Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          hkGQuSNy/zMjxna/odKWSfNUui/iGGcVf5kjwtU9XKQ=
Subject key identifier:   84:B8:08:C2:59:F4:E3:7A:97:63:BE:ED:81:4C:68:BD:2A:4B:4F:84
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       0199FBEBF47F03219BC8E45B0484B64D6620
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          150D
Signing time:             Sun 19 Oct 2025 10:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:48 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: yKfd4IoOOrxXb0/mutAyuorHFerY9i9CZ6A3xyq+7Z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:f4:7f:03:21:9b:c8:e4:5b:04:84:b6:4d:66:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Oct 19 10:02:48 2025 GMT
            Not After : Oct 20 10:02:48 2025 GMT
        Subject: CN=84b808c259f4e37a9763beed814c68bd2a4b4f84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:be:85:9b:f2:28:5f:9d:32:90:6b:42:01:de:
                    21:83:95:2b:4c:bf:12:33:4d:37:67:c4:f2:91:e1:
                    39:08:f6:34:d7:d5:e8:30:06:8c:3b:63:ba:90:e6:
                    a1:5b:64:78:ae:fc:93:4d:29:50:48:02:8b:89:92:
                    89:51:69:5d:38:93:d8:b4:5b:eb:9c:22:00:f7:9b:
                    22:60:cf:4c:e8:c6:84:1b:00:0a:e6:50:cf:20:67:
                    8e:2e:fa:5e:92:a8:49:1e:d0:a7:10:b5:7e:9c:2b:
                    c9:29:67:94:81:1d:fc:31:3f:17:71:33:d8:48:34:
                    02:2e:da:e5:c9:e8:0d:53:d5:b1:a0:b8:9a:f2:38:
                    c8:55:64:84:bd:5f:07:bb:04:2d:85:50:85:a1:f0:
                    be:4f:b5:f3:a0:c4:32:e7:20:f4:ca:11:78:3c:08:
                    19:fe:af:46:8b:51:b2:ba:7c:94:3e:c5:93:8b:c6:
                    1d:3b:df:9f:5b:98:e3:8a:47:fb:c8:9b:fb:37:0b:
                    1f:5c:1c:95:be:7c:01:de:f9:5f:b2:4a:52:dd:1b:
                    a3:ab:46:f7:9f:91:d0:e4:d9:a9:84:ec:ee:38:81:
                    51:ca:48:e7:92:f2:3a:e5:66:0c:3f:50:b1:e5:7e:
                    68:bf:2b:9a:00:db:a8:d8:e1:5c:f1:49:81:d3:82:
                    74:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B8:08:C2:59:F4:E3:7A:97:63:BE:ED:81:4C:68:BD:2A:4B:4F:84
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:77:d8:91:f6:6f:36:85:b7:ad:15:9d:52:5d:e8:4a:58:13:
         a9:6c:9b:2d:4a:c6:c2:9a:9b:79:ec:ed:72:b5:a8:a5:29:29:
         7f:55:94:7b:5f:65:3b:f6:33:67:40:72:0c:bd:f0:42:44:fb:
         3b:d6:9a:02:8c:1d:87:73:5a:74:e2:f8:43:20:4b:6d:20:20:
         e4:3d:72:88:5e:2b:2a:25:d6:c1:61:2f:07:9f:f7:86:3f:da:
         2b:81:a8:b3:41:30:15:3d:c2:da:97:53:b2:33:99:06:86:e0:
         b6:d5:ec:ac:44:e7:99:f5:62:35:f5:e2:a0:eb:ef:b8:ad:b1:
         b7:99:3c:db:48:ba:73:79:7a:f3:06:fc:e8:f4:5f:13:18:67:
         49:f1:7f:f4:fc:10:11:a6:da:68:f8:8e:4d:c2:5b:aa:d9:b3:
         d6:13:af:2a:49:69:56:b5:0d:15:3d:dc:41:72:6e:9d:a8:bb:
         88:c8:6c:1d:19:84:b3:ec:d5:38:1c:bd:0a:a4:7e:f3:d6:42:
         3e:29:77:75:05:9e:5e:e9:e9:bf:6a:5e:7d:9c:a4:4c:97:bc:
         90:be:ca:dd:8b:cf:3a:e4:e6:37:51:f6:78:da:c7:60:b0:76:
         92:8a:8d:a9:84:14:36:fe:46:b8:18:03:12:33:63:83:af:6b:
         4c:33:16:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/R/AyGbyORbBIS2TWYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUxMDE5MTAwMjQ4WhcNMjUxMDIwMTAwMjQ4WjAzMTEwLwYDVQQD
Eyg4NGI4MDhjMjU5ZjRlMzdhOTc2M2JlZWQ4MTRjNjhiZDJhNGI0Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo76Fm/IoX50ykGtCAd4hg5UrTL8S
M003Z8TykeE5CPY019XoMAaMO2O6kOahW2R4rvyTTSlQSAKLiZKJUWldOJPYtFvr
nCIA95siYM9M6MaEGwAK5lDPIGeOLvpekqhJHtCnELV+nCvJKWeUgR38MT8XcTPY
SDQCLtrlyegNU9WxoLia8jjIVWSEvV8HuwQthVCFofC+T7XzoMQy5yD0yhF4PAgZ
/q9Gi1GyunyUPsWTi8YdO9+fW5jjikf7yJv7NwsfXByVvnwB3vlfskpS3Rujq0b3
n5HQ5NmphOzuOIFRykjnkvI65WYMP1Cx5X5ovyuaANuo2OFc8UmB04J0GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIS4CMJZ9ON6l2O+7YFMaL0qS0+EMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXfYkfZv
NoW3rRWdUl3oSlgTqWybLUrGwpqbeeztcrWopSkpf1WUe19lO/YzZ0ByDL3wQkT7
O9aaAowdh3NadOL4QyBLbSAg5D1yiF4rKiXWwWEvB5/3hj/aK4Gos0EwFT3C2pdT
sjOZBobgttXsrETnmfViNfXioOvvuK2xt5k820i6c3l68wb86PRfExhnSfF/9PwQ
EabaaPiOTcJbqtmz1hOvKklpVrUNFT3cQXJunai7iMhsHRmEs+zVOBy9CqR+89ZC
Pil3dQWeXunpv2pefZykTJe8kL7K3YvPOuTmN1H2eNrHYLB2koqNqYQUNv5GuBgD
EjNjg69rTDMWWA==
-----END CERTIFICATE-----