Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          r+4eUdcyMWRdtwIpijL4qcQovIZ9HhLXkFqePop85G8=
Subject key identifier:   2A:FE:7B:51:B0:40:F4:FA:48:93:E8:3D:1E:01:EF:19:49:CC:2E:3D
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       01974C68FA18ACA71DBBE5A032AB256B4F0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          13A9
Signing time:             Sat 07 Jun 2025 22:00:37 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:37 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:37 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: D9d0KN145jLIwcoW1yBGwEwmTNU4yxzOOB6ICz1Wv7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:fa:18:ac:a7:1d:bb:e5:a0:32:ab:25:6b:4f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Jun  7 22:00:37 2025 GMT
            Not After : Jun  8 22:00:37 2025 GMT
        Subject: CN=2afe7b51b040f4fa4893e83d1e01ef1949cc2e3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:73:84:69:86:e5:f8:29:49:b9:0b:4c:96:52:
                    17:65:28:bc:0c:0a:00:25:af:2d:bc:fe:8a:8b:fa:
                    52:b9:72:06:ec:93:76:54:95:25:7b:4e:05:36:8c:
                    01:68:03:59:f4:85:e0:ac:74:28:56:37:db:23:74:
                    bd:b3:a2:09:62:41:b9:67:ee:e4:b4:31:47:d5:e3:
                    d1:2d:f0:81:60:f0:bc:e1:c0:9a:0a:10:27:60:3f:
                    51:60:88:59:5a:13:76:66:07:1c:5b:95:98:85:eb:
                    89:a2:cb:dc:9b:22:39:dd:c7:fb:7c:64:3a:2a:fb:
                    f6:c9:c3:6f:b0:5a:59:21:29:eb:0a:3f:e4:67:9e:
                    3a:0b:77:75:ae:03:e3:72:9f:a6:94:47:73:59:7a:
                    08:c7:12:e7:d3:f1:a8:7c:dc:d3:08:74:9a:54:10:
                    d3:64:ab:fd:84:91:6d:4d:08:bd:51:b0:07:75:15:
                    51:87:2c:71:60:be:9d:a7:54:47:19:02:93:53:fc:
                    bd:08:ac:76:2b:e3:2d:72:19:be:d1:11:fd:d9:62:
                    fe:c0:f4:a2:2c:81:c5:ac:ed:cb:fb:03:f2:0f:be:
                    93:59:70:f2:75:cd:08:1f:7d:4f:96:02:ab:7f:68:
                    29:04:c5:0a:c6:63:e4:be:a7:6f:6b:01:72:91:c6:
                    1a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FE:7B:51:B0:40:F4:FA:48:93:E8:3D:1E:01:EF:19:49:CC:2E:3D
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:5e:2e:88:60:1f:65:14:d6:3e:e4:98:a6:ea:81:0a:d9:3b:
         d1:3d:3f:03:eb:d0:c5:cf:01:51:50:0a:c0:9a:be:2f:40:7f:
         56:95:cf:48:00:42:37:82:3b:6b:bb:03:b4:b1:b5:23:1c:95:
         08:e0:0b:a9:f9:61:9b:02:cc:ee:a7:ec:bd:f2:89:ca:a4:60:
         c7:82:ae:65:df:f6:eb:9d:5a:bf:db:3a:46:58:5d:9e:0c:be:
         e8:5e:e8:e2:52:58:46:ec:39:0f:12:f9:82:7a:17:f2:98:09:
         37:c2:6e:80:61:0e:92:d9:f1:37:26:72:95:8d:57:d5:e6:a3:
         ec:36:08:cc:59:64:76:4e:2c:aa:4c:d7:bf:b2:3d:9a:f0:f8:
         86:7f:45:fa:98:3e:8e:5c:17:bf:d3:73:65:62:69:c8:f2:35:
         81:30:43:3e:d1:78:57:e4:63:e4:9e:e4:26:e3:e2:a6:51:3b:
         a5:72:cf:bd:cb:71:62:5a:74:b2:1d:bf:dc:e0:0e:00:74:9b:
         f2:7c:35:06:35:26:a1:0b:89:0d:07:fa:9c:71:0f:0e:c8:32:
         6d:28:d7:82:e5:6d:bc:a1:be:ef:99:9b:38:d4:c0:36:3a:38:
         cd:91:f2:51:40:00:cb:5b:fa:1f:cf:7d:49:f5:35:1a:7f:dd:
         34:51:57:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaPoYrKcdu+WgMqsla08PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUwNjA3MjIwMDM3WhcNMjUwNjA4MjIwMDM3WjAzMTEwLwYDVQQD
EygyYWZlN2I1MWIwNDBmNGZhNDg5M2U4M2QxZTAxZWYxOTQ5Y2MyZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nOEaYbl+ClJuQtMllIXZSi8DAoA
Ja8tvP6Ki/pSuXIG7JN2VJUle04FNowBaANZ9IXgrHQoVjfbI3S9s6IJYkG5Z+7k
tDFH1ePRLfCBYPC84cCaChAnYD9RYIhZWhN2ZgccW5WYheuJosvcmyI53cf7fGQ6
Kvv2ycNvsFpZISnrCj/kZ546C3d1rgPjcp+mlEdzWXoIxxLn0/GofNzTCHSaVBDT
ZKv9hJFtTQi9UbAHdRVRhyxxYL6dp1RHGQKTU/y9CKx2K+Mtchm+0RH92WL+wPSi
LIHFrO3L+wPyD76TWXDydc0IH31PlgKrf2gpBMUKxmPkvqdvawFykcYa0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCr+e1GwQPT6SJPoPR4B7xlJzC49MB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABV4uiGAf
ZRTWPuSYpuqBCtk70T0/A+vQxc8BUVAKwJq+L0B/VpXPSABCN4I7a7sDtLG1IxyV
COALqflhmwLM7qfsvfKJyqRgx4KuZd/2651av9s6Rlhdngy+6F7o4lJYRuw5DxL5
gnoX8pgJN8JugGEOktnxNyZylY1X1eaj7DYIzFlkdk4sqkzXv7I9mvD4hn9F+pg+
jlwXv9NzZWJpyPI1gTBDPtF4V+Rj5J7kJuPiplE7pXLPvctxYlp0sh2/3OAOAHSb
8nw1BjUmoQuJDQf6nHEPDsgybSjXguVtvKG+75mbONTANjo4zZHyUUAAy1v6H899
SfU1Gn/dNFFX/g==
-----END CERTIFICATE-----