FA:5F:83:F9:08
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:d5:e4:9d:d0:e3:a2:14:e0:a0:b5:20:16:27:30:6d:d3:4a:
         b6:5c:e7:3a:93:4f:60:52:2f:23:0d:52:6a:a7:86:7d:64:79:
         18:bf:c8:19:10:ae:14:21:af:04:8d:fc:a9:92:77:12:67:51:
         85:6e:c8:55:fa:d6:52:9b:2c:4d:b5:34:1a:6c:95:1c:dc:2a:
         45:b9:bc:f5:b0:22:58:32:7e:c6:f7:91:c6:d1:dd:79:4a:5a:
         08:4d:53:da:c6:8c:e4:e9:d6:bd:72:ce:b1:25:9b:b8:09:a0:
         fb:07:ef:4a:ff:5e:36:ac:1d:39:9a:9d:42:28:d6:6a:3a:7f:
         97:66:41:87:56:a8:4c:ef:f3:aa:8e:7d:f5:f4:06:e4:92:74:
         85:0e:ee:72:23:41:69:97:59:c2:97:90:be:4c:d9:f5:9b:af:
         d0:46:cf:e8:d2:3b:dd:a9:bf:d7:d2:80:29:1f:4d:e4:11:72:
         a0:9d:75:67:19:6f:99:91:eb:70:f9:89:1a:6e:23:a4:72:34:
         fe:a0:29:50:eb:48:2b:ee:7c:56:b2:5d:a4:e0:58:6e:f4:97:
         2a:fb:d2:d8:98:30:a7:d6:20:77:3f:95:9c:eb:2a:3e:74:be:
         54:03:e5:a4:d2:45:16:25:2f:b8:f7:f3:95:08:1b:59:1b:6d:
         8d:95:84:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoKSI3qe20xTRFNPSobRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwOTA3MTAwMjM0WhcNMjUwOTA4MTAwMjM0WjAzMTEwLwYDVQQD
EyhiNGJlNzU1MDA3YjNhYTY4ODg5YjdlNWJiNjI2ODFmYTVmODNmOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSif9AMhI/T7BbZsDa2r8NXpDQlo
0pNLGI8HbV97SNzaQL15ssQfB0Fbjun0wlgxR4lLw/HqoTyjrvLgPaXy5Fh3+kUO
vIAq5ak9A4JEOIE1Y+zQr7eiSVoeZGCpWsZitvdRo/lOXmTmr5u7jwP/EJymWZ8M
rNhhHdxX+wqvZ3GrhIz4ajrAbXC+h1AjxzDqUJtxa5Li4e0gUGj7W2VLQ0diCmGc
My4PYOsiI1vQ65ilUxtK2Jhtb5G5hpv39XOrOfsH6WRZlSbPzptnwmhlUj2YTTFs
DusN3tY56d/A2jMLKJlaVSwYqo3lWj7GnbGqAVU7xoCVfciQOE8ZyiC/EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS+dVAHs6poiJt+W7Ymgfpfg/kIMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa9XkndDj
ohTgoLUgFicwbdNKtlznOpNPYFIvIw1SaqeGfWR5GL/IGRCuFCGvBI38qZJ3EmdR
hW7IVfrWUpssTbU0GmyVHNwqRbm89bAiWDJ+xveRxtHdeUpaCE1T2saM5OnWvXLO
sSWbuAmg+wfvSv9eNqwdOZqdQijWajp/l2ZBh1aoTO/zqo599fQG5JJ0hQ7uciNB
aZdZwpeQvkzZ9Zuv0EbP6NI73am/19KAKR9N5BFyoJ11ZxlvmZHrcPmJGm4jpHI0
/qApUOtIK+58VrJdpOBYbvSXKvvS2Jgwp9Ygdz+VnOsqPnS+VAPlpNJFFiUvuPfz
lQgbWRttjZWESA==
-----END CERTIFICATE-----