Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          3+PPxIjEgv0XJNyXp9bW/eVw9DBWcZiGPxiyl702jZQ=
Subject key identifier:   C7:05:38:8B:B1:6B:BA:F6:E0:51:09:92:0B:8A:23:DD:9F:27:35:34
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019923D5A44F381C5BB7646206B581386CD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          05BE
Signing time:             Sun 07 Sep 2025 11:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:27 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: 9aloZmt3LnfFnkr5B07nQg5H5q5b0TgBZYEotFReybI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d5:a4:4f:38:1c:5b:b7:64:62:06:b5:81:38:6c:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Sep  7 11:00:27 2025 GMT
            Not After : Sep  8 11:00:27 2025 GMT
        Subject: CN=c705388bb16bbaf6e05109920b8a23dd9f273534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:be:c2:ea:77:aa:07:8d:4c:54:c5:47:93:8a:
                    cf:4f:ea:72:af:3a:0b:2a:3f:be:dd:35:14:07:43:
                    0d:ce:fa:03:16:f4:32:b2:3e:33:94:20:d0:dc:5a:
                    26:ac:17:ed:3f:ff:28:38:27:9a:e3:63:56:88:8e:
                    4f:61:1f:09:79:00:bf:4b:ec:65:06:68:63:7d:98:
                    87:81:23:19:25:62:de:c1:d3:e3:46:a4:5c:ca:36:
                    75:3b:1e:a4:8c:a1:43:ea:f1:49:4b:0d:19:fc:c6:
                    fe:14:2a:51:fe:82:5e:b0:7b:1f:4c:34:5b:94:c6:
                    21:5e:3d:33:cf:46:98:56:e4:64:53:d7:60:1c:07:
                    93:22:b7:e4:93:f4:6e:3c:5b:a1:20:ec:4e:c8:33:
                    31:57:a0:d9:79:95:fd:44:0d:87:4d:03:a7:05:99:
                    e5:ea:95:6c:fd:f3:a2:50:52:e2:fd:bf:87:89:6a:
                    07:b6:1a:23:0a:b3:c5:87:ed:f7:cc:5d:46:5d:89:
                    f8:89:60:ac:23:69:65:05:04:b8:81:f8:1c:ff:d2:
                    c4:cc:82:73:d2:48:e1:86:9d:ee:ba:c7:67:ca:24:
                    de:31:fd:13:1a:74:88:75:a7:02:4c:3e:7d:e2:9c:
                    52:b5:62:23:b5:da:37:18:a2:1f:47:9c:54:3c:cb:
                    25:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:05:38:8B:B1:6B:BA:F6:E0:51:09:92:0B:8A:23:DD:9F:27:35:34
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:14:5a:b9:92:53:c8:58:4a:f1:60:6d:34:04:e9:cc:ba:72:
         81:20:bb:e9:c8:74:2b:23:02:95:87:cf:bf:0b:43:40:70:2c:
         40:ad:cc:30:7f:74:99:b2:c3:6e:6e:60:f6:b3:b6:b4:9b:a7:
         61:db:82:1c:66:aa:39:07:97:eb:76:59:72:4c:17:07:ea:cc:
         55:c2:65:0e:d5:92:62:69:34:58:ae:98:5c:92:c1:52:a5:ae:
         d7:ae:fd:9f:0b:2f:5c:20:73:9a:f7:6a:02:e2:d5:2b:b1:cb:
         41:9f:74:13:ca:d1:ea:44:74:2a:23:21:13:45:4d:df:e3:e7:
         27:9f:92:f8:20:ba:05:07:14:f2:e6:95:61:f8:99:f2:ad:b3:
         a1:b8:f4:96:5c:88:4c:7d:b8:b4:78:d5:29:8f:2a:78:43:79:
         15:f1:ce:4d:55:17:64:15:cb:cd:05:c1:1c:13:53:9f:86:d2:
         ab:23:09:69:d1:a1:67:29:1c:3e:a5:61:2e:ec:3a:da:03:42:
         aa:bf:9c:31:34:25:70:82:b2:ac:a2:ce:0a:6f:bf:57:c9:2f:
         3d:39:fb:ea:28:f0:53:ce:4f:32:04:2a:9d:b2:de:52:f3:ea:
         bc:68:e1:ea:9c:33:37:4c:f8:96:72:7d:2e:62:4a:14:a0:6f:
         9e:bd:c6:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1aRPOBxbt2RiBrWBOGzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwOTA3MTEwMDI3WhcNMjUwOTA4MTEwMDI3WjAzMTEwLwYDVQQD
EyhjNzA1Mzg4YmIxNmJiYWY2ZTA1MTA5OTIwYjhhMjNkZDlmMjczNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL7C6neqB41MVMVHk4rPT+pyrzoL
Kj++3TUUB0MNzvoDFvQysj4zlCDQ3FomrBftP/8oOCea42NWiI5PYR8JeQC/S+xl
BmhjfZiHgSMZJWLewdPjRqRcyjZ1Ox6kjKFD6vFJSw0Z/Mb+FCpR/oJesHsfTDRb
lMYhXj0zz0aYVuRkU9dgHAeTIrfkk/RuPFuhIOxOyDMxV6DZeZX9RA2HTQOnBZnl
6pVs/fOiUFLi/b+HiWoHthojCrPFh+33zF1GXYn4iWCsI2llBQS4gfgc/9LEzIJz
0kjhhp3uusdnyiTeMf0TGnSIdacCTD594pxStWIjtdo3GKIfR5xUPMslhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcFOIuxa7r24FEJkguKI92fJzU0MB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhRauZJT
yFhK8WBtNATpzLpygSC76ch0KyMClYfPvwtDQHAsQK3MMH90mbLDbm5g9rO2tJun
YduCHGaqOQeX63ZZckwXB+rMVcJlDtWSYmk0WK6YXJLBUqWu1679nwsvXCBzmvdq
AuLVK7HLQZ90E8rR6kR0KiMhE0VN3+PnJ5+S+CC6BQcU8uaVYfiZ8q2zobj0llyI
TH24tHjVKY8qeEN5FfHOTVUXZBXLzQXBHBNTn4bSqyMJadGhZykcPqVhLuw62gNC
qr+cMTQlcIKyrKLOCm+/V8kvPTn76ijwU85PMgQqnbLeUvPqvGjh6pwzN0z4lnJ9
LmJKFKBvnr3G0g==
-----END CERTIFICATE-----