Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          EKMZtSpV+YNcygSPaaJuPaswc2TkEUFk/hMgSldeb0Q=
Subject key identifier:   C3:59:BF:64:29:CC:24:55:59:F1:6D:C5:96:D3:C5:A4:F4:D8:E5:DD
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       0199228CD1FA00194CA803D46025B980B757
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          122F
Signing time:             Sun 07 Sep 2025 05:01:17 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:17 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:17 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: Xfh3AtTxJEoxWZ20L08B9D+OIDSqF3UdPKruQ7xyWPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:d1:fa:00:19:4c:a8:03:d4:60:25:b9:80:b7:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Sep  7 05:01:17 2025 GMT
            Not After : Sep  8 05:01:17 2025 GMT
        Subject: CN=c359bf6429cc245559f16dc596d3c5a4f4d8e5dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f3:98:fc:c2:c2:4c:fa:f7:20:e2:ef:e1:5d:
                    6f:79:4b:8c:b1:da:3e:15:72:66:cb:1c:94:a2:59:
                    01:88:c6:c7:fe:72:67:03:89:80:d9:db:e7:c2:2a:
                    3c:3e:e3:71:81:f6:36:1f:0e:75:45:0a:e7:d6:f2:
                    2a:13:3e:03:cd:e9:76:6e:69:ba:c9:d9:6d:f6:71:
                    e3:fe:6f:fa:de:95:e3:4c:3f:ef:da:2d:23:1d:0e:
                    1f:d8:4c:13:1b:b1:0a:78:3a:4d:5a:6e:d4:43:6a:
                    c8:ff:cd:e6:b3:31:b9:2a:fb:1e:42:23:25:a2:e4:
                    bf:38:7f:cb:6b:fc:f4:2f:15:44:6e:b9:b6:d6:fd:
                    de:77:9f:ee:9a:3a:1f:5c:97:69:a5:61:dc:ac:f1:
                    49:eb:01:f1:12:1f:5d:b4:1e:af:41:c2:14:8c:4b:
                    d2:a2:dc:7e:da:ec:92:61:3f:04:8a:a2:a2:b9:03:
                    22:1a:27:2d:14:81:5a:54:02:8a:4e:26:84:06:cd:
                    4e:67:8c:4d:e6:e3:3f:fb:f5:f0:c1:f0:1e:7b:b8:
                    7e:f0:07:80:92:cd:24:ff:1c:6d:65:04:15:3a:7c:
                    97:70:c2:2e:cc:6e:07:f8:c3:86:24:59:ad:22:30:
                    4b:8b:3b:1b:47:c1:dc:8d:b6:72:30:f0:ec:e5:0e:
                    b3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:59:BF:64:29:CC:24:55:59:F1:6D:C5:96:D3:C5:A4:F4:D8:E5:DD
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:da:33:f6:57:3d:f6:54:eb:76:99:05:c3:e8:df:d6:43:98:
         01:e2:66:56:68:60:2b:f0:34:8d:f5:bd:7b:50:a9:0e:be:6e:
         e3:14:16:dc:6e:0d:be:f0:78:f0:3b:67:04:54:5e:80:b1:8a:
         5d:db:48:8f:b5:e2:e8:19:5e:9f:c0:a2:4b:c2:6f:10:84:99:
         f2:d2:11:eb:b6:50:d2:9e:40:7f:51:a8:cb:d3:e8:99:01:54:
         aa:ee:af:fa:39:96:5a:19:be:2c:1a:90:74:41:81:dc:0a:35:
         40:cf:f8:de:02:02:f2:05:4a:08:91:36:cb:f9:5c:65:b5:aa:
         71:35:c5:05:66:0f:19:c7:2e:34:8e:4d:7d:60:ef:13:45:1c:
         05:f3:ea:58:19:46:69:ba:a9:77:b3:f5:37:99:7f:c4:fb:31:
         5b:65:db:c4:26:7f:03:82:c8:76:e1:7a:2d:9c:6f:ad:00:07:
         1b:13:09:b2:6f:92:04:26:cf:1b:e3:08:a0:36:42:c4:3d:43:
         b1:5b:b7:4b:42:23:0d:bc:15:a4:f1:ce:ea:a4:fc:32:82:c0:
         16:d5:fb:2b:e4:bb:07:6c:a4:c2:78:b7:fc:f4:06:31:9c:87:
         63:e0:aa:1e:f8:cb:d0:24:b8:0a:c1:f1:24:d4:58:d8:68:91:
         d9:51:d2:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijNH6ABlMqAPUYCW5gLdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwOTA3MDUwMTE3WhcNMjUwOTA4MDUwMTE3WjAzMTEwLwYDVQQD
EyhjMzU5YmY2NDI5Y2MyNDU1NTlmMTZkYzU5NmQzYzVhNGY0ZDhlNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvOY/MLCTPr3IOLv4V1veUuMsdo+
FXJmyxyUolkBiMbH/nJnA4mA2dvnwio8PuNxgfY2Hw51RQrn1vIqEz4Dzel2bmm6
ydlt9nHj/m/63pXjTD/v2i0jHQ4f2EwTG7EKeDpNWm7UQ2rI/83mszG5KvseQiMl
ouS/OH/La/z0LxVEbrm21v3ed5/umjofXJdppWHcrPFJ6wHxEh9dtB6vQcIUjEvS
otx+2uySYT8EiqKiuQMiGictFIFaVAKKTiaEBs1OZ4xN5uM/+/XwwfAee7h+8AeA
ks0k/xxtZQQVOnyXcMIuzG4H+MOGJFmtIjBLizsbR8HcjbZyMPDs5Q6zDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNZv2QpzCRVWfFtxZbTxaT02OXdMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9oz9lc9
9lTrdpkFw+jf1kOYAeJmVmhgK/A0jfW9e1CpDr5u4xQW3G4NvvB48DtnBFRegLGK
XdtIj7Xi6Blen8CiS8JvEISZ8tIR67ZQ0p5Af1Goy9PomQFUqu6v+jmWWhm+LBqQ
dEGB3Ao1QM/43gIC8gVKCJE2y/lcZbWqcTXFBWYPGccuNI5NfWDvE0UcBfPqWBlG
abqpd7P1N5l/xPsxW2XbxCZ/A4LIduF6LZxvrQAHGxMJsm+SBCbPG+MIoDZCxD1D
sVu3S0IjDbwVpPHO6qT8MoLAFtX7K+S7B2ykwni3/PQGMZyHY+CqHvjL0CS4CsHx
JNRY2GiR2VHSIQ==
-----END CERTIFICATE-----