Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          ptFHOZ4/sPn8SQye+bzciMFtdvNKiuFy+Vwck9bUCfc=
Subject key identifier:   3F:2C:33:80:C8:B1:6F:31:E2:E0:15:C4:FB:B4:88:D9:12:FC:C5:42
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       0198A04D81EFF4F0056C475DF38BE7C1C332
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          162A
Signing time:             Tue 12 Aug 2025 22:01:30 +0000
Manifest this update:     Tue 12 Aug 2025 22:01:30 +0000
Manifest next update:     Wed 13 Aug 2025 22:01:30 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: NFAYGYwTVvYVwNJ9m9s5Kuk6Tx1U6Opo3DczD41qhSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4d:81:ef:f4:f0:05:6c:47:5d:f3:8b:e7:c1:c3:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Aug 12 22:01:30 2025 GMT
            Not After : Aug 13 22:01:30 2025 GMT
        Subject: CN=3f2c3380c8b16f31e2e015c4fbb488d912fcc542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:05:40:3a:1c:af:cb:3c:4a:d0:8b:ff:a1:f4:
                    59:64:31:f3:5e:9f:c1:bf:d7:d7:6e:65:ef:f7:11:
                    d7:6d:86:ca:0d:28:85:0e:a3:c3:6d:aa:2e:65:a4:
                    a3:c3:83:08:7a:53:0a:76:18:52:97:f4:aa:e3:43:
                    40:aa:fc:19:f3:dc:4c:02:89:ae:86:ea:5b:4c:00:
                    38:be:83:d7:a1:99:9e:a5:00:4e:80:9b:36:4f:9d:
                    06:ee:12:a8:40:b9:90:46:f5:fd:6d:1b:07:70:a6:
                    24:96:0c:12:6b:88:46:93:e8:6b:41:1e:f1:21:01:
                    c5:a4:15:a8:44:2f:03:78:16:4e:43:f9:0c:d2:bc:
                    f5:5d:76:3b:11:e8:71:fa:c0:9f:4e:f6:3b:50:8c:
                    a4:40:3d:2a:f3:f1:e0:59:30:a3:70:ba:d2:af:ac:
                    03:c8:56:2a:0d:7f:14:8e:1e:93:dc:09:9f:ee:a2:
                    be:18:f2:a8:1d:2a:d0:27:8b:bc:b0:c7:01:84:aa:
                    50:d4:94:1c:2d:01:10:ab:be:85:29:f2:8d:dd:7f:
                    11:ec:5d:3a:6e:13:79:66:e4:45:c2:a3:12:b5:aa:
                    3c:cc:5b:80:e9:e8:36:74:89:41:20:2b:6e:de:f1:
                    98:94:e4:ba:ce:14:1f:30:d3:05:a9:e0:3c:bd:d9:
                    2b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:2C:33:80:C8:B1:6F:31:E2:E0:15:C4:FB:B4:88:D9:12:FC:C5:42
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:1d:a2:4a:86:88:1c:b6:bc:13:11:12:33:6f:3e:63:68:7d:
         ab:fb:78:9f:9c:f1:78:95:04:56:ef:f9:5e:c9:7d:52:09:5a:
         84:ab:5a:8c:5c:e8:b8:10:e3:9b:ad:2b:ae:f4:59:ad:22:4b:
         6a:17:89:08:87:93:18:58:bc:08:3a:7d:bb:ed:da:b7:2c:d6:
         66:e0:03:13:71:0f:90:b2:c3:17:d1:55:c7:75:d1:25:c1:d2:
         a5:eb:ed:41:d0:f1:ae:53:51:9a:cc:9a:61:47:f7:a8:58:fc:
         c1:68:36:c0:22:f5:e5:f8:7f:df:96:a1:71:fd:af:58:99:08:
         5a:f6:3d:3f:e1:5d:23:6e:9c:50:f7:72:b3:78:02:35:43:88:
         d9:8c:c7:e0:bd:3e:31:e3:8d:9d:d6:05:9e:22:2a:68:b5:79:
         72:63:51:c9:e0:60:49:70:e1:77:3f:0a:68:3b:78:10:46:8b:
         35:54:2e:f1:28:b3:d7:67:85:85:39:ae:b5:a9:87:b7:03:88:
         1c:6b:c3:7b:48:c2:b2:1f:f3:22:cf:71:6b:f4:00:38:43:b9:
         97:0a:7b:a3:a3:5f:6a:6f:01:cf:df:fe:ac:27:4c:c9:c3:dc:
         ab:22:1a:c2:1a:f1:1b:8f:16:eb:1c:4c:f1:42:5d:3a:b9:22:
         ef:f5:a6:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTYHv9PAFbEdd84vnwcMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwODEyMjIwMTMwWhcNMjUwODEzMjIwMTMwWjAzMTEwLwYDVQQD
EygzZjJjMzM4MGM4YjE2ZjMxZTJlMDE1YzRmYmI0ODhkOTEyZmNjNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwVAOhyvyzxK0Iv/ofRZZDHzXp/B
v9fXbmXv9xHXbYbKDSiFDqPDbaouZaSjw4MIelMKdhhSl/Sq40NAqvwZ89xMAomu
hupbTAA4voPXoZmepQBOgJs2T50G7hKoQLmQRvX9bRsHcKYklgwSa4hGk+hrQR7x
IQHFpBWoRC8DeBZOQ/kM0rz1XXY7Eehx+sCfTvY7UIykQD0q8/HgWTCjcLrSr6wD
yFYqDX8Ujh6T3Amf7qK+GPKoHSrQJ4u8sMcBhKpQ1JQcLQEQq76FKfKN3X8R7F06
bhN5ZuRFwqMStao8zFuA6eg2dIlBICtu3vGYlOS6zhQfMNMFqeA8vdkrVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8sM4DIsW8x4uAVxPu0iNkS/MVCMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJx2iSoaI
HLa8ExESM28+Y2h9q/t4n5zxeJUEVu/5Xsl9UglahKtajFzouBDjm60rrvRZrSJL
aheJCIeTGFi8CDp9u+3atyzWZuADE3EPkLLDF9FVx3XRJcHSpevtQdDxrlNRmsya
YUf3qFj8wWg2wCL15fh/35ahcf2vWJkIWvY9P+FdI26cUPdys3gCNUOI2YzH4L0+
MeONndYFniIqaLV5cmNRyeBgSXDhdz8KaDt4EEaLNVQu8Siz12eFhTmutamHtwOI
HGvDe0jCsh/zIs9xa/QAOEO5lwp7o6Nfam8Bz9/+rCdMycPcqyIawhrxG48W6xxM
8UJdOrki7/Wmew==
-----END CERTIFICATE-----