Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
File:                     N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft (raw, json)
Hash identifier:          XJCVMHOho51vyV9P8qbVYhZdT3FZgBTLlG0HS5IFwHc=
Subject key identifier:   C9:09:2F:9A:27:72:9C:9D:31:7E:A7:BB:B0:92:F7:BC:F6:02:4E:7F
Authority key identifier: 37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
Certificate issuer:       /CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Certificate serial:       0199180A6A3E1A8313A0EA43DEB6EC049C0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
Manifest number:          0B76
Signing time:             Fri 05 Sep 2025 04:02:39 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:39 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:39 +0000
Files and hashes:         1: N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl (hash: M/EWQylhFgWXheOt4xurFSQdvCT7BWzAfdSvEvo6ESk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:6a:3e:1a:83:13:a0:ea:43:de:b6:ec:04:9c:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
        Validity
            Not Before: Sep  5 04:02:39 2025 GMT
            Not After : Sep  6 04:02:39 2025 GMT
        Subject: CN=c9092f9a27729c9d317ea7bbb092f7bcf6024e7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:55:ba:02:24:1c:67:df:89:bf:3b:f9:60:f9:
                    76:81:29:6c:8b:6f:69:bb:f2:35:06:86:7d:3d:87:
                    d9:8a:a8:bc:42:4d:06:9a:c3:fd:54:12:2b:0c:64:
                    43:6f:64:60:4a:1a:82:ca:03:61:0d:b0:ad:b0:ed:
                    cc:c8:b4:f1:31:bf:fc:a0:4b:3f:42:ba:bc:db:80:
                    8e:5f:82:07:3f:a8:c0:c1:27:37:bc:1a:4d:81:0a:
                    62:7d:fe:f2:e4:f8:ca:dc:49:a7:b3:62:3f:d3:66:
                    86:b5:f8:27:10:5b:de:76:88:a6:60:de:75:b9:7e:
                    7c:ee:32:5f:ce:2c:ed:89:52:df:5c:05:10:de:17:
                    fb:c2:18:cc:b6:a9:34:cb:a9:4a:48:f7:2d:02:94:
                    4e:ee:6d:33:91:45:75:4c:a0:1a:77:42:29:ce:76:
                    dd:36:1d:07:5a:64:86:d3:b4:cd:68:85:15:83:ff:
                    41:57:60:ff:f0:be:8a:a0:db:d3:20:6c:69:6c:b3:
                    12:ab:26:18:fb:6d:c6:33:3b:c7:11:b3:9f:22:4e:
                    a3:bf:99:d9:56:fd:66:29:67:dd:2c:97:3f:9d:a5:
                    a2:31:85:7b:08:50:f3:62:da:2c:7b:5a:ec:6d:ef:
                    ee:b3:73:39:72:cb:b4:a3:78:4e:21:42:e2:0b:83:
                    13:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:09:2F:9A:27:72:9C:9D:31:7E:A7:BB:B0:92:F7:BC:F6:02:4E:7F
            X509v3 Authority Key Identifier:
                keyid:37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:39:26:49:b1:78:c6:a3:4c:4a:25:ac:dd:7a:32:49:02:65:
         cf:fa:8b:f1:45:62:5b:55:b7:0b:06:00:75:f5:85:45:dd:83:
         08:c3:0a:49:b4:45:ae:26:b0:9d:4e:9e:42:f4:41:56:3e:bb:
         f3:c2:ac:f9:7f:d4:fd:09:56:71:59:6a:d1:57:f9:75:bb:ec:
         da:6f:e2:dc:e8:9f:83:b7:f9:e8:da:12:6a:3d:cb:d2:98:cd:
         c3:7d:fe:7f:7d:d3:17:a8:95:d0:fe:a1:e2:ec:5e:7a:a2:61:
         7a:c8:79:5e:10:57:63:bb:a5:b4:10:c9:39:cb:48:cd:e5:a7:
         e1:db:e4:43:a1:90:be:21:bb:6b:31:3d:fb:cf:46:99:f0:aa:
         48:b1:08:e0:26:ce:9f:64:ac:81:5f:cd:cf:37:1c:3d:53:51:
         9d:12:9b:c2:be:f1:71:19:b4:04:f7:48:01:9a:63:65:3e:41:
         c3:16:fa:18:04:d8:58:18:2d:65:2d:3f:8b:b1:69:8c:f5:cd:
         e6:71:1e:ae:cf:a3:b7:d9:9b:3f:76:e0:e2:b8:7c:27:7c:96:
         e6:76:9b:17:29:e5:2c:42:84:8c:7c:a5:00:98:a6:db:0b:d5:
         72:8e:40:b2:c7:fa:c5:1f:78:9a:20:9e:6e:87:1e:e7:c8:15:
         83:52:fd:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCmo+GoMToOpD3rbsBJwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NzFiZDZlMmRkYTVmYTMwNTdjNGJjMjgzZmFmNzEzYTkx
NWE1ZDkwHhcNMjUwOTA1MDQwMjM5WhcNMjUwOTA2MDQwMjM5WjAzMTEwLwYDVQQD
EyhjOTA5MmY5YTI3NzI5YzlkMzE3ZWE3YmJiMDkyZjdiY2Y2MDI0ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFW6AiQcZ9+Jvzv5YPl2gSlsi29p
u/I1BoZ9PYfZiqi8Qk0GmsP9VBIrDGRDb2RgShqCygNhDbCtsO3MyLTxMb/8oEs/
Qrq824COX4IHP6jAwSc3vBpNgQpiff7y5PjK3Emns2I/02aGtfgnEFvedoimYN51
uX587jJfziztiVLfXAUQ3hf7whjMtqk0y6lKSPctApRO7m0zkUV1TKAad0Ipznbd
Nh0HWmSG07TNaIUVg/9BV2D/8L6KoNvTIGxpbLMSqyYY+23GMzvHEbOfIk6jv5nZ
Vv1mKWfdLJc/naWiMYV7CFDzYtose1rsbe/us3M5csu0o3hOIULiC4MTNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkJL5oncpydMX6nu7CS97z2Ak5/MB8GA1UdIwQY
MBaAFDdxvW4t2l+jBXxLwoP69xOpFaXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAt
OWRjZjZiM2MwNzk3LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAtOWRjZjZiM2MwNzk3
LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArjkmSbF4
xqNMSiWs3XoySQJlz/qL8UViW1W3CwYAdfWFRd2DCMMKSbRFriawnU6eQvRBVj67
88Ks+X/U/QlWcVlq0Vf5dbvs2m/i3Oifg7f56NoSaj3L0pjNw33+f33TF6iV0P6h
4uxeeqJhesh5XhBXY7ultBDJOctIzeWn4dvkQ6GQviG7azE9+89GmfCqSLEI4CbO
n2SsgV/NzzccPVNRnRKbwr7xcRm0BPdIAZpjZT5Bwxb6GATYWBgtZS0/i7FpjPXN
5nEers+jt9mbP3bg4rh8J3yW5nabFynlLEKEjHylAJim2wvVco5Assf6xR94miCe
boce58gVg1L91A==
-----END CERTIFICATE-----