Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          Mjt99ukErFURyZLPv9zIuld6cMuiZAVtgKb7bqqtw2I=
Subject key identifier:   24:D5:07:E4:A3:32:7B:83:10:08:28:53:C8:F6:EF:75:78:8B:43:FA
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       0194C46328BE401FD655A1EF727200A40A76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          0FEC
Signing time:             Sun 02 Feb 2025 02:00:20 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:20 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:20 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: wS+U0xe7khKrWjto2uE5S98je2daA+EgNLK4WZpk+wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:28:be:40:1f:d6:55:a1:ef:72:72:00:a4:0a:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Feb  2 02:00:20 2025 GMT
            Not After : Feb  3 02:00:20 2025 GMT
        Subject: CN=24d507e4a3327b8310082853c8f6ef75788b43fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0d:5f:11:57:af:96:c2:79:5a:20:f4:07:a6:
                    7a:d6:1a:3a:86:c8:6b:67:11:9c:13:0d:1b:ad:c5:
                    99:91:7e:6a:60:ec:73:69:24:d5:05:f8:de:22:26:
                    f0:30:d1:f8:a8:8d:0f:98:ad:06:99:3d:bf:46:d7:
                    65:df:73:b6:3c:ff:0c:24:5a:c7:8a:ff:36:75:7f:
                    48:a0:05:c4:13:f4:a0:96:4b:49:ce:7e:cc:dc:a4:
                    9a:c0:84:b8:eb:1c:94:23:33:00:de:86:01:b8:5c:
                    be:45:53:a3:8d:d3:bb:5e:46:f1:27:3e:8c:d6:de:
                    30:a7:11:82:84:7d:98:33:ab:f2:42:e8:74:ca:d7:
                    02:ea:50:e9:9d:89:1f:1a:69:a0:e7:3c:4f:2a:eb:
                    b6:b0:e2:fd:d1:c2:8e:91:96:a1:ef:ad:1f:10:d2:
                    01:a5:cc:d0:2c:25:52:da:30:a1:13:b7:05:87:88:
                    42:45:74:d4:5e:dd:5c:d3:6c:55:e7:76:dd:05:e7:
                    41:16:2c:cf:09:a1:92:4c:62:b6:f1:15:14:3c:f1:
                    8b:cd:13:72:2f:8a:3d:40:b8:66:00:d0:82:11:e0:
                    20:76:18:13:fd:b5:7d:2d:2a:f5:53:a8:3c:a2:13:
                    d9:e2:6c:82:a0:ea:cb:d5:4f:d8:75:c4:13:ad:f9:
                    b9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:D5:07:E4:A3:32:7B:83:10:08:28:53:C8:F6:EF:75:78:8B:43:FA
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:45:65:92:a8:db:fc:dd:2b:a1:43:cf:ca:a4:1f:a5:4d:aa:
         7d:26:88:cc:54:24:bc:98:8d:fc:b8:23:65:63:5e:55:18:b2:
         fa:66:71:04:94:2e:1d:58:cd:89:73:5e:2b:79:72:f0:6b:0b:
         6a:2f:b3:47:e3:79:a6:56:06:28:94:55:48:b3:55:8b:95:f1:
         9a:b5:48:4c:5b:cf:1e:59:a0:35:6a:d6:9f:b1:f8:c4:1c:36:
         34:c5:b2:fd:d9:f8:fc:2c:7a:71:f2:d2:00:ad:d1:c8:3a:e9:
         14:7e:33:be:bd:56:55:c8:74:6f:a3:30:bd:a7:3a:e1:d1:e6:
         44:df:d7:13:c1:cd:fb:a4:26:e8:81:fd:bc:47:ca:f8:e0:73:
         c8:19:19:d9:b1:1d:cc:fc:b3:72:86:6d:35:01:d2:8d:67:20:
         9e:f7:4b:c2:a0:1a:f1:53:d3:e7:eb:a9:b4:12:a2:76:a8:7c:
         b4:b7:a5:75:3c:fb:41:b2:32:63:58:cf:ba:75:d4:14:6e:19:
         37:47:13:6b:6a:fe:df:39:3c:7a:d1:db:44:95:99:51:ce:dc:
         a0:24:c4:1f:fb:ab:cb:53:91:17:4f:c2:44:20:0e:68:b5:dd:
         cf:97:09:ac:3f:a4:35:5a:f0:96:49:d6:bc:f3:1f:44:1f:39:
         16:cd:05:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEYyi+QB/WVaHvcnIApAp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwMjAyMDIwMDIwWhcNMjUwMjAzMDIwMDIwWjAzMTEwLwYDVQQD
EygyNGQ1MDdlNGEzMzI3YjgzMTAwODI4NTNjOGY2ZWY3NTc4OGI0M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg1fEVevlsJ5WiD0B6Z61ho6hshr
ZxGcEw0brcWZkX5qYOxzaSTVBfjeIibwMNH4qI0PmK0GmT2/Rtdl33O2PP8MJFrH
iv82dX9IoAXEE/SglktJzn7M3KSawIS46xyUIzMA3oYBuFy+RVOjjdO7XkbxJz6M
1t4wpxGChH2YM6vyQuh0ytcC6lDpnYkfGmmg5zxPKuu2sOL90cKOkZah760fENIB
pczQLCVS2jChE7cFh4hCRXTUXt1c02xV53bdBedBFizPCaGSTGK28RUUPPGLzRNy
L4o9QLhmANCCEeAgdhgT/bV9LSr1U6g8ohPZ4myCoOrL1U/YdcQTrfm5DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTVB+SjMnuDEAgoU8j273V4i0P6MB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaEVlkqjb
/N0roUPPyqQfpU2qfSaIzFQkvJiN/LgjZWNeVRiy+mZxBJQuHVjNiXNeK3ly8GsL
ai+zR+N5plYGKJRVSLNVi5XxmrVITFvPHlmgNWrWn7H4xBw2NMWy/dn4/Cx6cfLS
AK3RyDrpFH4zvr1WVch0b6Mwvac64dHmRN/XE8HN+6Qm6IH9vEfK+OBzyBkZ2bEd
zPyzcoZtNQHSjWcgnvdLwqAa8VPT5+uptBKidqh8tLeldTz7QbIyY1jPunXUFG4Z
N0cTa2r+3zk8etHbRJWZUc7coCTEH/ury1ORF0/CRCAOaLXdz5cJrD+kNVrwlknW
vPMfRB85Fs0FMA==
-----END CERTIFICATE-----