Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          ZXgH/MWAdSetE7d7sgfvCHEPYsS1NkHdtipmIg1lzEE=
Subject key identifier:   5F:55:D2:9F:14:CC:99:5D:C6:9E:61:0F:11:6F:C1:22:7B:FF:0D:B4
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       0197BA7E974E1B114B505CB603320FAF655C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          13E2
Signing time:             Sun 29 Jun 2025 07:02:27 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:27 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:27 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: asgDgem0ElcNvYghlZM+/la9A1ATz1WVQUHCQaNxfDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:97:4e:1b:11:4b:50:5c:b6:03:32:0f:af:65:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Jun 29 07:02:27 2025 GMT
            Not After : Jun 30 07:02:27 2025 GMT
        Subject: CN=5f55d29f14cc995dc69e610f116fc1227bff0db4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:b8:8f:33:cf:09:fe:8e:64:63:12:43:82:ee:
                    5f:fb:ce:6b:a8:28:c6:42:07:9b:06:4d:a7:ee:18:
                    0d:67:0c:9c:0f:59:53:e7:02:14:ac:4f:1f:15:6b:
                    ef:1b:57:f6:65:59:4e:70:1b:c8:7b:c5:10:a3:87:
                    4d:78:d0:d5:f9:2c:71:c8:86:e9:74:92:7f:5e:88:
                    0f:b9:9d:63:45:76:fb:f3:2a:fb:81:10:28:63:fa:
                    f5:ac:df:b4:fc:ee:25:cf:1d:47:3f:ac:f4:f9:06:
                    ac:84:31:25:83:f2:1a:91:08:59:c5:f8:bd:36:e6:
                    6c:ef:4a:51:da:7e:28:96:33:05:de:3b:cb:37:ce:
                    2f:ff:b6:21:3a:d7:83:ec:99:ba:f0:1a:92:8d:70:
                    cf:7d:bc:89:72:20:b8:44:ce:bd:03:d0:81:e9:8e:
                    a3:5b:65:fe:0b:50:a3:63:0c:b4:fc:90:4f:8d:b4:
                    bd:96:fd:5d:5f:17:4b:96:a4:a1:17:96:48:7d:ee:
                    cd:e2:3d:e8:26:93:d6:66:3b:45:10:b7:b6:2b:1f:
                    51:e0:8e:c5:63:7d:80:87:e4:c5:b8:1e:ee:da:f6:
                    2d:83:f8:7e:27:7c:87:66:64:d6:49:66:92:be:39:
                    b8:c8:8b:25:b7:9c:ed:68:f4:95:dd:02:51:dd:e5:
                    49:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:55:D2:9F:14:CC:99:5D:C6:9E:61:0F:11:6F:C1:22:7B:FF:0D:B4
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:33:e7:4c:66:39:5e:81:96:f1:28:be:15:13:f8:cb:3b:b5:
         b7:bc:b4:ab:4f:19:c7:e0:da:bb:b3:49:4d:45:8e:fb:9e:18:
         22:72:b8:77:eb:ee:6a:61:6f:e0:42:9e:43:06:56:62:c0:d5:
         a7:b9:fc:ac:d2:f6:01:a0:d6:4d:ba:41:2d:6f:4c:a5:10:9c:
         6d:9e:ac:5a:19:41:2a:eb:0b:8a:2c:24:77:f9:76:e4:a4:d9:
         52:e3:99:19:53:f8:92:79:36:b2:16:ff:f9:d0:e4:0f:b7:9e:
         b5:5f:23:7b:e5:f3:92:40:2e:3e:69:01:68:0f:b5:4d:c6:77:
         9a:de:88:c5:3a:03:cb:04:7e:18:7d:da:54:45:03:f2:1a:e2:
         b4:e4:1d:46:1c:4a:34:16:fd:5d:d3:cf:61:48:5d:ff:83:87:
         53:fc:da:71:be:82:dc:db:97:b2:29:77:28:e8:18:79:d4:4f:
         96:dd:5b:fa:7a:d9:c0:48:f7:fb:4b:20:43:14:e8:d6:49:d4:
         39:bc:7f:72:72:15:3e:18:15:96:f4:ef:2a:93:4a:b2:ed:fb:
         4d:e1:ea:39:3a:01:ef:33:50:db:fe:3b:f3:a2:6f:a9:01:e5:
         43:cf:63:fd:3f:c7:45:36:2b:05:f0:b0:94:9b:8e:b9:4e:f0:
         f9:8b:a8:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fpdOGxFLUFy2AzIPr2VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUwNjI5MDcwMjI3WhcNMjUwNjMwMDcwMjI3WjAzMTEwLwYDVQQD
Eyg1ZjU1ZDI5ZjE0Y2M5OTVkYzY5ZTYxMGYxMTZmYzEyMjdiZmYwZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7riPM88J/o5kYxJDgu5f+85rqCjG
QgebBk2n7hgNZwycD1lT5wIUrE8fFWvvG1f2ZVlOcBvIe8UQo4dNeNDV+SxxyIbp
dJJ/XogPuZ1jRXb78yr7gRAoY/r1rN+0/O4lzx1HP6z0+QashDElg/IakQhZxfi9
NuZs70pR2n4oljMF3jvLN84v/7YhOteD7Jm68BqSjXDPfbyJciC4RM69A9CB6Y6j
W2X+C1CjYwy0/JBPjbS9lv1dXxdLlqShF5ZIfe7N4j3oJpPWZjtFELe2Kx9R4I7F
Y32Ah+TFuB7u2vYtg/h+J3yHZmTWSWaSvjm4yIslt5ztaPSV3QJR3eVJYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9V0p8UzJldxp5hDxFvwSJ7/w20MB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDPnTGY5
XoGW8Si+FRP4yzu1t7y0q08Zx+Dau7NJTUWO+54YInK4d+vuamFv4EKeQwZWYsDV
p7n8rNL2AaDWTbpBLW9MpRCcbZ6sWhlBKusLiiwkd/l25KTZUuOZGVP4knk2shb/
+dDkD7eetV8je+XzkkAuPmkBaA+1TcZ3mt6IxToDywR+GH3aVEUD8hritOQdRhxK
NBb9XdPPYUhd/4OHU/zacb6C3NuXsil3KOgYedRPlt1b+nrZwEj3+0sgQxTo1knU
Obx/cnIVPhgVlvTvKpNKsu37TeHqOToB7zNQ2/4786JvqQHlQ89j/T/HRTYrBfCw
lJuOuU7w+Yuodw==
-----END CERTIFICATE-----