Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          djWrrzkFsxiTzyxfJzLXZwGCEDOp0F6+FPI9CL5yLpw=
Subject key identifier:   4D:21:FB:76:62:6C:F7:CF:83:3C:54:EA:BF:05:4F:00:25:34:CA:50
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0197469DAE92666C54CA4F14EAB155FA7794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0D14
Signing time:             Fri 06 Jun 2025 19:00:28 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:28 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:28 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: YOmhL9WWdFY6xRLXyoz49vBZE+0U990rYR6WZW4vZrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:ae:92:66:6c:54:ca:4f:14:ea:b1:55:fa:77:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Jun  6 19:00:28 2025 GMT
            Not After : Jun  7 19:00:28 2025 GMT
        Subject: CN=4d21fb76626cf7cf833c54eabf054f002534ca50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f3:ae:17:62:75:92:6a:84:96:fb:08:e5:a4:
                    42:82:94:15:17:ab:45:d7:b9:1a:dc:fb:b7:e3:97:
                    0c:a5:81:95:02:17:f5:6c:54:3e:4d:cf:ff:46:bb:
                    63:aa:5d:e1:cb:12:bc:4f:42:71:36:5e:2d:80:d4:
                    fe:99:ed:90:e8:c3:4a:65:5d:99:0c:a0:d6:b5:ef:
                    f0:0e:a5:c0:46:38:28:1f:75:2c:39:25:98:76:99:
                    34:cf:7f:74:7f:a7:85:47:a1:0a:c9:06:51:97:c7:
                    75:21:8a:32:75:98:9b:ed:96:1c:ad:d5:36:82:8c:
                    08:db:bc:9e:f9:d9:94:4e:c1:7f:dd:f2:f4:54:20:
                    8f:64:3a:ca:d0:99:3a:05:8b:4e:c2:78:7f:cb:14:
                    02:a6:f2:10:c0:07:d5:65:e1:5e:81:49:8d:1e:12:
                    fb:ef:f1:df:c1:fb:3b:17:39:35:a1:d5:fd:7b:27:
                    8d:27:26:31:20:59:99:9c:a5:19:d4:4d:20:4c:d2:
                    02:84:98:fe:46:3e:af:7b:50:b7:bb:d2:fe:54:08:
                    5d:f4:80:62:dc:9e:39:0c:07:78:5a:3e:44:e3:b9:
                    2a:b7:d7:59:a1:1a:af:7d:7e:81:9a:4d:c6:c5:53:
                    33:a2:8e:78:ba:56:94:69:4b:6f:e9:6d:db:bf:d2:
                    67:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:21:FB:76:62:6C:F7:CF:83:3C:54:EA:BF:05:4F:00:25:34:CA:50
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:2d:3d:bc:d2:e1:6a:1f:ac:8d:e1:40:80:aa:01:80:b4:0e:
         aa:52:b6:3f:82:ae:a3:bb:14:d3:a5:ec:02:ca:49:5c:3e:8c:
         df:d3:b2:75:70:2b:ef:7e:f3:2d:8e:ef:0f:44:9f:6e:11:05:
         e9:82:e5:ab:02:73:d6:7f:f7:30:8a:56:da:a2:c9:31:bd:fd:
         94:36:c9:83:f2:89:53:f3:e8:7d:19:58:23:ff:d6:0a:7c:58:
         33:ad:30:a3:00:dc:a6:78:f2:fd:7e:12:d3:90:3f:67:99:a0:
         a5:bf:0c:cb:8d:7e:a6:2f:87:15:14:09:b9:8b:78:90:e8:92:
         cf:fa:07:7f:b4:5b:97:5a:42:d9:27:68:e2:dc:0e:e8:9c:c8:
         1e:01:0c:65:12:3e:e3:67:cb:57:e3:38:5c:bc:61:14:7f:43:
         20:5f:e4:92:14:72:9e:63:ed:df:50:e4:55:c6:2a:20:d1:89:
         a7:02:48:ad:1c:5a:f8:90:50:da:c7:bb:5d:57:1b:b7:24:cb:
         9e:2e:ff:dc:56:23:26:d2:25:b4:52:82:40:e6:ed:5d:0c:dd:
         be:39:46:ad:22:42:9e:e7:8f:1a:79:c6:44:66:76:ca:bb:5e:
         b7:25:e7:c8:ef:b8:50:07:aa:44:de:26:a5:5b:4d:80:e2:23:
         26:c1:34:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGna6SZmxUyk8U6rFV+neUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwNjA2MTkwMDI4WhcNMjUwNjA3MTkwMDI4WjAzMTEwLwYDVQQD
Eyg0ZDIxZmI3NjYyNmNmN2NmODMzYzU0ZWFiZjA1NGYwMDI1MzRjYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfOuF2J1kmqElvsI5aRCgpQVF6tF
17ka3Pu345cMpYGVAhf1bFQ+Tc//Rrtjql3hyxK8T0JxNl4tgNT+me2Q6MNKZV2Z
DKDWte/wDqXARjgoH3UsOSWYdpk0z390f6eFR6EKyQZRl8d1IYoydZib7ZYcrdU2
gowI27ye+dmUTsF/3fL0VCCPZDrK0Jk6BYtOwnh/yxQCpvIQwAfVZeFegUmNHhL7
7/Hfwfs7Fzk1odX9eyeNJyYxIFmZnKUZ1E0gTNIChJj+Rj6ve1C3u9L+VAhd9IBi
3J45DAd4Wj5E47kqt9dZoRqvfX6Bmk3GxVMzoo54ulaUaUtv6W3bv9JnHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0h+3ZibPfPgzxU6r8FTwAlNMpQMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaC09vNLh
ah+sjeFAgKoBgLQOqlK2P4Kuo7sU06XsAspJXD6M39OydXAr737zLY7vD0SfbhEF
6YLlqwJz1n/3MIpW2qLJMb39lDbJg/KJU/PofRlYI//WCnxYM60wowDcpnjy/X4S
05A/Z5mgpb8My41+pi+HFRQJuYt4kOiSz/oHf7Rbl1pC2Sdo4twO6JzIHgEMZRI+
42fLV+M4XLxhFH9DIF/kkhRynmPt31DkVcYqINGJpwJIrRxa+JBQ2se7XVcbtyTL
ni7/3FYjJtIltFKCQObtXQzdvjlGrSJCnuePGnnGRGZ2yrtetyXnyO+4UAeqRN4m
pVtNgOIjJsE0eg==
-----END CERTIFICATE-----