Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          4D7x8Gmuq6ekRd8cO9StLqRVVeTN/3/nklUjuGiJlCE=
Subject key identifier:   A9:0B:83:DF:DF:08:33:A0:A6:F5:D8:66:1F:B0:08:85:60:F3:89:60
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019656130F8CC40CA99E96F432F189B6E828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          10BC
Signing time:             Mon 21 Apr 2025 02:00:11 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:11 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:11 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: vLVrhnjGfpYi0nXFBLedI8lnNxuigckDdEj7sle/dx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:0f:8c:c4:0c:a9:9e:96:f4:32:f1:89:b6:e8:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Apr 21 02:00:11 2025 GMT
            Not After : Apr 22 02:00:11 2025 GMT
        Subject: CN=a90b83dfdf0833a0a6f5d8661fb0088560f38960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b7:00:3c:47:db:15:5a:66:66:c3:0f:5a:a2:
                    d1:23:5d:2b:0a:64:97:d7:49:43:3b:bd:e4:e3:b2:
                    53:de:3a:74:3e:47:ec:75:2b:dd:14:af:6a:26:38:
                    6e:bc:9e:dc:35:ff:2a:4b:30:02:1f:e2:23:5f:19:
                    5c:76:7a:32:04:3f:b7:48:95:91:be:da:6b:12:96:
                    40:28:4e:7a:50:2c:e1:86:97:bb:ce:40:5e:d4:6f:
                    49:c9:16:5f:70:37:0f:6a:f9:b3:94:8c:5f:f7:67:
                    30:21:b3:6c:74:75:d3:08:6a:72:9f:f9:12:ab:4d:
                    61:7e:56:d3:64:64:2e:2c:91:40:9c:67:b4:5a:99:
                    99:e4:33:db:07:55:32:63:47:a5:c2:a5:4f:a5:e7:
                    7e:c3:20:a4:b1:7d:78:6c:6f:40:d5:13:8b:b5:42:
                    c8:7a:dd:e7:9a:fd:ae:42:3e:14:66:a6:a7:a7:4d:
                    f1:54:b4:c4:66:87:7b:ca:12:7d:46:b9:53:23:a5:
                    31:a5:0f:46:9f:3a:e0:9c:d1:85:94:ab:9a:b2:89:
                    b1:06:27:b1:49:ca:1f:58:15:cc:e1:5c:e7:35:5b:
                    b8:a2:ca:4a:b4:7b:9f:ec:da:e6:2d:fd:81:1f:e6:
                    ee:fe:2b:07:6d:5f:5d:fb:5a:c3:94:9e:39:ed:df:
                    a7:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:0B:83:DF:DF:08:33:A0:A6:F5:D8:66:1F:B0:08:85:60:F3:89:60
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:7b:07:cc:43:20:04:b5:91:0b:0f:c8:bb:1a:b1:f0:a0:8b:
         9b:29:ca:39:26:eb:21:5d:7c:d0:a9:78:97:c0:f6:b4:0e:e0:
         cc:00:cd:89:5a:e2:d7:ed:14:c5:f6:18:27:85:5f:1b:85:5d:
         cc:48:dc:48:1e:df:95:25:55:69:ba:b7:fd:87:35:3e:2f:8b:
         80:2a:6d:f5:ef:c8:76:95:92:92:a5:b4:5f:db:da:75:e0:a5:
         97:96:bc:36:b9:cc:1c:e6:56:a8:c1:bc:a3:36:f2:86:4f:fd:
         83:76:db:52:af:91:53:40:f6:a5:1a:3d:22:5a:b5:01:e7:1b:
         8b:da:71:12:70:20:ff:a5:cb:c3:c4:eb:b8:67:48:72:26:aa:
         38:39:b9:a5:f6:2a:09:16:36:f7:b5:b2:d6:ef:09:b6:d1:ce:
         99:01:da:66:ea:06:6a:34:1a:5d:eb:11:33:5f:1a:6c:25:69:
         42:50:8b:b8:df:7c:a2:69:d1:23:02:5b:0c:27:3c:4b:26:88:
         c5:e5:59:77:52:0f:65:3d:6f:cb:cc:d0:87:87:c2:67:01:96:
         7a:40:99:39:2c:59:d6:1e:38:2f:20:3d:d9:0f:44:c6:0e:b1:
         77:1c:1f:90:98:6a:e5:0f:99:ff:b4:9e:0f:d9:eb:a4:25:bf:
         d1:93:db:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWEw+MxAypnpb0MvGJtugoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwNDIxMDIwMDExWhcNMjUwNDIyMDIwMDExWjAzMTEwLwYDVQQD
EyhhOTBiODNkZmRmMDgzM2EwYTZmNWQ4NjYxZmIwMDg4NTYwZjM4OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rcAPEfbFVpmZsMPWqLRI10rCmSX
10lDO73k47JT3jp0PkfsdSvdFK9qJjhuvJ7cNf8qSzACH+IjXxlcdnoyBD+3SJWR
vtprEpZAKE56UCzhhpe7zkBe1G9JyRZfcDcPavmzlIxf92cwIbNsdHXTCGpyn/kS
q01hflbTZGQuLJFAnGe0WpmZ5DPbB1UyY0elwqVPped+wyCksX14bG9A1ROLtULI
et3nmv2uQj4UZqanp03xVLTEZod7yhJ9RrlTI6UxpQ9GnzrgnNGFlKuasomxBiex
ScofWBXM4VznNVu4ospKtHuf7NrmLf2BH+bu/isHbV9d+1rDlJ457d+nzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkLg9/fCDOgpvXYZh+wCIVg84lgMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATnsHzEMg
BLWRCw/Iuxqx8KCLmynKOSbrIV180Kl4l8D2tA7gzADNiVri1+0UxfYYJ4VfG4Vd
zEjcSB7flSVVabq3/Yc1Pi+LgCpt9e/IdpWSkqW0X9vadeCll5a8NrnMHOZWqMG8
ozbyhk/9g3bbUq+RU0D2pRo9Ilq1Aecbi9pxEnAg/6XLw8TruGdIciaqODm5pfYq
CRY297Wy1u8JttHOmQHaZuoGajQaXesRM18abCVpQlCLuN98omnRIwJbDCc8SyaI
xeVZd1IPZT1vy8zQh4fCZwGWekCZOSxZ1h44LyA92Q9Exg6xdxwfkJhq5Q+Z/7Se
D9nrpCW/0ZPbbA==
-----END CERTIFICATE-----