Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          xhrzGj/p8W+um1vniRm2JNcoZyQLqGk7aOKzWn6uOrY=
Subject key identifier:   5F:BE:F0:7C:F9:7E:D8:77:DD:BB:97:98:A8:B6:6F:C5:7E:EE:7D:62
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       01977007924E6D975DFE0F6364DC9C14B372
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          114E
Signing time:             Sat 14 Jun 2025 20:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:33 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: Cl9GoduVAbQGTMuc30a01a2Gcl/HfZtMWCDlv6WS60Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:92:4e:6d:97:5d:fe:0f:63:64:dc:9c:14:b3:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Jun 14 20:00:33 2025 GMT
            Not After : Jun 15 20:00:33 2025 GMT
        Subject: CN=5fbef07cf97ed877ddbb9798a8b66fc57eee7d62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b8:f9:7c:f2:f1:97:26:38:b1:36:39:56:2a:
                    cc:1a:f6:fb:02:42:71:d8:21:a1:93:74:c9:6c:16:
                    e5:65:77:eb:09:1b:c8:57:c3:e1:e7:38:fb:f4:85:
                    b9:d1:e7:3e:f7:54:fb:2a:d4:ea:91:35:21:93:2e:
                    4c:2d:0d:d8:fa:c3:db:4d:b0:a9:87:e3:d7:28:32:
                    bd:51:fc:19:cd:5e:59:57:3e:0b:0e:19:4b:50:6f:
                    fd:16:7b:96:e0:51:db:e0:8c:7a:19:d1:79:e8:eb:
                    37:30:62:92:af:7c:f9:aa:ff:9e:75:40:c3:a6:71:
                    fe:2d:14:48:3a:9a:2d:e2:e2:09:0b:b8:c2:02:91:
                    b2:bf:97:8d:31:34:32:f1:36:01:7c:7e:b7:e5:a2:
                    cd:16:2e:2c:9a:71:fc:d5:68:98:0f:fb:2f:99:60:
                    1d:5b:4a:c7:16:11:3a:c3:a4:b9:58:0a:bb:cb:b4:
                    42:ad:32:91:a6:74:77:97:a8:9e:07:d6:64:35:77:
                    62:41:d0:bf:fb:00:17:17:81:4e:79:95:15:f2:3f:
                    31:67:ab:8a:10:9f:52:16:35:a2:09:16:79:ec:c8:
                    a3:c8:36:31:af:c4:aa:79:b3:13:3f:45:05:c1:d3:
                    7c:09:be:25:c8:e2:35:b0:21:ba:06:b3:36:2d:d7:
                    47:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BE:F0:7C:F9:7E:D8:77:DD:BB:97:98:A8:B6:6F:C5:7E:EE:7D:62
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:43:07:1b:9e:bd:f4:c9:18:81:a5:96:f0:98:fa:33:23:32:
         d5:f9:82:0d:8f:12:e8:a2:15:19:a9:e2:29:66:d3:6c:a8:d7:
         97:d3:41:43:5a:a4:3e:53:32:21:75:cd:11:b2:8e:ae:88:20:
         63:d3:c0:0b:1c:00:98:88:d8:14:41:5b:ff:be:b1:79:bc:2c:
         52:c7:76:0c:19:10:0f:bc:4d:9a:88:da:37:9a:c6:d8:67:75:
         7a:4d:e3:74:61:d9:e0:a9:6c:22:1a:c4:98:14:ef:78:f6:de:
         31:1f:1b:75:2c:29:60:35:f3:b5:5a:31:76:2d:f9:d5:0a:92:
         df:bd:0c:d7:4e:8a:76:c8:69:42:d2:ca:04:95:06:71:02:dd:
         04:9e:34:80:98:bc:d8:92:b9:03:39:9b:b7:88:b0:70:12:9d:
         78:40:00:34:bf:34:d3:9e:27:a1:a5:90:33:52:90:27:10:58:
         54:d6:2e:65:94:22:bd:7e:1c:e8:6c:e6:94:ae:00:7f:9b:af:
         72:93:ed:2d:a1:36:a8:fd:8c:11:4e:22:73:d2:0f:fe:1e:5a:
         59:9b:87:53:24:90:1f:78:9e:89:22:2f:92:20:7c:22:ae:b1:
         ed:08:0d:5a:ed:a9:4d:37:43:47:7d:29:6c:38:65:88:86:0e:
         86:30:55:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB5JObZdd/g9jZNycFLNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwNjE0MjAwMDMzWhcNMjUwNjE1MjAwMDMzWjAzMTEwLwYDVQQD
Eyg1ZmJlZjA3Y2Y5N2VkODc3ZGRiYjk3OThhOGI2NmZjNTdlZWU3ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLj5fPLxlyY4sTY5VirMGvb7AkJx
2CGhk3TJbBblZXfrCRvIV8Ph5zj79IW50ec+91T7KtTqkTUhky5MLQ3Y+sPbTbCp
h+PXKDK9UfwZzV5ZVz4LDhlLUG/9FnuW4FHb4Ix6GdF56Os3MGKSr3z5qv+edUDD
pnH+LRRIOpot4uIJC7jCApGyv5eNMTQy8TYBfH635aLNFi4smnH81WiYD/svmWAd
W0rHFhE6w6S5WAq7y7RCrTKRpnR3l6ieB9ZkNXdiQdC/+wAXF4FOeZUV8j8xZ6uK
EJ9SFjWiCRZ57MijyDYxr8SqebMTP0UFwdN8Cb4lyOI1sCG6BrM2LddH7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF++8Hz5fth33buXmKi2b8V+7n1iMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAskMHG569
9MkYgaWW8Jj6MyMy1fmCDY8S6KIVGaniKWbTbKjXl9NBQ1qkPlMyIXXNEbKOrogg
Y9PACxwAmIjYFEFb/76xebwsUsd2DBkQD7xNmojaN5rG2Gd1ek3jdGHZ4KlsIhrE
mBTvePbeMR8bdSwpYDXztVoxdi351QqS370M106KdshpQtLKBJUGcQLdBJ40gJi8
2JK5Azmbt4iwcBKdeEAANL80054noaWQM1KQJxBYVNYuZZQivX4c6GzmlK4Af5uv
cpPtLaE2qP2MEU4ic9IP/h5aWZuHUySQH3ieiSIvkiB8Iq6x7QgNWu2pTTdDR30p
bDhliIYOhjBVQg==
-----END CERTIFICATE-----