Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          V7vXX/fZ9WEBNOufDqSQog4B09d7zdEgNgBvjJ4xQHE=
Subject key identifier:   77:22:87:E7:6B:F4:FE:0E:3E:26:65:B6:08:F1:77:69:D5:43:74:D4
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       019A71B777E55CAB974C6FE54CE1B0EA7121
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          154A
Signing time:             Tue 11 Nov 2025 07:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:40 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: PHcxcTKvxrYeSZ2/jvqionJAg7UCGbv46C1QPflQ+Q4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:77:e5:5c:ab:97:4c:6f:e5:4c:e1:b0:ea:71:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Nov 11 07:00:40 2025 GMT
            Not After : Nov 12 07:00:40 2025 GMT
        Subject: CN=772287e76bf4fe0e3e2665b608f17769d54374d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:e4:b4:e7:7a:90:48:a6:95:b7:82:9a:e0:27:
                    fc:a2:83:3e:d8:e6:1f:e8:2c:7e:f5:b8:c2:a6:2f:
                    97:fc:cb:86:e8:1b:d1:9b:a6:4a:d0:2b:fe:58:43:
                    95:d8:74:14:6f:21:67:8f:2b:29:49:e4:18:d5:e1:
                    16:e5:94:59:ca:c8:6a:39:0e:60:d0:01:95:26:34:
                    de:8c:c1:8e:99:80:c4:90:21:c0:b9:6f:d1:67:76:
                    e1:0c:cd:36:46:f7:15:a5:38:68:5c:45:ec:08:5a:
                    68:d3:ae:ca:5f:be:e5:34:92:cf:4e:85:ff:73:ca:
                    c2:0b:50:cb:62:00:19:5b:2d:70:45:94:0f:16:b7:
                    c1:41:ef:ea:32:a4:ff:a0:86:89:b2:6c:e0:3b:b4:
                    05:43:7b:87:62:ef:79:01:be:9c:0c:25:db:73:04:
                    6b:72:b0:5d:38:5f:c7:11:87:ff:dc:aa:c5:4c:31:
                    ec:9a:1d:37:80:70:96:26:0b:d1:7a:ab:6b:1c:3f:
                    3f:fd:0d:6d:55:7b:99:3f:38:84:4c:29:81:6f:12:
                    87:fd:cd:d4:94:aa:28:1c:4e:f5:50:af:d2:f8:95:
                    c8:3d:7b:92:be:bf:9f:c3:91:c6:c6:9c:cf:ab:6a:
                    c0:7a:2b:d1:13:39:17:df:0d:cb:ed:6a:6c:1c:ce:
                    bc:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:22:87:E7:6B:F4:FE:0E:3E:26:65:B6:08:F1:77:69:D5:43:74:D4
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:76:b8:48:3f:ac:bd:3d:f0:03:8b:9f:c2:4e:b0:4f:35:66:
         9a:a1:af:34:5f:17:af:98:07:90:5b:26:b7:40:90:b8:95:97:
         3e:51:75:7a:49:40:1b:94:09:5e:57:be:11:99:79:66:08:6e:
         72:26:41:df:82:df:23:ab:d8:f7:7b:fb:0d:7a:3e:b3:2d:85:
         49:60:b4:ca:5c:11:52:08:2f:9b:45:4c:24:b4:7b:2b:67:31:
         b8:d3:4c:fe:19:6f:82:3f:e2:04:c5:dc:9a:93:5e:95:7a:ce:
         8f:ef:58:df:1b:21:c3:8e:c6:a5:e4:90:7f:11:95:1f:cd:fc:
         2b:8d:9f:f1:f8:2d:d1:3b:88:5a:49:f7:d5:7b:44:00:f5:27:
         4b:74:a4:f1:27:27:7d:70:6b:dc:21:98:49:e8:aa:76:f1:bd:
         f8:4e:51:e6:ce:1f:87:49:64:ce:45:b7:a4:8e:9d:99:72:f4:
         9b:cf:82:6e:18:b6:12:2a:fc:a7:87:c9:96:3b:d2:64:c3:4c:
         fe:be:9b:4e:54:de:06:0a:94:d2:28:7f:c1:24:d9:ac:70:30:
         fa:7c:e6:85:5c:da:37:79:42:70:68:76:35:14:27:11:8b:cd:
         d3:b2:3c:51:25:b7:98:2d:c2:bb:b0:8c:6f:8d:e7:f5:db:20:
         c0:d6:c6:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3flXKuXTG/lTOGw6nEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUxMTExMDcwMDQwWhcNMjUxMTEyMDcwMDQwWjAzMTEwLwYDVQQD
Eyg3NzIyODdlNzZiZjRmZTBlM2UyNjY1YjYwOGYxNzc2OWQ1NDM3NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uS053qQSKaVt4Ka4Cf8ooM+2OYf
6Cx+9bjCpi+X/MuG6BvRm6ZK0Cv+WEOV2HQUbyFnjyspSeQY1eEW5ZRZyshqOQ5g
0AGVJjTejMGOmYDEkCHAuW/RZ3bhDM02RvcVpThoXEXsCFpo067KX77lNJLPToX/
c8rCC1DLYgAZWy1wRZQPFrfBQe/qMqT/oIaJsmzgO7QFQ3uHYu95Ab6cDCXbcwRr
crBdOF/HEYf/3KrFTDHsmh03gHCWJgvReqtrHD8//Q1tVXuZPziETCmBbxKH/c3U
lKooHE71UK/S+JXIPXuSvr+fw5HGxpzPq2rAeivREzkX3w3L7WpsHM68bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcih+dr9P4OPiZltgjxd2nVQ3TUMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWna4SD+s
vT3wA4ufwk6wTzVmmqGvNF8Xr5gHkFsmt0CQuJWXPlF1eklAG5QJXle+EZl5Zghu
ciZB34LfI6vY93v7DXo+sy2FSWC0ylwRUggvm0VMJLR7K2cxuNNM/hlvgj/iBMXc
mpNelXrOj+9Y3xshw47GpeSQfxGVH838K42f8fgt0TuIWkn31XtEAPUnS3Sk8Scn
fXBr3CGYSeiqdvG9+E5R5s4fh0lkzkW3pI6dmXL0m8+Cbhi2Eir8p4fJljvSZMNM
/r6bTlTeBgqU0ih/wSTZrHAw+nzmhVzaN3lCcGh2NRQnEYvN07I8USW3mC3Cu7CM
b43n9dsgwNbGtw==
-----END CERTIFICATE-----