Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          307nwfGvOYwiHF7opbPN5F468bTSkU0HbzqmMhRPzsA=
Subject key identifier:   78:A4:C9:93:EE:CF:FA:FE:55:63:BF:53:95:11:C6:C2:82:B5:2D:DF
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       01969905D3118A957EED93FEEAF6A71C7288
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          046D
Signing time:             Sun 04 May 2025 02:00:17 +0000
Manifest this update:     Sun 04 May 2025 02:00:17 +0000
Manifest next update:     Mon 05 May 2025 02:00:17 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: O0P+HznIecb796nFH3hwciv1N82olTYEgDlMvrRtDXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:99:05:d3:11:8a:95:7e:ed:93:fe:ea:f6:a7:1c:72:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: May  4 02:00:17 2025 GMT
            Not After : May  5 02:00:17 2025 GMT
        Subject: CN=78a4c993eecffafe5563bf539511c6c282b52ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3b:28:9b:91:32:c8:e6:5d:8d:af:79:ea:74:
                    e2:d5:75:3d:ec:3b:4d:dc:a4:c5:4a:75:42:6b:0d:
                    76:0c:bc:67:1e:9d:6c:48:89:41:a5:78:ad:bb:b1:
                    8e:67:11:e2:2c:5e:6a:f0:fd:ee:0a:3a:b2:08:43:
                    c3:57:2d:88:02:4e:60:dd:52:3a:be:82:30:26:04:
                    f7:e6:68:5c:1e:f8:24:f4:be:51:5a:13:e8:29:1e:
                    fc:e0:90:7f:06:ef:96:12:51:85:2b:a2:d7:8b:f3:
                    ef:fc:38:23:d7:b7:24:36:cf:ed:2f:25:12:bc:46:
                    cf:f3:8d:e5:80:eb:3e:a0:3d:52:a6:bc:94:46:1d:
                    42:32:ed:3f:67:aa:71:43:f8:94:97:6d:88:d9:29:
                    b6:c0:45:90:d5:57:5b:da:51:6a:86:37:e3:17:a3:
                    6a:dc:06:6b:c9:02:5b:49:a0:5b:d1:13:47:1a:5c:
                    7c:5d:b3:97:33:2c:6e:3f:db:0b:62:dc:db:8c:c8:
                    9f:e9:89:d4:8b:1c:77:43:33:9f:d6:6f:6d:7b:f9:
                    22:a3:ce:26:f7:f1:88:f9:f3:28:e2:fa:68:22:d2:
                    2b:8f:7d:d5:98:2b:99:c8:72:98:37:81:4f:1c:b0:
                    5e:66:0a:1c:48:78:d9:92:2b:34:f2:73:59:07:e9:
                    02:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:A4:C9:93:EE:CF:FA:FE:55:63:BF:53:95:11:C6:C2:82:B5:2D:DF
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:28:69:fb:53:3f:de:0e:2b:6f:f1:62:86:6a:86:af:5a:1d:
         5c:12:c4:e0:b5:6d:26:c2:b8:d6:d7:7f:6d:54:ec:e4:f5:58:
         59:18:c9:33:60:c7:8e:30:ca:79:0e:8a:20:04:fb:2e:f7:36:
         cc:46:8a:13:df:33:22:83:fc:77:70:9f:29:94:f4:5a:e9:c7:
         aa:78:54:cc:2f:17:8e:29:50:35:05:74:f5:ff:ea:b5:29:54:
         43:36:4b:b4:82:68:ff:6d:88:6e:6b:92:ec:77:8a:64:4a:eb:
         f5:0d:43:64:e2:77:8e:7b:74:74:5b:6b:12:a5:26:24:a0:9a:
         a0:5a:a2:74:7f:3b:cd:40:f2:8e:22:46:9e:e2:52:42:c1:50:
         5f:a4:56:2c:f9:4d:b4:b1:eb:8b:4f:76:e4:64:ad:c6:5c:09:
         da:e9:16:3c:74:32:fa:10:a3:50:6c:a6:59:f5:b0:99:ce:08:
         58:cf:40:6e:ac:09:33:ea:f8:36:20:8d:22:01:53:75:f0:57:
         b1:be:56:cd:8c:40:ef:fc:bd:e9:99:c9:a0:c9:87:20:06:67:
         6c:46:37:0d:88:c3:8f:0c:c0:65:c8:8b:60:a4:4e:c6:e5:55:
         da:7f:d0:a2:b3:eb:b2:37:72:2e:57:82:cc:ad:b9:f0:16:d2:
         18:44:ca:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaZBdMRipV+7ZP+6vanHHKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwNTA0MDIwMDE3WhcNMjUwNTA1MDIwMDE3WjAzMTEwLwYDVQQD
Eyg3OGE0Yzk5M2VlY2ZmYWZlNTU2M2JmNTM5NTExYzZjMjgyYjUyZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTsom5EyyOZdja956nTi1XU97DtN
3KTFSnVCaw12DLxnHp1sSIlBpXitu7GOZxHiLF5q8P3uCjqyCEPDVy2IAk5g3VI6
voIwJgT35mhcHvgk9L5RWhPoKR784JB/Bu+WElGFK6LXi/Pv/Dgj17ckNs/tLyUS
vEbP843lgOs+oD1SpryURh1CMu0/Z6pxQ/iUl22I2Sm2wEWQ1Vdb2lFqhjfjF6Nq
3AZryQJbSaBb0RNHGlx8XbOXMyxuP9sLYtzbjMif6YnUixx3QzOf1m9te/kio84m
9/GI+fMo4vpoItIrj33VmCuZyHKYN4FPHLBeZgocSHjZkis08nNZB+kCAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHikyZPuz/r+VWO/U5URxsKCtS3fMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGShp+1M/
3g4rb/FihmqGr1odXBLE4LVtJsK41td/bVTs5PVYWRjJM2DHjjDKeQ6KIAT7Lvc2
zEaKE98zIoP8d3CfKZT0WunHqnhUzC8XjilQNQV09f/qtSlUQzZLtIJo/22IbmuS
7HeKZErr9Q1DZOJ3jnt0dFtrEqUmJKCaoFqidH87zUDyjiJGnuJSQsFQX6RWLPlN
tLHri0925GStxlwJ2ukWPHQy+hCjUGymWfWwmc4IWM9AbqwJM+r4NiCNIgFTdfBX
sb5WzYxA7/y96ZnJoMmHIAZnbEY3DYjDjwzAZciLYKROxuVV2n/QorPrsjdyLleC
zK258BbSGETKUw==
-----END CERTIFICATE-----