Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          eGx2ixlNvSrXulcWpo8z/lKnLM4c3ueqqum5/lLIsJs=
Subject key identifier:   BC:24:A8:9F:D2:49:14:98:EA:E2:95:00:C6:E8:AC:99:1A:33:72:0A
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       0199FE1004E4976015A9BE7D385D6C39AA42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          062F
Signing time:             Sun 19 Oct 2025 20:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:26 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: sJ1r1f5uxWRemgpq2sN4wuytyYgs0eGvZ0CdpugCBBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:10:04:e4:97:60:15:a9:be:7d:38:5d:6c:39:aa:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Oct 19 20:01:26 2025 GMT
            Not After : Oct 20 20:01:26 2025 GMT
        Subject: CN=bc24a89fd2491498eae29500c6e8ac991a33720a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ff:d5:8a:9b:68:38:ed:de:21:ed:ca:db:fc:
                    c3:cf:0d:4a:be:4d:c9:6f:33:98:22:be:80:2e:a9:
                    d9:15:c5:24:c5:ee:f7:e1:68:4a:4e:42:d1:3a:2c:
                    5a:52:f5:4d:f5:d7:fc:9d:db:68:0f:e6:a4:03:f7:
                    1a:e9:6c:8c:c0:70:75:45:31:23:20:8e:46:89:0e:
                    3c:de:44:f3:90:37:7a:5f:56:2f:5d:a5:d0:cd:d5:
                    0c:cc:07:7c:38:21:c4:02:19:08:14:1e:56:50:98:
                    c3:cd:7e:8f:89:15:c5:fc:d4:b9:44:04:b2:fb:3b:
                    1c:79:96:d0:9c:fe:7c:a9:16:b7:2b:7f:59:0c:84:
                    90:2c:d0:16:86:4a:77:e5:2b:34:99:e6:26:81:91:
                    a6:7a:92:9e:5e:d2:6b:49:18:1d:d2:5c:a0:d3:ef:
                    b6:d0:e0:6f:71:e6:11:5c:50:57:3a:e9:96:b6:fa:
                    37:b1:a8:1f:f1:e9:a1:14:11:ee:36:02:4d:86:81:
                    2e:33:65:fa:10:09:b5:6b:35:c0:86:0d:68:28:25:
                    e1:65:25:7c:cd:d0:a8:56:d3:81:f2:b5:f7:06:44:
                    02:cf:a6:0b:f2:e2:29:b0:03:85:18:6f:2e:c8:b9:
                    bb:16:65:2c:df:24:90:f2:bf:59:db:dd:e6:c7:1b:
                    93:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:24:A8:9F:D2:49:14:98:EA:E2:95:00:C6:E8:AC:99:1A:33:72:0A
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:b9:23:de:e9:53:28:99:c5:77:1d:6d:ca:be:67:60:ad:61:
         8c:b6:af:12:cb:e7:49:72:7d:21:61:26:b4:89:9a:d4:b7:f4:
         e2:40:df:90:ec:de:0c:41:56:e5:e1:37:28:8a:93:9f:1e:b8:
         97:bd:9d:03:dc:b3:85:6f:40:9a:55:fb:cc:34:9e:64:a8:f5:
         b4:ca:69:fb:ca:9d:e9:3c:62:49:dd:d6:ef:1d:d7:f5:3b:28:
         e8:64:13:0e:18:9e:69:a8:18:57:5b:4b:31:7b:9a:8d:ec:05:
         c2:1b:6d:eb:12:30:17:91:a4:0a:24:15:02:dc:07:ce:15:8a:
         b9:47:32:24:6f:95:1f:9c:45:df:04:47:31:57:3d:6c:04:b0:
         b5:4b:f9:0a:2a:c0:4e:b0:c5:c6:82:09:f2:1b:52:da:75:6e:
         9a:ac:0d:ac:57:1d:bd:73:51:90:d0:cb:7d:19:e4:30:22:5a:
         41:9e:ff:ee:6e:87:c5:ee:38:d6:02:22:73:97:76:7e:44:0b:
         3f:c7:70:4b:ee:79:98:72:36:6c:9b:0f:6a:e5:50:ae:16:98:
         00:78:02:04:a1:4d:f5:c3:63:92:72:eb:a1:64:2e:f1:ef:75:
         51:c6:4e:af:ed:ad:88:6b:db:c0:b2:53:1f:07:c6:08:7e:f5:
         75:4a:2a:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EATkl2AVqb59OF1sOapCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUxMDE5MjAwMTI2WhcNMjUxMDIwMjAwMTI2WjAzMTEwLwYDVQQD
EyhiYzI0YTg5ZmQyNDkxNDk4ZWFlMjk1MDBjNmU4YWM5OTFhMzM3MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP/ViptoOO3eIe3K2/zDzw1Kvk3J
bzOYIr6ALqnZFcUkxe734WhKTkLROixaUvVN9df8ndtoD+akA/ca6WyMwHB1RTEj
II5GiQ483kTzkDd6X1YvXaXQzdUMzAd8OCHEAhkIFB5WUJjDzX6PiRXF/NS5RASy
+zsceZbQnP58qRa3K39ZDISQLNAWhkp35Ss0meYmgZGmepKeXtJrSRgd0lyg0++2
0OBvceYRXFBXOumWtvo3sagf8emhFBHuNgJNhoEuM2X6EAm1azXAhg1oKCXhZSV8
zdCoVtOB8rX3BkQCz6YL8uIpsAOFGG8uyLm7FmUs3ySQ8r9Z293mxxuTnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwkqJ/SSRSY6uKVAMborJkaM3IKMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrkj3ulT
KJnFdx1tyr5nYK1hjLavEsvnSXJ9IWEmtIma1Lf04kDfkOzeDEFW5eE3KIqTnx64
l72dA9yzhW9AmlX7zDSeZKj1tMpp+8qd6TxiSd3W7x3X9Tso6GQTDhieaagYV1tL
MXuajewFwhtt6xIwF5GkCiQVAtwHzhWKuUcyJG+VH5xF3wRHMVc9bASwtUv5CirA
TrDFxoIJ8htS2nVumqwNrFcdvXNRkNDLfRnkMCJaQZ7/7m6Hxe441gIic5d2fkQL
P8dwS+55mHI2bJsPauVQrhaYAHgCBKFN9cNjknLroWQu8e91UcZOr+2tiGvbwLJT
HwfGCH71dUoqWQ==
-----END CERTIFICATE-----