Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          SlIM+Mn7Ne7i/UOJwUe+fj7H1v/8lF6qQW06Ri2fTco=
Subject key identifier:   45:C5:CF:0F:12:1B:DE:68:59:CF:24:82:FC:AC:91:ED:A2:84:5F:CD
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       01958C973662DEFF0BA846BF659842439391
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          03E2
Signing time:             Wed 12 Mar 2025 23:01:14 +0000
Manifest this update:     Wed 12 Mar 2025 23:01:14 +0000
Manifest next update:     Thu 13 Mar 2025 23:01:14 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: T+UVUv/PHEq6VwPiF+f3CGqKcqIL/uN4aLJ/YVUogck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:97:36:62:de:ff:0b:a8:46:bf:65:98:42:43:93:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Mar 12 23:01:14 2025 GMT
            Not After : Mar 13 23:01:14 2025 GMT
        Subject: CN=45c5cf0f121bde6859cf2482fcac91eda2845fcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f7:07:ad:e4:07:66:40:20:7b:49:f5:27:19:
                    12:d1:bd:73:ea:54:f6:5f:c2:67:e4:67:8b:5e:8e:
                    6c:a3:33:dc:47:b4:6f:bb:41:8a:d6:28:78:7c:55:
                    23:f2:ae:30:c6:cc:2a:82:c0:44:79:69:02:51:f8:
                    43:a6:01:b5:23:63:30:0d:04:d8:93:ca:0e:03:68:
                    b7:6e:22:19:81:ca:6c:92:47:c6:ce:37:59:4f:97:
                    d1:2f:a5:db:5a:03:47:e6:ae:53:9e:5c:69:3e:85:
                    9b:9b:69:c8:ae:75:f7:18:a9:ca:d0:c5:ce:7e:d2:
                    6e:16:c7:a7:5d:1b:e6:9b:bc:d1:04:58:dc:37:23:
                    75:c8:e3:8b:ce:fb:9e:87:f0:81:70:4b:e3:76:c1:
                    3e:b0:a4:bf:1b:d2:d5:ad:0c:b5:e4:2b:2d:f6:03:
                    b6:e1:01:42:35:db:fd:dd:ca:ce:bf:f7:07:69:dc:
                    c8:04:9c:99:62:7d:02:c6:46:bc:e1:13:54:d4:52:
                    77:44:be:82:31:4a:49:27:64:12:8a:69:d3:ba:7d:
                    59:9d:2f:d6:87:f5:fb:51:1a:c8:83:51:6b:3e:b3:
                    82:d4:40:85:60:2b:d1:f4:da:4a:e4:5e:19:14:58:
                    95:7e:98:16:b8:e9:04:ef:1c:22:0a:43:06:8a:03:
                    b2:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:C5:CF:0F:12:1B:DE:68:59:CF:24:82:FC:AC:91:ED:A2:84:5F:CD
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:78:db:83:1a:a0:da:21:1f:1e:6b:5a:f0:dc:f0:3d:66:eb:
         7b:7c:ac:72:54:37:8f:0c:7f:24:dc:f4:fb:1e:10:02:27:04:
         29:5c:0d:58:d6:dd:2e:dc:7b:fb:65:0f:7c:db:05:bc:91:21:
         c7:8c:c2:c0:62:cd:a9:05:63:74:5e:85:d5:f4:f7:a6:fd:a1:
         b7:37:05:c2:e7:3e:55:91:47:47:67:16:92:79:3d:07:95:a1:
         d5:04:3d:e5:20:10:72:4e:a6:81:e1:5b:5f:70:18:e9:98:22:
         0c:ea:b7:d7:83:7d:b1:bb:f9:70:f0:9a:26:2d:0f:9d:1d:44:
         27:d9:95:e6:c7:fa:96:54:82:2f:cb:4d:c8:e1:cd:24:90:69:
         a5:da:21:e9:34:6c:f8:06:f8:5b:4d:d4:32:19:6a:67:4d:68:
         21:09:96:af:4c:a5:bd:65:8d:c9:0c:d6:37:48:94:39:cf:34:
         4b:08:a6:5a:f1:30:f9:15:ea:4b:52:f8:33:ed:ca:1d:bc:71:
         85:19:14:ec:c9:8c:01:a3:da:6d:56:57:11:08:21:01:81:31:
         a5:a6:ab:57:7e:94:b6:44:ba:ba:6a:32:7b:80:5b:9f:34:2f:
         55:6b:18:1a:75:1a:bc:51:cd:8b:fd:f5:f3:92:7e:bb:44:7f:
         58:c8:b4:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMlzZi3v8LqEa/ZZhCQ5ORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjUwMzEyMjMwMTE0WhcNMjUwMzEzMjMwMTE0WjAzMTEwLwYDVQQD
Eyg0NWM1Y2YwZjEyMWJkZTY4NTljZjI0ODJmY2FjOTFlZGEyODQ1ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PcHreQHZkAge0n1JxkS0b1z6lT2
X8Jn5GeLXo5sozPcR7Rvu0GK1ih4fFUj8q4wxswqgsBEeWkCUfhDpgG1I2MwDQTY
k8oOA2i3biIZgcpskkfGzjdZT5fRL6XbWgNH5q5TnlxpPoWbm2nIrnX3GKnK0MXO
ftJuFsenXRvmm7zRBFjcNyN1yOOLzvueh/CBcEvjdsE+sKS/G9LVrQy15Cst9gO2
4QFCNdv93crOv/cHadzIBJyZYn0Cxka84RNU1FJ3RL6CMUpJJ2QSimnTun1ZnS/W
h/X7URrIg1FrPrOC1ECFYCvR9NpK5F4ZFFiVfpgWuOkE7xwiCkMGigOyMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXFzw8SG95oWc8kgvyske2ihF/NMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAHjbgxqg
2iEfHmta8NzwPWbre3ysclQ3jwx/JNz0+x4QAicEKVwNWNbdLtx7+2UPfNsFvJEh
x4zCwGLNqQVjdF6F1fT3pv2htzcFwuc+VZFHR2cWknk9B5Wh1QQ95SAQck6mgeFb
X3AY6ZgiDOq314N9sbv5cPCaJi0PnR1EJ9mV5sf6llSCL8tNyOHNJJBppdoh6TRs
+Ab4W03UMhlqZ01oIQmWr0ylvWWNyQzWN0iUOc80SwimWvEw+RXqS1L4M+3KHbxx
hRkU7MmMAaPabVZXEQghAYExpaarV36UtkS6umoye4BbnzQvVWsYGnUavFHNi/31
85J+u0R/WMi03g==
-----END CERTIFICATE-----