Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          4cOxq8J4KT66Fhmv40YspH+Do+W4dSD1zUMl5YCwCIw=
Subject key identifier:   D0:72:C5:2F:1F:A8:05:36:0B:60:F4:4F:05:1B:7C:1A:92:03:B5:FA
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019678D6239A2C7CBDB5E59D37A37450837B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          10CE
Signing time:             Sun 27 Apr 2025 20:00:21 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:21 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:21 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: 6A3OoD8nwRDPLKCscYrj1aC+ipHqfaBi+ehG2YkGvKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:23:9a:2c:7c:bd:b5:e5:9d:37:a3:74:50:83:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Apr 27 20:00:21 2025 GMT
            Not After : Apr 28 20:00:21 2025 GMT
        Subject: CN=d072c52f1fa805360b60f44f051b7c1a9203b5fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0f:3c:ce:69:07:c6:95:3a:90:13:75:85:9e:
                    1f:fd:e2:b7:78:21:cc:49:4a:38:28:6a:82:46:15:
                    9c:c9:ac:43:ac:6e:8f:50:54:0a:6e:b8:cc:d3:ed:
                    16:5f:9b:ca:cf:0e:ae:37:85:09:30:b3:76:f8:a6:
                    35:44:37:fd:69:35:b2:24:b8:67:cd:22:01:b2:57:
                    1b:f9:31:8e:6d:ef:90:45:0c:0c:f2:cf:ff:e6:b0:
                    b8:84:8a:21:a2:0c:2a:3f:b5:ee:df:12:48:c5:58:
                    7d:76:d6:a4:38:ea:db:79:36:ee:6a:95:99:3f:34:
                    72:44:c8:af:3f:b4:00:bf:31:03:30:d0:01:34:af:
                    60:7c:7e:e8:af:b2:48:cd:64:2a:dc:bd:c5:3b:6b:
                    8c:1c:25:52:f7:51:f9:56:e1:ca:47:cd:0f:49:ca:
                    90:cb:0d:82:12:94:31:d4:f4:b3:0e:9c:bb:7a:71:
                    18:dd:2c:f5:5e:9f:6f:4a:b3:89:1e:0a:70:49:03:
                    79:80:c4:e4:c7:55:10:1a:af:50:e9:42:df:3a:c9:
                    bc:ac:3a:1a:9e:74:fb:8a:5f:2c:ad:e4:35:af:7c:
                    08:57:b1:c9:e0:a0:dd:9f:0b:c4:33:48:a9:98:0a:
                    21:6c:0c:84:0e:7b:83:82:96:75:aa:84:e7:e2:28:
                    a4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:72:C5:2F:1F:A8:05:36:0B:60:F4:4F:05:1B:7C:1A:92:03:B5:FA
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:62:1e:0c:7d:a2:7c:a3:cd:0a:49:76:07:a7:9a:8d:b8:b7:
         12:1a:af:74:4d:df:73:f2:96:c5:0b:5e:be:ba:73:c0:27:b9:
         ff:72:43:b3:f0:4d:f7:ad:d2:26:af:51:ee:f3:37:d6:9a:57:
         37:72:24:7e:13:0b:a6:ab:bd:63:64:aa:93:c2:ba:62:8e:ee:
         bb:b8:d1:12:d0:4f:54:84:c2:77:db:cc:54:69:82:84:28:a8:
         bb:54:72:44:a8:68:cb:c4:44:84:ef:2b:3e:f9:41:dd:b7:59:
         88:7b:29:74:ab:88:9b:cd:f4:07:2c:9d:a7:30:35:07:ab:d1:
         27:c7:4a:ae:20:cb:8c:26:ae:d7:92:c2:db:e7:7a:f1:2c:61:
         5b:82:ff:2b:d7:31:15:4a:09:ef:23:f1:36:94:5c:de:3e:0a:
         24:5f:8e:7f:d1:7f:dd:94:9f:29:bb:cd:30:d5:d5:28:c0:91:
         2f:ea:2c:e2:8e:df:dc:7a:01:f8:48:33:6a:04:2a:bf:42:65:
         b8:8f:1b:ae:aa:df:5f:47:00:57:0f:29:65:ed:f9:69:97:a6:
         d4:04:ca:db:2d:db:fc:e9:32:ef:7f:9e:7c:9d:bc:ac:a5:01:
         4e:77:89:60:ed:38:6e:90:89:da:f8:56:e9:fc:fb:c1:27:99:
         32:3d:d6:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41iOaLHy9teWdN6N0UIN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwNDI3MjAwMDIxWhcNMjUwNDI4MjAwMDIxWjAzMTEwLwYDVQQD
EyhkMDcyYzUyZjFmYTgwNTM2MGI2MGY0NGYwNTFiN2MxYTkyMDNiNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ88zmkHxpU6kBN1hZ4f/eK3eCHM
SUo4KGqCRhWcyaxDrG6PUFQKbrjM0+0WX5vKzw6uN4UJMLN2+KY1RDf9aTWyJLhn
zSIBslcb+TGObe+QRQwM8s//5rC4hIohogwqP7Xu3xJIxVh9dtakOOrbeTbuapWZ
PzRyRMivP7QAvzEDMNABNK9gfH7or7JIzWQq3L3FO2uMHCVS91H5VuHKR80PScqQ
yw2CEpQx1PSzDpy7enEY3Sz1Xp9vSrOJHgpwSQN5gMTkx1UQGq9Q6ULfOsm8rDoa
nnT7il8sreQ1r3wIV7HJ4KDdnwvEM0ipmAohbAyEDnuDgpZ1qoTn4iik7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNByxS8fqAU2C2D0TwUbfBqSA7X6MB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2IeDH2i
fKPNCkl2B6eajbi3EhqvdE3fc/KWxQtevrpzwCe5/3JDs/BN963SJq9R7vM31ppX
N3IkfhMLpqu9Y2Sqk8K6Yo7uu7jREtBPVITCd9vMVGmChCiou1RyRKhoy8REhO8r
PvlB3bdZiHspdKuIm830ByydpzA1B6vRJ8dKriDLjCau15LC2+d68SxhW4L/K9cx
FUoJ7yPxNpRc3j4KJF+Of9F/3ZSfKbvNMNXVKMCRL+os4o7f3HoB+EgzagQqv0Jl
uI8brqrfX0cAVw8pZe35aZem1ATK2y3b/Oky73+efJ28rKUBTneJYO04bpCJ2vhW
6fz7wSeZMj3WEw==
-----END CERTIFICATE-----