Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          O8GXYIIf4TPRzKaRk8N26V6LxfXn4AkPAm++xWkwgzs=
Subject key identifier:   57:11:85:AC:F8:88:1D:7F:85:70:87:90:00:44:98:D2:9C:ED:D3:44
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       0198D4A797241C61FAC0B136143AB8C9C873
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          0595
Signing time:             Sat 23 Aug 2025 02:00:09 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:09 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:09 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: SLlSQb1dKZ89Iu8sMfjtgOU6ZH8qFZQMKTL33Ko72Qw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:97:24:1c:61:fa:c0:b1:36:14:3a:b8:c9:c8:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Aug 23 02:00:09 2025 GMT
            Not After : Aug 24 02:00:09 2025 GMT
        Subject: CN=571185acf8881d7f85708790004498d29cedd344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:1c:23:77:87:e4:93:95:02:1e:cb:71:bd:58:
                    e2:a7:5a:07:22:2e:92:35:ed:0d:d8:57:dd:ee:41:
                    64:8d:23:71:55:51:54:1e:13:26:92:e9:75:38:bb:
                    e7:78:8f:4f:3e:40:0e:69:e2:69:5a:d6:06:80:4b:
                    99:72:35:6c:38:52:f5:fe:3b:35:fd:84:23:2d:e0:
                    5b:e0:db:61:44:3d:91:30:5f:7d:31:7b:37:61:8f:
                    61:30:bd:2e:f0:47:c5:52:f1:90:eb:95:86:4c:e5:
                    f5:c8:3f:04:35:66:35:94:63:b2:38:bb:aa:65:23:
                    8e:9d:85:46:5b:c4:26:63:95:62:01:9e:cc:9b:30:
                    c7:23:99:28:03:72:26:f9:1c:41:46:82:2a:69:e7:
                    35:ae:e1:f0:81:17:87:f0:cc:0f:4e:fe:90:75:2e:
                    0b:a0:96:c6:91:48:26:7d:ae:c1:b7:19:d7:e5:f6:
                    1f:33:b6:18:2e:75:cc:77:9f:ab:d8:2a:a0:69:f0:
                    55:64:43:2f:27:4f:c0:e5:dc:2e:65:f2:cf:ef:d0:
                    e0:f7:41:b2:81:19:56:9f:26:32:a5:70:53:88:81:
                    d2:ff:67:7f:0a:7d:13:61:be:14:30:ac:07:03:2d:
                    42:ee:d9:1f:9d:7c:5c:c9:14:5c:d6:97:8e:b3:0f:
                    00:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:11:85:AC:F8:88:1D:7F:85:70:87:90:00:44:98:D2:9C:ED:D3:44
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:6b:36:69:94:9b:3c:2b:58:34:94:35:b8:5e:87:4d:ae:fd:
         04:43:29:4d:81:13:c2:68:d5:8a:3b:a4:1b:b3:28:6a:03:5c:
         cf:2d:48:d9:0e:b4:f2:81:5b:bb:79:e2:ab:0a:25:b5:c9:f4:
         0f:15:a0:8f:ff:9c:d9:79:b1:04:43:6d:1b:ab:29:d3:d0:5c:
         dd:82:fc:7b:af:4c:65:cf:3e:fe:9a:50:00:d3:3b:28:e7:eb:
         42:76:73:02:32:e3:2a:f6:53:b9:49:af:61:16:34:fc:2b:43:
         b7:bc:ab:3d:1c:3f:c0:8c:27:91:b4:bb:65:3b:37:32:66:79:
         63:c5:a5:85:42:f2:b1:9b:60:61:1c:06:b6:68:05:84:57:fc:
         2c:f9:72:3e:40:a3:bc:ac:84:8c:15:82:42:3b:42:00:88:ce:
         a7:43:cf:5c:61:1d:07:57:fa:83:4f:d1:d2:c0:fa:59:07:d8:
         c0:a5:cc:63:28:58:37:e8:14:ed:ea:de:58:2d:cd:f7:35:c5:
         e1:f5:12:33:0c:82:46:0e:22:66:87:2d:38:0f:fe:7c:0a:50:
         1f:8e:e2:40:2e:9e:dc:86:c9:87:3e:f9:ea:41:ab:3f:da:6c:
         d8:f6:34:62:b3:27:f1:2c:31:fa:73:59:9f:26:dc:9b:8b:ca:
         8b:c0:2c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp5ckHGH6wLE2FDq4ychzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwODIzMDIwMDA5WhcNMjUwODI0MDIwMDA5WjAzMTEwLwYDVQQD
Eyg1NzExODVhY2Y4ODgxZDdmODU3MDg3OTAwMDQ0OThkMjljZWRkMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxwjd4fkk5UCHstxvVjip1oHIi6S
Ne0N2Ffd7kFkjSNxVVFUHhMmkul1OLvneI9PPkAOaeJpWtYGgEuZcjVsOFL1/js1
/YQjLeBb4NthRD2RMF99MXs3YY9hML0u8EfFUvGQ65WGTOX1yD8ENWY1lGOyOLuq
ZSOOnYVGW8QmY5ViAZ7MmzDHI5koA3Im+RxBRoIqaec1ruHwgReH8MwPTv6QdS4L
oJbGkUgmfa7BtxnX5fYfM7YYLnXMd5+r2CqgafBVZEMvJ0/A5dwuZfLP79Dg90Gy
gRlWnyYypXBTiIHS/2d/Cn0TYb4UMKwHAy1C7tkfnXxcyRRc1peOsw8AEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcRhaz4iB1/hXCHkABEmNKc7dNEMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT2s2aZSb
PCtYNJQ1uF6HTa79BEMpTYETwmjVijukG7MoagNczy1I2Q608oFbu3niqwoltcn0
DxWgj/+c2XmxBENtG6sp09Bc3YL8e69MZc8+/ppQANM7KOfrQnZzAjLjKvZTuUmv
YRY0/CtDt7yrPRw/wIwnkbS7ZTs3MmZ5Y8WlhULysZtgYRwGtmgFhFf8LPlyPkCj
vKyEjBWCQjtCAIjOp0PPXGEdB1f6g0/R0sD6WQfYwKXMYyhYN+gU7ereWC3N9zXF
4fUSMwyCRg4iZoctOA/+fApQH47iQC6e3IbJhz756kGrP9ps2PY0YrMn8Swx+nNZ
nybcm4vKi8As6g==
-----END CERTIFICATE-----