Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          Lvoq5pBwtSxM0JqMJOWeQBiBpKS8fD1aPCnL5D11EUc=
Subject key identifier:   96:A5:DD:B3:A2:1A:54:6E:1E:67:5D:2D:AF:6F:E6:BC:B5:23:48:6C
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       0198D4743FE5D7CDB182797137F67B60C076
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          1474
Signing time:             Sat 23 Aug 2025 01:04:04 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:04 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:04 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: fScYfrfm1kdKob+ipwajVYtHTqLX6uFYeHLMitjEJ6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:3f:e5:d7:cd:b1:82:79:71:37:f6:7b:60:c0:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Aug 23 01:04:04 2025 GMT
            Not After : Aug 24 01:04:04 2025 GMT
        Subject: CN=96a5ddb3a21a546e1e675d2daf6fe6bcb523486c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9f:3c:33:47:57:4a:36:eb:f6:28:99:18:e7:
                    66:c2:22:13:d9:06:4d:c5:30:35:9f:d3:ed:b6:12:
                    68:df:73:33:4a:99:b4:91:12:ec:00:a6:69:07:40:
                    38:ad:36:27:6a:68:80:5f:54:43:a4:9e:1d:9b:dd:
                    47:00:9d:45:f6:d6:03:bd:90:a6:07:21:b4:f8:25:
                    31:85:29:0c:3d:4c:42:62:28:72:e6:bd:9b:c7:ea:
                    1a:15:bd:f1:90:bf:d8:8a:da:81:34:e0:00:6b:d5:
                    3a:6a:02:d7:c8:9c:7f:98:20:b0:62:24:40:bf:c8:
                    5e:ed:ed:97:2f:fa:2c:2b:c4:fd:b2:5f:b7:89:af:
                    6d:8e:d1:d8:e2:4e:52:11:0b:b1:79:64:c8:97:de:
                    f5:26:41:d8:c9:cd:8e:20:84:1d:1b:c0:32:0f:20:
                    9b:fb:f4:bb:02:71:ed:ea:3a:48:f3:b3:b1:c9:33:
                    a6:b6:37:46:91:30:84:cd:1b:0a:a4:49:a1:fa:66:
                    97:a5:9b:71:bd:21:a0:ed:25:2b:2c:be:f2:fb:08:
                    8e:81:39:85:50:54:7b:7f:ca:dd:8a:33:ac:ef:4d:
                    ab:08:16:69:d1:7e:0f:ec:2a:90:45:22:84:40:88:
                    84:45:cf:1b:8a:6f:66:57:18:24:bb:92:48:f2:38:
                    41:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A5:DD:B3:A2:1A:54:6E:1E:67:5D:2D:AF:6F:E6:BC:B5:23:48:6C
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:60:7c:cd:52:c3:a1:48:da:db:78:2a:ad:6d:93:ea:0e:b6:
         72:53:e7:6e:28:89:f4:25:1e:84:90:b4:11:d5:1b:93:00:15:
         3c:f0:85:26:ef:3f:13:b5:ae:c1:e9:01:d6:5a:dd:27:19:f9:
         0f:7e:b9:c6:7d:4f:58:94:18:f6:3d:2d:4b:76:9c:41:1d:66:
         4a:4c:f2:3f:fe:21:54:61:bf:29:c6:4c:0a:51:9f:83:b2:ca:
         4b:28:fe:bb:e8:c2:11:ff:fa:e2:ff:62:ac:6c:5b:03:a9:7f:
         32:aa:f3:65:a6:1e:6b:3a:f4:ee:fb:0d:c8:84:4c:3c:f5:c4:
         1d:e1:75:36:b6:ab:69:92:a1:33:76:7a:f7:ec:1c:f6:49:67:
         81:29:b1:dc:fb:18:da:6e:09:e7:00:16:ec:ee:e9:5b:8a:0c:
         4e:e7:de:09:14:db:f1:56:b1:bd:a6:a0:83:11:5f:d1:d4:b8:
         31:38:f6:0d:41:7c:4f:6c:28:0c:d2:5a:bf:43:2a:8e:ee:b1:
         01:c2:f2:10:f5:31:75:7b:24:04:73:c8:86:ed:e9:14:1d:e3:
         87:4e:7f:7a:7c:74:05:05:6a:d6:37:de:e7:1f:cd:6d:0a:ef:
         a4:2c:6d:23:2f:bc:3d:3e:c7:ba:ac:e3:12:6e:f3:da:9a:18:
         f4:e5:d2:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdD/l182xgnlxN/Z7YMB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUwODIzMDEwNDA0WhcNMjUwODI0MDEwNDA0WjAzMTEwLwYDVQQD
Eyg5NmE1ZGRiM2EyMWE1NDZlMWU2NzVkMmRhZjZmZTZiY2I1MjM0ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs588M0dXSjbr9iiZGOdmwiIT2QZN
xTA1n9PtthJo33MzSpm0kRLsAKZpB0A4rTYnamiAX1RDpJ4dm91HAJ1F9tYDvZCm
ByG0+CUxhSkMPUxCYihy5r2bx+oaFb3xkL/YitqBNOAAa9U6agLXyJx/mCCwYiRA
v8he7e2XL/osK8T9sl+3ia9tjtHY4k5SEQuxeWTIl971JkHYyc2OIIQdG8AyDyCb
+/S7AnHt6jpI87OxyTOmtjdGkTCEzRsKpEmh+maXpZtxvSGg7SUrLL7y+wiOgTmF
UFR7f8rdijOs702rCBZp0X4P7CqQRSKEQIiERc8bim9mVxgku5JI8jhBjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJal3bOiGlRuHmddLa9v5ry1I0hsMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnmB8zVLD
oUja23gqrW2T6g62clPnbiiJ9CUehJC0EdUbkwAVPPCFJu8/E7WuwekB1lrdJxn5
D365xn1PWJQY9j0tS3acQR1mSkzyP/4hVGG/KcZMClGfg7LKSyj+u+jCEf/64v9i
rGxbA6l/MqrzZaYeazr07vsNyIRMPPXEHeF1NraraZKhM3Z69+wc9klngSmx3PsY
2m4J5wAW7O7pW4oMTufeCRTb8VaxvaaggxFf0dS4MTj2DUF8T2woDNJav0Mqju6x
AcLyEPUxdXskBHPIhu3pFB3jh05/enx0BQVq1jfe5x/NbQrvpCxtIy+8PT7Huqzj
Em7z2poY9OXSow==
-----END CERTIFICATE-----