Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
File:                     BVFgW2dezk4PznF1rjGpP6gnK6Y.mft (raw, json)
Hash identifier:          rbKrh/6hO1BcMrnfAc9+Xizwez9oE3LhKIBrg8cK0iU=
Subject key identifier:   41:23:7A:A1:C1:88:B5:89:72:5B:9B:C8:3C:36:E6:88:CF:FB:5F:D8
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       0199FC8FA450878293046B63142A2507AFC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
Manifest number:          1717
Signing time:             Sun 19 Oct 2025 13:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:36 +0000
Files and hashes:         1: 0AYdj6RPn1eQ4OgEy6QCr1f5k2Q.roa (hash: L6DU942Jz6/lvfUIe3D2o0HomEkBYzu27lFzdIVqGEc=)
                          2: 307iKAUzLWom9Ha-ofR0ylvczFw.roa (hash: tNoP4RY6NW/fnNmLHHbOVFp0gAT4ca7e3JnJBbCaYGs=)
                          3: 5t_gEPyzONNwmcX_6ew0Ih3Mk2Q.roa (hash: vkkst1UDRXFHGnw3oCIz/VahP4EJhU4cLye1AO0QLS0=)
                          4: 64AcovQBhaEtt5KkzSGDTWBNY6M.roa (hash: zvgdvOo5eLLAm5kw5CQHBXY87LfFoqQWzB5IN3bgaik=)
                          5: B-VB7mD6d3yYH8PU8AgFih1fMDc.roa (hash: T5HGrFxvsUPySvUxTWFtkDKWgc+DSV2mLNavrR7oxEo=)
                          6: BVFgW2dezk4PznF1rjGpP6gnK6Y.crl (hash: 7o2KkG5EYxBtT2lPqtUkC2XzQzb1CeYaXAvWwO7G+PQ=)
                          7: FQTXSvb27ypAWeWR6u4PUk-NFzc.roa (hash: oVmw4Wr4zacFRrwMuuDV+itYXymrywavxqZKYRr/zHc=)
                          8: GIdtnYTfB_OfNmkj58C5zvwyoiY.roa (hash: mrolhVBCf9ezcIiNdke1ILuseOXCo3lGnZtCw7CJdqk=)
                          9: JIWScFv9Kksz3-WjVTMxXPLjiWo.roa (hash: 9Ejcda+LEF9Prza7a6M4k8Cqx+Jsocz8uwzratsGHfs=)
                          10: T2zf4MlLIMSvzzuDsJMAjIOyKkY.roa (hash: ueRz8nTweEwyQ4f6p4yvV8towA7SPGMkaN88JD99IhM=)
                          11: WTBCbSxb7h1w4Up4KNg9SZTnE6c.roa (hash: zGDl99MvN6NddN0ACg6xKrKwSNupTCXGaQXZUdGsWZY=)
                          12: Wgn-Z3i6lXU4mVGYn9zEOu2Y5uo.roa (hash: KDlQZdCuo/nIV3/PuDzNC2v7AGRYnk63vIIL7+xFyqo=)
                          13: ZNVBvSaI1BNlFT5y4meV0Zbgnzw.roa (hash: bWlw2kG0F8Yo+irCKVO4en+85QCKnglxRBdSlkv67r0=)
                          14: ZmV3RrHyNbdlPpXWHxyJNKlqz_0.roa (hash: duiYNAfkU9vNSfSeoTIVT6MoGsXF5yCoHKwjI4a3RZo=)
                          15: bLACyeWnCQUwWZqE5WZ_BrmQU6Y.roa (hash: uwoE5/d36cX/Ks6beQm+PxMT5NEUJYwmYJZfciGwpzU=)
                          16: lSQaQo1pT929AIuNEO-jfbBj_uI.roa (hash: aky/WPIxzMhPYRkj4RXOkjGc0PhL0aXcIKo/I7TPgXM=)
                          17: lmjGoIkmtRARzMHJ3Iv6xZvWT5U.roa (hash: D1V3yIkbb8Fb2YGAP6nceG/MedRCxNzvPEgyVbvAN7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:a4:50:87:82:93:04:6b:63:14:2a:25:07:af:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Oct 19 13:01:36 2025 GMT
            Not After : Oct 20 13:01:36 2025 GMT
        Subject: CN=41237aa1c188b589725b9bc83c36e688cffb5fd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:70:a9:3e:db:5e:79:90:82:c2:b3:b4:50:94:
                    9f:07:64:02:2c:bd:e0:a7:7e:b5:34:03:bc:0a:e8:
                    b1:d4:39:64:73:28:76:9c:25:72:3a:44:4d:6e:1c:
                    01:05:39:dc:e4:ba:19:27:a9:f1:0a:73:9a:03:dd:
                    11:fd:56:31:42:33:51:68:af:38:e8:d7:33:f6:55:
                    79:10:e3:9a:55:23:02:02:2f:a3:10:41:bf:8a:05:
                    97:e2:e1:fa:4e:8c:93:c2:79:d1:cd:8d:e4:df:9e:
                    ad:ee:e1:68:aa:4e:6a:7f:53:4b:22:ed:ee:ef:8a:
                    c6:b8:8d:75:a1:e4:e2:d5:da:67:1f:69:15:35:ea:
                    d0:a7:fe:12:f7:cb:10:9f:a1:e0:29:38:84:ce:54:
                    d6:3b:12:d3:7e:96:fb:9a:fe:72:2a:d4:ac:12:40:
                    d0:8e:49:96:f3:2e:76:50:ca:c3:02:55:c7:10:8c:
                    84:0f:e4:4c:be:c8:50:bc:54:17:76:31:86:b8:f1:
                    30:1a:f4:79:66:b2:a8:f3:c2:05:1a:ed:52:38:76:
                    e3:fd:d1:8e:32:5d:01:bb:3c:33:e2:9f:8c:53:f6:
                    83:99:8b:9d:26:22:43:d6:c6:38:4a:d2:e6:05:90:
                    19:1f:8f:a4:9f:95:54:78:6a:0b:d5:c7:1b:ee:68:
                    c4:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:23:7A:A1:C1:88:B5:89:72:5B:9B:C8:3C:36:E6:88:CF:FB:5F:D8
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:2b:1c:7d:a4:ac:35:b2:5a:e3:6c:45:90:10:ca:32:87:23:
         13:7d:ab:92:fc:f3:88:f5:59:24:e3:d3:42:db:fe:4f:50:af:
         75:b5:c7:54:c2:5e:b5:46:ef:d5:1b:a5:18:14:e0:41:0a:2b:
         4e:52:06:54:eb:66:9c:8d:2f:02:c5:cc:c6:0a:1e:3d:46:33:
         99:dd:d3:96:c1:33:9c:46:34:d2:a0:68:c1:44:bf:95:c1:2f:
         90:9d:43:24:b5:1d:32:29:83:2d:a1:a2:3d:d7:29:b6:ee:0e:
         2f:cd:b2:9d:a2:bc:d2:5d:eb:8d:13:4d:9f:f5:58:78:bb:66:
         c1:dd:49:04:cc:de:9a:15:f2:91:1e:67:41:03:53:39:d4:61:
         f5:5b:85:e8:87:38:fc:2e:87:bc:1f:e1:70:85:95:30:4b:01:
         93:dd:d0:1d:6f:bd:46:4f:f4:db:06:77:62:64:ac:50:01:35:
         c4:91:51:a5:98:f1:2c:8b:31:b8:c9:a8:ea:ae:57:17:be:4f:
         0b:b5:d1:d6:1f:f0:2b:04:74:eb:dd:09:23:c2:7a:72:df:28:
         8f:03:e7:65:ce:ac:db:0b:c1:d7:95:64:fa:97:d3:0a:23:66:
         22:04:18:a2:5b:55:ec:12:ee:30:33:64:62:9f:ef:1a:9a:c9:
         47:e7:b3:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j6RQh4KTBGtjFColB6/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjUxMDE5MTMwMTM2WhcNMjUxMDIwMTMwMTM2WjAzMTEwLwYDVQQD
Eyg0MTIzN2FhMWMxODhiNTg5NzI1YjliYzgzYzM2ZTY4OGNmZmI1ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHCpPtteeZCCwrO0UJSfB2QCLL3g
p361NAO8Cuix1Dlkcyh2nCVyOkRNbhwBBTnc5LoZJ6nxCnOaA90R/VYxQjNRaK84
6Ncz9lV5EOOaVSMCAi+jEEG/igWX4uH6ToyTwnnRzY3k356t7uFoqk5qf1NLIu3u
74rGuI11oeTi1dpnH2kVNerQp/4S98sQn6HgKTiEzlTWOxLTfpb7mv5yKtSsEkDQ
jkmW8y52UMrDAlXHEIyED+RMvshQvFQXdjGGuPEwGvR5ZrKo88IFGu1SOHbj/dGO
Ml0Buzwz4p+MU/aDmYudJiJD1sY4StLmBZAZH4+kn5VUeGoL1ccb7mjEYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEjeqHBiLWJclubyDw25ojP+1/YMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSscfaSs
NbJa42xFkBDKMocjE32rkvzziPVZJOPTQtv+T1CvdbXHVMJetUbv1RulGBTgQQor
TlIGVOtmnI0vAsXMxgoePUYzmd3TlsEznEY00qBowUS/lcEvkJ1DJLUdMimDLaGi
Pdcptu4OL82ynaK80l3rjRNNn/VYeLtmwd1JBMzemhXykR5nQQNTOdRh9VuF6Ic4
/C6HvB/hcIWVMEsBk93QHW+9Rk/02wZ3YmSsUAE1xJFRpZjxLIsxuMmo6q5XF75P
C7XR1h/wKwR0690JI8J6ct8ojwPnZc6s2wvB15Vk+pfTCiNmIgQYoltV7BLuMDNk
Yp/vGprJR+eztw==
-----END CERTIFICATE-----