Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          lZTxmsqMbgrz5XfhdkF8hP7UsFOFCbc64NT6To1WGMk=
Subject key identifier:   13:AF:FC:1D:79:A1:53:53:B3:BB:86:EC:E9:F0:01:59:1B:6D:53:1B
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       019D386663C71A3BCAAC287C9F075CA44115
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          1028
Signing time:             Sun 29 Mar 2026 07:02:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:07 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: PJz8Ur0v/52EAVeoUH3PUbJOWB+RrQzuaLccoINT0Bg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:63:c7:1a:3b:ca:ac:28:7c:9f:07:5c:a4:41:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Mar 29 07:02:07 2026 GMT
            Not After : Mar 30 07:02:07 2026 GMT
        Subject: CN=13affc1d79a15353b3bb86ece9f001591b6d531b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:32:c0:2e:58:c0:4b:8b:10:5b:34:54:4f:45:
                    62:a1:be:d3:e6:7c:dd:db:e6:5f:65:dc:63:bd:4e:
                    f4:2d:28:a5:0e:fd:7a:83:ad:b0:2f:ad:b8:85:b3:
                    19:d6:31:c8:31:80:57:46:8a:02:85:28:86:08:ba:
                    84:17:a0:d4:4f:ed:e8:f2:4a:71:a0:e3:7b:28:28:
                    8a:70:83:6e:34:77:6c:e7:49:b3:94:e1:42:64:60:
                    81:75:b2:be:75:7e:64:29:bf:6c:47:79:7d:0e:8b:
                    6d:ce:f7:c0:e3:56:57:3b:91:78:2e:96:73:2f:8f:
                    32:15:a4:01:a6:dd:2c:66:86:25:d6:57:f8:b2:23:
                    06:34:42:ff:e6:66:6a:22:a7:a3:44:df:3e:1f:f6:
                    aa:ca:e7:e4:3b:be:eb:23:c2:d2:15:9f:d9:e2:7f:
                    1d:b5:19:9b:49:30:14:f5:33:d6:3a:4f:6e:4f:c7:
                    77:51:1b:f1:e1:0e:d2:bd:82:54:d6:96:93:65:03:
                    5a:56:95:1a:9a:fd:37:5f:b0:1f:65:5d:4b:cc:30:
                    81:55:06:03:5f:1c:18:bc:f4:68:9c:9e:16:72:54:
                    7a:72:b3:67:39:ee:09:16:65:80:95:cd:94:ab:1a:
                    2b:75:31:46:b8:01:7b:b7:fe:71:ea:9f:b5:89:cc:
                    ef:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:AF:FC:1D:79:A1:53:53:B3:BB:86:EC:E9:F0:01:59:1B:6D:53:1B
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:e4:74:bf:00:f2:e3:59:4f:58:bf:aa:e6:65:1a:ab:92:76:
         32:52:1f:98:8c:ff:c9:56:aa:43:84:07:ea:91:14:03:85:6c:
         64:d8:7a:60:cd:3a:64:ae:e1:bf:1b:2a:e4:9d:c7:89:6c:ea:
         89:39:52:a0:8d:f5:71:8a:c2:e2:24:53:41:39:37:3d:33:75:
         ef:db:7c:69:5a:32:ea:6d:63:99:d9:0c:e3:f4:71:d5:aa:dd:
         56:22:f9:6c:4b:f5:a4:72:fb:b9:b8:0e:f5:12:ae:fb:05:d3:
         ee:6e:71:23:ba:78:a7:7c:87:db:e6:75:72:b8:91:60:44:b5:
         52:91:f7:bd:5f:f3:9f:b9:2f:96:93:77:a6:86:6c:60:2a:e5:
         92:29:9f:8e:d5:4b:cc:7c:cd:b8:c1:2c:74:db:07:ee:f5:56:
         89:83:ca:cf:5a:ab:6d:81:be:5f:7d:29:8a:c0:d1:17:bb:a8:
         3d:56:4a:0a:7a:10:6a:6c:e1:e8:99:a8:2a:53:03:6b:67:5f:
         a3:a4:53:00:a6:8e:8b:ac:59:09:db:bc:eb:ed:9f:8a:9b:09:
         a3:77:d4:de:0b:7e:35:0d:2e:ad:ed:ec:3f:d1:b0:d2:51:23:
         19:fe:18:51:aa:05:df:1f:69:92:8b:68:e7:ca:78:f3:d9:09:
         1f:48:4b:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmPHGjvKrCh8nwdcpEEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjYwMzI5MDcwMjA3WhcNMjYwMzMwMDcwMjA3WjAzMTEwLwYDVQQD
EygxM2FmZmMxZDc5YTE1MzUzYjNiYjg2ZWNlOWYwMDE1OTFiNmQ1MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjLALljAS4sQWzRUT0Viob7T5nzd
2+ZfZdxjvU70LSilDv16g62wL624hbMZ1jHIMYBXRooChSiGCLqEF6DUT+3o8kpx
oON7KCiKcINuNHds50mzlOFCZGCBdbK+dX5kKb9sR3l9DottzvfA41ZXO5F4LpZz
L48yFaQBpt0sZoYl1lf4siMGNEL/5mZqIqejRN8+H/aqyufkO77rI8LSFZ/Z4n8d
tRmbSTAU9TPWOk9uT8d3URvx4Q7SvYJU1paTZQNaVpUamv03X7AfZV1LzDCBVQYD
XxwYvPRonJ4WclR6crNnOe4JFmWAlc2UqxordTFGuAF7t/5x6p+1iczvvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOv/B15oVNTs7uG7OnwAVkbbVMbMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt+R0vwDy
41lPWL+q5mUaq5J2MlIfmIz/yVaqQ4QH6pEUA4VsZNh6YM06ZK7hvxsq5J3HiWzq
iTlSoI31cYrC4iRTQTk3PTN179t8aVoy6m1jmdkM4/Rx1ardViL5bEv1pHL7ubgO
9RKu+wXT7m5xI7p4p3yH2+Z1criRYES1UpH3vV/zn7kvlpN3poZsYCrlkimfjtVL
zHzNuMEsdNsH7vVWiYPKz1qrbYG+X30pisDRF7uoPVZKCnoQamzh6JmoKlMDa2df
o6RTAKaOi6xZCdu86+2fipsJo3fU3gt+NQ0ure3sP9Gw0lEjGf4YUaoF3x9pkoto
58p489kJH0hLQg==
-----END CERTIFICATE-----