Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          56227/5YIhdJUgpqBL1vHMLiyHHYsfUS6saFFts61SQ=
Subject key identifier:   41:06:10:13:1E:F0:A3:D1:75:4A:8E:A1:F5:E2:DD:42:89:10:13:07
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019895920F3A3E41C9ACC707FB1BA6B765E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          11E6
Signing time:             Sun 10 Aug 2025 20:00:33 +0000
Manifest this update:     Sun 10 Aug 2025 20:00:33 +0000
Manifest next update:     Mon 11 Aug 2025 20:00:33 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: HApROJamu04aqTFDpE2HfAtc6/5zyvy81uzCvXEJJvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 20:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:92:0f:3a:3e:41:c9:ac:c7:07:fb:1b:a6:b7:65:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Aug 10 20:00:33 2025 GMT
            Not After : Aug 11 20:00:33 2025 GMT
        Subject: CN=410610131ef0a3d1754a8ea1f5e2dd4289101307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:2d:52:8c:41:1d:0a:9b:12:28:5a:2f:27:57:
                    bd:c0:67:b0:df:b7:cf:6e:39:af:8a:4a:65:45:96:
                    fe:26:a3:af:de:40:bc:7a:ee:d4:db:0b:dd:69:bb:
                    3a:25:d1:78:03:3d:86:f4:78:e6:88:ce:14:b6:03:
                    c8:49:b5:46:bb:ec:41:9d:5b:c7:c9:84:e1:7f:1e:
                    bc:bb:65:d3:d1:70:f1:e9:96:f9:7c:97:4f:ac:a0:
                    3e:9a:e6:00:60:73:e3:cb:b2:08:31:fe:68:51:0e:
                    29:15:9e:ad:cc:d6:df:7f:7a:f3:39:93:a3:2c:a6:
                    70:73:2c:27:2b:95:5c:94:e6:08:b7:ef:04:c6:a3:
                    ec:ab:a0:f3:84:09:8d:b6:2f:e2:8f:bf:8d:cd:16:
                    f9:d8:18:90:0f:fe:97:4f:ed:ee:07:31:e1:01:19:
                    c5:da:d9:85:94:72:d8:10:b0:9f:40:93:e8:7a:29:
                    6e:1a:69:54:61:82:57:05:9c:81:cb:2e:de:45:bc:
                    98:bf:61:74:7f:40:30:34:c2:8f:cd:15:0b:a3:0b:
                    1c:9e:5a:20:4a:84:80:28:26:d3:9e:f2:bb:ce:a8:
                    64:b6:e2:f4:0b:c2:c3:1c:0e:c4:76:45:ff:a4:5f:
                    cc:86:c4:5e:f8:cd:50:c9:18:d2:ae:dc:2d:22:4f:
                    e2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:06:10:13:1E:F0:A3:D1:75:4A:8E:A1:F5:E2:DD:42:89:10:13:07
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:0e:c4:8f:17:d5:17:4d:55:ec:fc:b7:b4:37:fe:c5:bf:b7:
         f2:7e:05:da:64:cc:f0:bd:3e:b8:b6:dc:28:23:b8:e8:92:0f:
         2a:c0:79:13:87:91:97:1c:a2:e0:57:f9:1e:c4:0d:8f:84:26:
         91:4a:f1:ce:f3:de:72:4a:26:32:b4:87:f3:c4:2a:e2:9c:66:
         97:65:e2:f8:85:23:75:c5:2d:e2:98:ea:1a:51:ac:ed:74:1c:
         8f:2f:a8:b4:00:d5:87:1f:63:c6:23:50:4f:e4:f9:17:6d:47:
         29:cf:47:18:e1:1d:12:05:ca:c4:a5:f9:25:b5:f5:4b:b7:e9:
         ea:43:27:ff:da:1a:ba:22:f2:a0:31:8b:66:e7:71:f5:af:dd:
         f4:18:cd:7d:60:a1:b0:46:b7:d2:85:9a:bd:fb:df:69:fd:83:
         d5:ea:9c:6c:57:62:c1:b6:18:7c:0d:e8:73:a4:2e:82:fb:8a:
         df:82:01:54:d3:9f:0c:3b:81:c3:57:44:f6:75:be:74:f7:a1:
         b8:62:6f:38:6f:38:4b:a7:86:a9:2a:6f:83:46:71:42:ab:c0:
         84:86:cd:30:3b:66:0d:ab:a0:bf:09:97:00:9b:70:2f:50:f9:
         2e:7a:37:62:e0:cf:ee:bb:e7:3d:2e:f2:14:d3:af:af:d5:be:
         18:dd:fd:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVkg86PkHJrMcH+xumt2XlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUwODEwMjAwMDMzWhcNMjUwODExMjAwMDMzWjAzMTEwLwYDVQQD
Eyg0MTA2MTAxMzFlZjBhM2QxNzU0YThlYTFmNWUyZGQ0Mjg5MTAxMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y1SjEEdCpsSKFovJ1e9wGew37fP
bjmvikplRZb+JqOv3kC8eu7U2wvdabs6JdF4Az2G9HjmiM4UtgPISbVGu+xBnVvH
yYThfx68u2XT0XDx6Zb5fJdPrKA+muYAYHPjy7IIMf5oUQ4pFZ6tzNbff3rzOZOj
LKZwcywnK5VclOYIt+8ExqPsq6DzhAmNti/ij7+NzRb52BiQD/6XT+3uBzHhARnF
2tmFlHLYELCfQJPoeiluGmlUYYJXBZyByy7eRbyYv2F0f0AwNMKPzRULowscnlog
SoSAKCbTnvK7zqhktuL0C8LDHA7EdkX/pF/MhsRe+M1QyRjSrtwtIk/igQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEGEBMe8KPRdUqOofXi3UKJEBMHMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQ7EjxfV
F01V7Py3tDf+xb+38n4F2mTM8L0+uLbcKCO46JIPKsB5E4eRlxyi4Ff5HsQNj4Qm
kUrxzvPeckomMrSH88Qq4pxml2Xi+IUjdcUt4pjqGlGs7XQcjy+otADVhx9jxiNQ
T+T5F21HKc9HGOEdEgXKxKX5JbX1S7fp6kMn/9oauiLyoDGLZudx9a/d9BjNfWCh
sEa30oWavfvfaf2D1eqcbFdiwbYYfA3oc6QugvuK34IBVNOfDDuBw1dE9nW+dPeh
uGJvOG84S6eGqSpvg0ZxQqvAhIbNMDtmDaugvwmXAJtwL1D5Lno3YuDP7rvnPS7y
FNOvr9W+GN39tw==
-----END CERTIFICATE-----