Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          NLAoPxPSEj4ol03bENk13BEs9045glFowAKZW+l32Ug=
Subject key identifier:   4D:F4:9B:97:E0:AE:31:73:88:A4:F3:A7:61:7B:DA:CC:11:39:55:34
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019510FE2A565ED4E66BE2C22D20C530D876
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          03A2
Signing time:             Sun 16 Feb 2025 23:00:47 +0000
Manifest this update:     Sun 16 Feb 2025 23:00:47 +0000
Manifest next update:     Mon 17 Feb 2025 23:00:47 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: RVtnds7qYMQMJPmEG0mWHZUm2UyU68gt2Suwa8toQ/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:fe:2a:56:5e:d4:e6:6b:e2:c2:2d:20:c5:30:d8:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Feb 16 23:00:47 2025 GMT
            Not After : Feb 17 23:00:47 2025 GMT
        Subject: CN=4df49b97e0ae317388a4f3a7617bdacc11395534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:94:66:74:08:3d:a7:78:0e:08:77:0d:0b:a3:
                    0e:9e:e3:8a:12:ff:59:38:68:73:2c:ac:74:9a:1f:
                    7b:04:d3:92:00:4a:77:e9:79:2d:32:fd:ee:cb:83:
                    6c:0e:02:fe:13:a4:26:7e:f7:8f:a4:76:37:5f:bf:
                    b5:60:9a:e1:eb:85:f3:12:b6:01:00:3b:dc:9a:6e:
                    7d:2f:2a:64:a5:85:47:e4:2e:e4:1a:ee:1b:04:29:
                    53:7f:c1:b7:0a:8e:c9:f3:2b:98:f9:5f:5f:01:71:
                    67:8c:03:3b:c2:20:02:0b:ce:32:05:c1:6c:9d:15:
                    23:42:32:ba:c8:3f:f1:61:4e:0d:9b:51:71:4d:40:
                    5f:f0:42:81:56:9e:d0:ba:14:30:b5:93:9e:8b:41:
                    05:b5:57:a9:8f:f2:14:5a:bc:14:d7:84:74:f3:9f:
                    b1:37:b8:69:92:db:a8:5f:fb:d9:34:31:45:6b:a5:
                    01:4d:09:93:c0:c4:0c:5a:80:a6:93:60:9e:99:db:
                    fa:37:8f:a9:20:87:bd:94:88:f9:17:fa:21:80:a6:
                    c2:6d:6b:63:70:e6:43:51:9f:1f:4f:19:bd:82:f3:
                    2c:8b:2b:82:fe:5d:48:61:10:2b:92:cb:88:c8:1c:
                    18:2c:40:58:38:ef:54:91:63:f8:da:b2:61:bf:33:
                    82:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:F4:9B:97:E0:AE:31:73:88:A4:F3:A7:61:7B:DA:CC:11:39:55:34
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:22:55:de:54:91:67:e8:8a:62:21:57:6a:70:32:6d:81:06:
         a6:ef:6e:09:99:87:e5:2e:73:d0:5b:15:9e:70:20:8e:fb:83:
         55:4a:9a:13:ae:5a:fb:0e:19:86:c2:f0:53:54:61:9d:4d:b9:
         ae:5e:be:57:c1:1e:89:6c:9a:23:17:e3:20:c2:e2:45:dd:9b:
         0f:58:d9:29:17:c7:8e:bd:27:33:ed:77:31:c7:ba:61:32:44:
         59:9c:ef:ed:0f:5c:63:65:65:a3:47:0a:01:24:fa:26:7e:65:
         e9:ea:47:ae:c1:04:6f:7b:90:2a:aa:58:5d:e4:d5:12:89:28:
         6a:bc:45:c6:a4:08:0f:67:c9:31:cd:dc:57:22:01:fb:a8:24:
         b2:41:77:fa:87:f4:3f:da:82:f7:4f:6a:45:a1:b5:30:bb:fd:
         24:f4:9b:4b:9d:15:2f:9d:65:c3:20:19:99:e0:e7:76:a0:94:
         87:a1:6b:6a:4e:e7:c8:8a:36:2f:5f:92:19:ec:1a:3b:9b:15:
         d8:1b:6b:3f:3a:22:f2:e8:3f:a5:4b:4e:07:7e:09:d4:64:de:
         21:ac:5d:c4:c9:e1:c0:8d:c8:af:04:4a:32:dc:59:21:58:44:
         66:43:35:8d:28:bf:75:a3:cd:a1:76:e2:c6:0b:df:0f:59:e4:
         6a:d5:af:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQ/ipWXtTma+LCLSDFMNh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwMjE2MjMwMDQ3WhcNMjUwMjE3MjMwMDQ3WjAzMTEwLwYDVQQD
Eyg0ZGY0OWI5N2UwYWUzMTczODhhNGYzYTc2MTdiZGFjYzExMzk1NTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZRmdAg9p3gOCHcNC6MOnuOKEv9Z
OGhzLKx0mh97BNOSAEp36XktMv3uy4NsDgL+E6QmfvePpHY3X7+1YJrh64XzErYB
ADvcmm59LypkpYVH5C7kGu4bBClTf8G3Co7J8yuY+V9fAXFnjAM7wiACC84yBcFs
nRUjQjK6yD/xYU4Nm1FxTUBf8EKBVp7QuhQwtZOei0EFtVepj/IUWrwU14R085+x
N7hpktuoX/vZNDFFa6UBTQmTwMQMWoCmk2Cemdv6N4+pIIe9lIj5F/ohgKbCbWtj
cOZDUZ8fTxm9gvMsiyuC/l1IYRArksuIyBwYLEBYOO9UkWP42rJhvzOCjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE30m5fgrjFziKTzp2F72swROVU0MB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwyJV3lSR
Z+iKYiFXanAybYEGpu9uCZmH5S5z0FsVnnAgjvuDVUqaE65a+w4ZhsLwU1RhnU25
rl6+V8EeiWyaIxfjIMLiRd2bD1jZKRfHjr0nM+13Mce6YTJEWZzv7Q9cY2Vlo0cK
AST6Jn5l6epHrsEEb3uQKqpYXeTVEokoarxFxqQID2fJMc3cVyIB+6gkskF3+of0
P9qC909qRaG1MLv9JPSbS50VL51lwyAZmeDndqCUh6Frak7nyIo2L1+SGewaO5sV
2BtrPzoi8ug/pUtOB34J1GTeIaxdxMnhwI3IrwRKMtxZIVhEZkM1jSi/daPNoXbi
xgvfD1nkatWvzw==
-----END CERTIFICATE-----