Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          2zHfuvhCLZw/6SlMxkVlnn6ZJtCh1yY3b6dBrj6XBKs=
Subject key identifier:   18:FC:95:64:66:60:AA:8B:B6:B9:BF:ED:13:23:61:3D:CB:AB:9C:25
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       019921B165C236FF3C7E5F49A7985F956682
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          149C
Signing time:             Sun 07 Sep 2025 01:01:37 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:37 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:37 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: QTG7yroH8E80hT/7u+CIKjzfFtc3ZOZNr8xN10RAaV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:65:c2:36:ff:3c:7e:5f:49:a7:98:5f:95:66:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Sep  7 01:01:37 2025 GMT
            Not After : Sep  8 01:01:37 2025 GMT
        Subject: CN=18fc95646660aa8bb6b9bfed1323613dcbab9c25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:86:41:d5:5b:fc:c0:e4:11:de:57:26:5a:c0:
                    d4:7e:34:fe:38:66:87:cb:e5:5e:13:05:8e:d8:c9:
                    67:9f:9b:9c:f3:03:75:5e:c2:bd:2b:c2:c0:0c:df:
                    53:05:ed:2d:81:29:64:8f:99:43:d4:dc:29:37:82:
                    16:67:64:92:3c:56:26:4f:cc:18:9b:26:9d:c5:07:
                    a2:8e:ca:e1:51:00:1e:6d:dd:eb:c1:f8:6f:af:cf:
                    3d:37:92:8b:4c:d1:56:7d:d3:aa:be:21:ef:91:ea:
                    51:05:dd:fd:19:bb:e3:19:7f:45:c6:5b:4e:35:2d:
                    35:4a:64:13:32:72:8f:95:59:1c:88:ad:8c:b5:0e:
                    f6:af:63:eb:f2:21:1a:a6:24:39:52:da:a7:1b:c3:
                    6b:06:1d:f6:38:18:89:4c:11:89:ad:54:bd:42:a8:
                    0a:d0:4b:37:e0:c9:a9:c3:26:87:4c:04:40:f4:fe:
                    58:82:84:50:de:a1:4e:f0:d6:6b:42:fc:22:1a:b9:
                    c6:98:e7:dd:62:44:f2:d1:9d:91:48:e1:b2:ed:7f:
                    50:cb:47:36:f5:ac:6e:89:f7:37:e4:dc:49:11:6e:
                    9f:65:fc:48:36:3e:3a:00:31:e5:41:2f:0f:58:a3:
                    b5:a8:36:73:1c:01:8a:ed:4f:04:ea:ea:59:4c:c4:
                    49:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:FC:95:64:66:60:AA:8B:B6:B9:BF:ED:13:23:61:3D:CB:AB:9C:25
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:f7:f0:15:16:1a:b9:88:bb:4c:0c:b8:70:bd:28:98:58:43:
         03:11:f9:97:f3:3e:17:89:29:97:4f:cb:b9:76:66:0b:be:95:
         fc:79:56:9f:aa:1b:94:52:4c:3b:02:47:58:67:60:47:e6:cf:
         cb:25:a7:a7:d8:43:46:e7:5c:b9:b3:7a:62:0f:a8:87:fa:12:
         1a:3e:a3:3f:82:16:3a:60:d9:3a:51:84:8e:8d:93:14:bf:e5:
         77:87:79:5b:e7:f8:b7:68:d3:31:c3:25:ac:1a:e8:8f:bb:66:
         70:df:07:65:9f:ae:5e:a6:d4:f8:00:1a:38:c0:a2:16:8a:69:
         e8:ca:77:73:64:ec:7a:b1:30:01:ac:dd:ba:78:83:c2:97:87:
         08:b9:0b:45:80:cd:9c:09:15:f3:77:eb:4f:c8:ff:87:8e:5f:
         57:b7:75:2c:68:7c:da:91:1d:65:cf:26:24:d1:c4:43:e4:27:
         ec:7b:d5:70:f6:7f:76:84:f9:bc:3d:ac:75:ce:dd:37:04:72:
         fb:30:01:bd:6a:a1:85:e2:52:84:2d:ac:d1:6e:2c:4a:9e:85:
         7f:45:90:10:73:7b:98:ee:aa:eb:60:6a:43:4a:de:b4:7e:cb:
         73:86:98:2b:da:02:c0:6d:fc:16:40:5b:40:60:26:51:74:2c:
         77:ba:5e:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsWXCNv88fl9Jp5hflWaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjUwOTA3MDEwMTM3WhcNMjUwOTA4MDEwMTM3WjAzMTEwLwYDVQQD
EygxOGZjOTU2NDY2NjBhYThiYjZiOWJmZWQxMzIzNjEzZGNiYWI5YzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4ZB1Vv8wOQR3lcmWsDUfjT+OGaH
y+VeEwWO2Mlnn5uc8wN1XsK9K8LADN9TBe0tgSlkj5lD1NwpN4IWZ2SSPFYmT8wY
myadxQeijsrhUQAebd3rwfhvr889N5KLTNFWfdOqviHvkepRBd39GbvjGX9FxltO
NS01SmQTMnKPlVkciK2MtQ72r2Pr8iEapiQ5UtqnG8NrBh32OBiJTBGJrVS9QqgK
0Es34MmpwyaHTARA9P5YgoRQ3qFO8NZrQvwiGrnGmOfdYkTy0Z2RSOGy7X9Qy0c2
9axuifc35NxJEW6fZfxINj46ADHlQS8PWKO1qDZzHAGK7U8E6upZTMRJjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBj8lWRmYKqLtrm/7RMjYT3Lq5wlMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq/fwFRYa
uYi7TAy4cL0omFhDAxH5l/M+F4kpl0/LuXZmC76V/HlWn6oblFJMOwJHWGdgR+bP
yyWnp9hDRudcubN6Yg+oh/oSGj6jP4IWOmDZOlGEjo2TFL/ld4d5W+f4t2jTMcMl
rBroj7tmcN8HZZ+uXqbU+AAaOMCiFopp6Mp3c2TserEwAazduniDwpeHCLkLRYDN
nAkV83frT8j/h45fV7d1LGh82pEdZc8mJNHEQ+Qn7HvVcPZ/doT5vD2sdc7dNwRy
+zABvWqhheJShC2s0W4sSp6Ff0WQEHN7mO6q62BqQ0retH7Lc4aYK9oCwG38FkBb
QGAmUXQsd7pe5g==
-----END CERTIFICATE-----