Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          ewQGG+agzUIlqKSZ5z+0q8eDZw306wUVBlBaEJv2kPA=
Subject key identifier:   AA:37:C7:EA:B6:CB:70:F3:BF:F0:58:57:50:64:8D:D2:D9:5B:96:52
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       0197D850DE595F924401417BBFBB1E985103
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          1184
Signing time:             Sat 05 Jul 2025 02:01:07 +0000
Manifest this update:     Sat 05 Jul 2025 02:01:07 +0000
Manifest next update:     Sun 06 Jul 2025 02:01:07 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: AzHDEDNTqUC3MgnHZ93gLbiVHYZPeYm5KQpElBSw9bE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d8:50:de:59:5f:92:44:01:41:7b:bf:bb:1e:98:51:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Jul  5 02:01:07 2025 GMT
            Not After : Jul  6 02:01:07 2025 GMT
        Subject: CN=aa37c7eab6cb70f3bff0585750648dd2d95b9652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f9:7f:71:1e:59:49:9c:7a:c3:ad:ec:8c:35:
                    5e:51:f9:7f:16:2a:7e:23:58:a0:5b:af:67:b8:34:
                    9a:a0:91:34:29:0b:e6:a1:1e:3b:15:f3:70:8f:cf:
                    ab:93:d2:20:5b:4f:0e:2e:93:43:bd:eb:4a:12:24:
                    05:a9:38:79:fd:2f:77:88:4e:53:af:f7:31:ac:a6:
                    b4:40:bb:9c:b0:96:88:a6:e9:34:2a:f1:2a:27:f3:
                    4a:cf:e6:9d:e0:61:46:55:f8:09:08:45:63:f3:a6:
                    fd:89:fd:a1:66:30:aa:5d:df:42:db:b2:c4:8f:33:
                    da:92:1c:90:0c:8d:db:49:bc:b7:84:47:cc:d4:f0:
                    d9:86:b1:57:bb:52:92:0b:ab:81:5b:72:cf:b5:9e:
                    54:d7:8f:28:25:46:db:d1:cb:72:48:b5:c8:9b:d0:
                    09:7d:37:f2:b3:f8:c6:b0:43:f1:b4:f3:ee:c8:a9:
                    41:43:1b:eb:69:5a:96:66:97:81:4b:8f:5a:64:e3:
                    bd:b7:05:4b:cd:97:cd:8f:2a:92:92:69:b5:ca:80:
                    3e:96:48:a1:52:c6:b2:a7:39:e0:fb:44:5e:4e:42:
                    c7:06:6b:91:09:d7:3e:f8:45:a0:3b:78:a3:36:b8:
                    36:30:9f:a7:63:38:ac:ab:3f:65:d3:5d:6a:9b:01:
                    af:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:37:C7:EA:B6:CB:70:F3:BF:F0:58:57:50:64:8D:D2:D9:5B:96:52
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:b5:06:48:a4:2a:dd:c4:b8:07:f6:e6:7c:cb:ee:66:f9:b4:
         a8:3b:0f:fb:a9:f7:f6:35:88:12:3b:09:f5:fd:f8:32:92:a7:
         77:9b:d5:c1:d3:65:c7:d0:bd:c7:61:2d:e3:66:36:2e:8c:05:
         53:a7:6d:81:c3:05:e6:4e:66:ab:17:5e:1f:6c:af:a5:d6:68:
         78:77:bf:e9:02:09:d7:93:de:56:7f:ce:a2:0e:cd:67:e7:7c:
         b3:06:2a:1a:ad:ea:c7:de:ba:86:18:f1:e9:2f:5f:b2:e2:0b:
         68:c2:24:b5:d1:af:17:5f:e8:b1:82:9a:e0:8b:9e:38:27:f6:
         61:d0:c0:96:f2:9c:f7:eb:1e:13:07:56:4e:ef:fa:77:a2:72:
         72:05:92:52:18:02:8e:06:f0:4c:6b:7e:ac:56:48:48:d4:35:
         8e:dd:a3:e7:5c:ff:73:4a:84:2d:67:ad:66:1d:17:a3:ce:73:
         1b:4d:6c:ad:2e:6f:bd:96:f9:68:a6:a6:20:6a:2c:a6:5d:b2:
         73:07:fb:a9:03:69:97:34:62:22:04:e9:34:38:8b:68:f6:c6:
         55:40:e3:2d:49:f1:57:65:55:1d:32:5c:f9:6f:ac:c3:4f:93:
         1b:f1:bf:5b:b4:43:c6:51:1f:57:56:68:15:e3:15:b9:6c:5a:
         7e:ea:86:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfYUN5ZX5JEAUF7v7semFEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwNzA1MDIwMTA3WhcNMjUwNzA2MDIwMTA3WjAzMTEwLwYDVQQD
EyhhYTM3YzdlYWI2Y2I3MGYzYmZmMDU4NTc1MDY0OGRkMmQ5NWI5NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfl/cR5ZSZx6w63sjDVeUfl/Fip+
I1igW69nuDSaoJE0KQvmoR47FfNwj8+rk9IgW08OLpNDvetKEiQFqTh5/S93iE5T
r/cxrKa0QLucsJaIpuk0KvEqJ/NKz+ad4GFGVfgJCEVj86b9if2hZjCqXd9C27LE
jzPakhyQDI3bSby3hEfM1PDZhrFXu1KSC6uBW3LPtZ5U148oJUbb0ctySLXIm9AJ
fTfys/jGsEPxtPPuyKlBQxvraVqWZpeBS49aZOO9twVLzZfNjyqSkmm1yoA+lkih
Usaypzng+0ReTkLHBmuRCdc++EWgO3ijNrg2MJ+nYzisqz9l011qmwGv/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKo3x+q2y3Dzv/BYV1BkjdLZW5ZSMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVrUGSKQq
3cS4B/bmfMvuZvm0qDsP+6n39jWIEjsJ9f34MpKnd5vVwdNlx9C9x2Et42Y2LowF
U6dtgcMF5k5mqxdeH2yvpdZoeHe/6QIJ15PeVn/Oog7NZ+d8swYqGq3qx966hhjx
6S9fsuILaMIktdGvF1/osYKa4IueOCf2YdDAlvKc9+seEwdWTu/6d6JycgWSUhgC
jgbwTGt+rFZISNQ1jt2j51z/c0qELWetZh0Xo85zG01srS5vvZb5aKamIGospl2y
cwf7qQNplzRiIgTpNDiLaPbGVUDjLUnxV2VVHTJc+W+sw0+TG/G/W7RDxlEfV1Zo
FeMVuWxafuqGoQ==
-----END CERTIFICATE-----