Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          u1VE3+IZvTZB/Y2/Qv5A/YxVgPPYPg6+DtqyoHmlIjM=
Subject key identifier:   58:16:57:00:2A:2A:96:80:7E:3D:AB:CE:12:82:5D:26:73:D2:46:42
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       018F877F463F2C25B0E50376DE28907D44E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          C4
Signing time:             Fri 17 May 2024 17:00:16 +0000
Manifest this update:     Fri 17 May 2024 17:00:16 +0000
Manifest next update:     Sat 18 May 2024 17:00:16 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: ebDNsiHayh6FlRb8iHIvjl536dFs1HR0qaGZlkzZMgk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:7f:46:3f:2c:25:b0:e5:03:76:de:28:90:7d:44:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: May 17 17:00:16 2024 GMT
            Not After : May 18 17:00:16 2024 GMT
        Subject: CN=581657002a2a96807e3dabce12825d2673d24642
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c4:28:c1:3a:e3:7c:d5:22:f0:63:8f:85:66:
                    9c:b6:4b:de:a4:3b:db:11:1c:81:d7:3d:e2:5b:85:
                    bc:8e:f5:e5:f4:c8:cd:4b:89:93:b2:2c:66:40:2b:
                    8b:a6:1e:46:f1:5f:66:cb:d7:14:93:87:6c:01:c2:
                    bf:3b:bb:cf:0a:87:e3:d2:b2:c6:75:4f:3c:eb:ec:
                    40:51:ac:1f:27:11:cf:77:04:3e:3c:d3:1a:2b:07:
                    7d:b1:9e:84:ba:70:c7:f1:3e:ed:d6:f9:a0:a9:9e:
                    d1:c4:f8:64:fe:e0:0a:5d:2c:66:8c:bb:77:4e:37:
                    60:95:bb:6d:0c:2f:9b:67:91:0b:6a:28:ad:52:59:
                    11:e1:75:83:e5:aa:99:e9:62:2d:ff:81:c0:c5:a6:
                    4f:42:5c:e6:b3:c4:9c:47:45:c4:16:ef:e0:58:0b:
                    9a:25:86:03:f2:8c:9c:32:7e:cf:e7:e9:4a:93:d3:
                    72:ed:ee:5a:1d:64:f1:0b:f5:34:04:09:61:78:aa:
                    66:c5:95:24:48:5f:23:91:d6:35:0b:ba:2d:75:c6:
                    24:aa:10:00:93:af:30:57:7f:19:ef:3c:4d:4c:7d:
                    24:18:32:f5:c5:71:62:db:03:ed:a5:42:be:ee:ed:
                    91:52:8f:2d:3a:da:0a:a2:a0:34:b9:43:d2:13:fa:
                    3a:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:16:57:00:2A:2A:96:80:7E:3D:AB:CE:12:82:5D:26:73:D2:46:42
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:8a:7f:03:80:db:ee:f0:f9:28:69:b6:9b:f2:79:bc:0e:77:
         a9:9e:e9:f0:fd:3e:bd:11:a8:f4:3f:62:7d:f0:19:3e:8b:d9:
         c8:f5:f1:de:9c:cb:d8:08:b0:6f:d8:96:e3:3e:f3:7b:ae:2c:
         96:e8:c7:b3:4a:e6:ff:e1:f9:7b:51:ba:65:55:9d:60:f2:3c:
         52:f4:08:a8:d7:b6:fc:c7:f6:78:97:17:ce:41:ce:04:c5:77:
         66:9a:b0:3d:cd:da:c7:ca:31:16:da:4a:2c:88:b1:56:3c:f4:
         f5:1a:d0:cf:39:a7:9f:51:71:f7:fc:97:03:3a:05:88:28:f7:
         74:fa:f5:44:9e:b9:e3:e4:39:39:1a:49:52:d7:71:08:7d:17:
         08:0f:45:16:2f:f1:4d:d3:46:8d:65:a7:86:e5:d3:c8:a7:ad:
         b1:51:23:73:9d:4a:71:3e:b3:d8:ed:ff:e5:51:bc:46:48:ee:
         84:64:5d:10:90:4e:fd:f0:0c:76:83:3e:00:05:ee:a1:00:6f:
         d7:59:a9:ac:9f:bd:92:fb:53:64:b1:8f:bc:23:bd:0f:13:66:
         b2:33:16:80:d8:04:e1:f9:1f:32:bc:8e:e3:0f:bf:89:31:3b:
         f5:5d:23:4e:32:3f:d8:15:f2:aa:5d:d9:59:d1:00:75:40:f0:
         5d:b8:97:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hf0Y/LCWw5QN23iiQfUTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjQwNTE3MTcwMDE2WhcNMjQwNTE4MTcwMDE2WjAzMTEwLwYDVQQD
Eyg1ODE2NTcwMDJhMmE5NjgwN2UzZGFiY2UxMjgyNWQyNjczZDI0NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcQowTrjfNUi8GOPhWactkvepDvb
ERyB1z3iW4W8jvXl9MjNS4mTsixmQCuLph5G8V9my9cUk4dsAcK/O7vPCofj0rLG
dU886+xAUawfJxHPdwQ+PNMaKwd9sZ6EunDH8T7t1vmgqZ7RxPhk/uAKXSxmjLt3
TjdglbttDC+bZ5ELaiitUlkR4XWD5aqZ6WIt/4HAxaZPQlzms8ScR0XEFu/gWAua
JYYD8oycMn7P5+lKk9Ny7e5aHWTxC/U0BAlheKpmxZUkSF8jkdY1C7otdcYkqhAA
k68wV38Z7zxNTH0kGDL1xXFi2wPtpUK+7u2RUo8tOtoKoqA0uUPSE/o62wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgWVwAqKpaAfj2rzhKCXSZz0kZCMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQYp/A4Db
7vD5KGm2m/J5vA53qZ7p8P0+vRGo9D9iffAZPovZyPXx3pzL2Aiwb9iW4z7ze64s
lujHs0rm/+H5e1G6ZVWdYPI8UvQIqNe2/Mf2eJcXzkHOBMV3ZpqwPc3ax8oxFtpK
LIixVjz09RrQzzmnn1Fx9/yXAzoFiCj3dPr1RJ654+Q5ORpJUtdxCH0XCA9FFi/x
TdNGjWWnhuXTyKetsVEjc51KcT6z2O3/5VG8RkjuhGRdEJBO/fAMdoM+AAXuoQBv
11mprJ+9kvtTZLGPvCO9DxNmsjMWgNgE4fkfMryO4w+/iTE79V0jTjI/2BXyql3Z
WdEAdUDwXbiXlg==
-----END CERTIFICATE-----