Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          vBpCWSh2BMPfRUVlu2NBDfuQLgL66eFH/HKAe+099BE=
Subject key identifier:   8B:AD:F6:33:C1:95:23:09:EF:BD:85:B5:B5:99:A5:7B:88:2F:99:CC
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       0196D4E3EDDFEA9A131711428262E7EAFEE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          048C
Signing time:             Thu 15 May 2025 17:00:29 +0000
Manifest this update:     Thu 15 May 2025 17:00:29 +0000
Manifest next update:     Fri 16 May 2025 17:00:29 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: ou5RDDn333seBdhjqKpKYRoQKXL4iEAnW/Z6MQka5lQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 14:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d4:e3:ed:df:ea:9a:13:17:11:42:82:62:e7:ea:fe:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: May 15 17:00:29 2025 GMT
            Not After : May 16 17:00:29 2025 GMT
        Subject: CN=8badf633c1952309efbd85b5b599a57b882f99cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:79:1c:92:bc:35:8e:aa:8d:c3:f7:c9:b4:6a:
                    71:c6:a5:59:1b:5e:cd:ad:2c:2b:3d:78:26:fd:81:
                    38:39:8b:cc:65:32:e5:1a:90:e9:11:6c:33:e3:df:
                    41:77:23:da:42:57:ec:68:c4:66:38:f1:56:0a:92:
                    09:b9:e4:74:0c:44:5f:aa:f7:31:c1:ce:24:41:3a:
                    f2:d7:fa:e9:a9:90:4b:18:04:ae:15:94:59:f5:7c:
                    57:b9:93:a4:56:8f:32:12:83:0c:76:e0:b6:e6:f6:
                    ef:3d:f3:67:10:2b:a2:25:a7:15:f7:fd:4c:ef:53:
                    7b:c9:79:1f:11:48:46:a7:41:ec:fa:0c:17:b6:96:
                    71:93:27:8e:44:02:ad:2b:0d:92:43:35:00:eb:54:
                    a8:e3:af:3f:d7:fd:78:62:de:6c:fa:37:37:99:2d:
                    80:52:3d:1e:7b:d0:02:6f:bb:5b:20:48:5e:a6:65:
                    99:d1:4b:6e:9c:97:40:61:47:c7:39:f3:4b:23:e7:
                    b2:11:ed:7f:78:54:e9:2a:45:02:b5:8f:9d:89:a2:
                    3e:0a:3b:90:05:02:3a:be:88:a2:f9:59:b8:ed:4b:
                    12:d1:60:7b:22:fd:40:10:5b:c2:09:1e:f0:bf:0a:
                    84:89:5c:d5:8e:9e:ca:ea:18:60:f3:9d:f4:19:dc:
                    85:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:AD:F6:33:C1:95:23:09:EF:BD:85:B5:B5:99:A5:7B:88:2F:99:CC
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:89:bd:b2:56:33:f3:2b:4a:ce:5b:3b:83:8a:03:75:23:2b:
         84:55:9c:18:54:f1:8e:b3:dc:d0:94:b2:6f:53:c0:ed:bc:98:
         76:7b:c5:b1:72:af:a1:c5:19:e6:09:b9:df:9c:81:36:0e:76:
         46:8f:05:ef:78:fc:94:eb:46:a7:bb:03:ba:8f:54:20:a4:31:
         ed:03:dd:48:3a:ef:3a:da:28:a2:66:ed:1b:ee:21:cb:12:49:
         47:48:93:7c:46:df:26:e1:e5:91:d4:61:48:9f:af:ae:97:bb:
         5d:d0:ae:fd:e4:fb:ff:9e:de:e2:19:ba:dc:e7:e2:9f:b2:aa:
         61:86:19:9d:c0:ec:e7:88:4a:b2:0b:8e:1e:34:ff:98:81:de:
         1a:63:7a:d7:59:33:89:68:a4:d8:06:58:df:6a:06:27:ee:1e:
         a0:fe:64:43:0c:e6:0f:2e:ca:b1:ba:3c:a7:7e:b5:2f:39:75:
         89:32:d1:7b:28:c7:80:75:15:df:a9:33:9d:47:3f:28:49:37:
         9c:29:fe:d0:d3:bd:32:5a:78:13:58:75:f9:9b:6c:74:a4:5b:
         45:25:b5:c7:78:57:c4:a5:12:2c:43:bc:cf:bd:ce:59:c1:11:
         88:e4:1e:42:d9:39:e0:a9:23:91:08:d4:26:52:86:e3:7e:03:
         d4:a3:ac:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbU4+3f6poTFxFCgmLn6v7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwNTE1MTcwMDI5WhcNMjUwNTE2MTcwMDI5WjAzMTEwLwYDVQQD
Eyg4YmFkZjYzM2MxOTUyMzA5ZWZiZDg1YjViNTk5YTU3Yjg4MmY5OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHkckrw1jqqNw/fJtGpxxqVZG17N
rSwrPXgm/YE4OYvMZTLlGpDpEWwz499BdyPaQlfsaMRmOPFWCpIJueR0DERfqvcx
wc4kQTry1/rpqZBLGASuFZRZ9XxXuZOkVo8yEoMMduC25vbvPfNnECuiJacV9/1M
71N7yXkfEUhGp0Hs+gwXtpZxkyeORAKtKw2SQzUA61So468/1/14Yt5s+jc3mS2A
Uj0ee9ACb7tbIEhepmWZ0UtunJdAYUfHOfNLI+eyEe1/eFTpKkUCtY+diaI+CjuQ
BQI6voii+Vm47UsS0WB7Iv1AEFvCCR7wvwqEiVzVjp7K6hhg8530GdyF0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIut9jPBlSMJ772FtbWZpXuIL5nMMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVom9slYz
8ytKzls7g4oDdSMrhFWcGFTxjrPc0JSyb1PA7byYdnvFsXKvocUZ5gm535yBNg52
Ro8F73j8lOtGp7sDuo9UIKQx7QPdSDrvOtooombtG+4hyxJJR0iTfEbfJuHlkdRh
SJ+vrpe7XdCu/eT7/57e4hm63Ofin7KqYYYZncDs54hKsguOHjT/mIHeGmN611kz
iWik2AZY32oGJ+4eoP5kQwzmDy7Ksbo8p361Lzl1iTLReyjHgHUV36kznUc/KEk3
nCn+0NO9Mlp4E1h1+ZtsdKRbRSW1x3hXxKUSLEO8z73OWcERiOQeQtk54KkjkQjU
JlKG434D1KOskw==
-----END CERTIFICATE-----