Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          8afBdsseHJ3h6D+pRPUVGlSFAXDsdHh5kUJEE+shqko=
Subject key identifier:   A6:AE:C9:C1:5C:49:41:5B:CC:7F:61:63:2B:A3:D7:69:6B:D6:82:9F
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019A71EE96DA05438CA89374693F3727E0E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          066B
Signing time:             Tue 11 Nov 2025 08:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:52 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: PSAtHgh1GI/5sW19sQirz3pWMfBefv2oEzHUUTPJql4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:96:da:05:43:8c:a8:93:74:69:3f:37:27:e0:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Nov 11 08:00:52 2025 GMT
            Not After : Nov 12 08:00:52 2025 GMT
        Subject: CN=a6aec9c15c49415bcc7f61632ba3d7696bd6829f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d6:6f:30:7d:0b:31:26:fc:57:a7:fe:f4:18:
                    6e:a8:6f:5e:42:79:60:a9:6e:2d:71:0d:ef:da:81:
                    b1:11:96:10:22:62:ac:cd:e0:12:7c:20:3b:cc:2a:
                    c2:1b:a1:8a:a4:d5:a2:fb:76:7e:00:a8:a5:94:9e:
                    7e:f9:25:21:61:57:5c:74:26:e6:fc:82:6d:e4:41:
                    04:89:12:37:10:76:b1:af:6f:a3:0f:05:0c:92:1d:
                    72:c8:2f:89:d3:5d:fc:34:07:10:11:63:38:a5:f2:
                    62:9d:bf:4e:ba:46:60:5d:4d:69:34:73:7b:ea:3c:
                    d6:9f:a8:93:d5:4c:0e:34:af:00:1e:e1:ad:bd:96:
                    4b:d6:6d:8e:54:cf:e8:4e:eb:f1:70:e7:fa:fa:92:
                    4a:dd:3a:3a:3d:e5:33:c0:bb:4f:2a:bd:15:67:2b:
                    a4:62:31:60:5b:5f:5f:23:cc:7c:eb:44:0a:d9:1a:
                    61:98:ac:60:2b:4e:bb:57:08:25:7d:b2:d5:53:58:
                    86:42:fd:46:03:af:a3:b0:f8:66:76:11:85:7c:9f:
                    fd:5f:87:11:b8:dc:3b:a7:bf:4b:45:e8:ab:96:2c:
                    32:fe:8a:55:12:cc:c2:b9:c3:a2:9c:5c:8c:a2:c3:
                    ff:73:2a:62:50:78:bb:2d:1e:36:55:26:36:fd:97:
                    89:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:AE:C9:C1:5C:49:41:5B:CC:7F:61:63:2B:A3:D7:69:6B:D6:82:9F
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:ae:bc:13:01:3f:1c:34:e7:1a:c4:fe:e4:49:38:6c:85:86:
         ce:e6:d0:49:53:c0:67:e6:a6:15:6c:d7:c3:8f:c9:fc:5f:ad:
         8a:e5:18:16:ae:98:be:93:05:64:f5:b0:5e:aa:23:f9:a7:31:
         e4:46:45:df:ed:cd:94:95:1e:34:14:3e:07:0d:8d:a6:76:de:
         58:dc:1a:a5:70:89:6b:ad:18:5a:1e:e7:e0:37:00:b2:d8:ec:
         36:d2:bb:d6:f1:56:5f:d2:61:e8:bc:1a:98:7c:76:22:d9:c1:
         d8:04:33:59:d6:ec:05:89:ea:6e:8f:88:c7:d3:7f:64:3e:16:
         bf:1d:a8:62:ba:bf:a7:87:48:d9:a4:f8:29:64:a0:47:1f:60:
         ba:d2:39:be:3e:cc:9e:b9:5d:95:0c:6a:e4:28:40:9e:db:77:
         28:fb:77:53:9d:77:ee:d0:e1:fc:18:fa:2b:af:93:cc:6c:28:
         30:07:b4:5d:a0:75:1b:c7:1f:97:37:80:8a:1a:3d:4d:f1:e5:
         57:88:44:b5:c6:43:81:d7:c5:c8:e8:74:69:7b:c4:5e:ff:d5:
         75:4f:57:18:9d:24:8f:f8:d2:20:bc:d5:d2:1a:db:8d:93:89:
         7f:c6:a5:8a:56:ae:61:9e:c1:2d:cc:b9:4b:fa:fc:7e:41:81:
         44:66:5d:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pbaBUOMqJN0aT83J+DoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EyhhNmFlYzljMTVjNDk0MTViY2M3ZjYxNjMyYmEzZDc2OTZiZDY4MjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNZvMH0LMSb8V6f+9BhuqG9eQnlg
qW4tcQ3v2oGxEZYQImKszeASfCA7zCrCG6GKpNWi+3Z+AKillJ5++SUhYVdcdCbm
/IJt5EEEiRI3EHaxr2+jDwUMkh1yyC+J0138NAcQEWM4pfJinb9OukZgXU1pNHN7
6jzWn6iT1UwONK8AHuGtvZZL1m2OVM/oTuvxcOf6+pJK3To6PeUzwLtPKr0VZyuk
YjFgW19fI8x860QK2RphmKxgK067VwglfbLVU1iGQv1GA6+jsPhmdhGFfJ/9X4cR
uNw7p79LReirliwy/opVEszCucOinFyMosP/cypiUHi7LR42VSY2/ZeJbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKauycFcSUFbzH9hYyuj12lr1oKfMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN668EwE/
HDTnGsT+5Ek4bIWGzubQSVPAZ+amFWzXw4/J/F+tiuUYFq6YvpMFZPWwXqoj+acx
5EZF3+3NlJUeNBQ+Bw2NpnbeWNwapXCJa60YWh7n4DcAstjsNtK71vFWX9Jh6Lwa
mHx2ItnB2AQzWdbsBYnqbo+Ix9N/ZD4Wvx2oYrq/p4dI2aT4KWSgRx9gutI5vj7M
nrldlQxq5ChAntt3KPt3U5137tDh/Bj6K6+TzGwoMAe0XaB1G8cflzeAiho9TfHl
V4hEtcZDgdfFyOh0aXvEXv/VdU9XGJ0kj/jSILzV0hrbjZOJf8alilauYZ7BLcy5
S/r8fkGBRGZdtw==
-----END CERTIFICATE-----