Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
File:                     BVFgW2dezk4PznF1rjGpP6gnK6Y.mft (raw, json)
Hash identifier:          vRqz8UwOfsm15FrW16u/bZVtqzGF/7NHRFt6eVidwKo=
Subject key identifier:   11:9D:3F:E1:A3:53:DF:13:4C:5B:B6:06:4C:AD:E6:8D:E0:77:9E:CE
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       0199FE7DD89D55EB533F8C4945298D57BB76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
Manifest number:          1718
Signing time:             Sun 19 Oct 2025 22:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:24 +0000
Files and hashes:         1: 0AYdj6RPn1eQ4OgEy6QCr1f5k2Q.roa (hash: L6DU942Jz6/lvfUIe3D2o0HomEkBYzu27lFzdIVqGEc=)
                          2: 307iKAUzLWom9Ha-ofR0ylvczFw.roa (hash: tNoP4RY6NW/fnNmLHHbOVFp0gAT4ca7e3JnJBbCaYGs=)
                          3: 5t_gEPyzONNwmcX_6ew0Ih3Mk2Q.roa (hash: vkkst1UDRXFHGnw3oCIz/VahP4EJhU4cLye1AO0QLS0=)
                          4: 64AcovQBhaEtt5KkzSGDTWBNY6M.roa (hash: zvgdvOo5eLLAm5kw5CQHBXY87LfFoqQWzB5IN3bgaik=)
                          5: B-VB7mD6d3yYH8PU8AgFih1fMDc.roa (hash: T5HGrFxvsUPySvUxTWFtkDKWgc+DSV2mLNavrR7oxEo=)
                          6: BVFgW2dezk4PznF1rjGpP6gnK6Y.crl (hash: 6Q/G2q8ZwJjLs+g3wVTq7h3e9GTsIjvqZtR2pcA1ASI=)
                          7: FQTXSvb27ypAWeWR6u4PUk-NFzc.roa (hash: oVmw4Wr4zacFRrwMuuDV+itYXymrywavxqZKYRr/zHc=)
                          8: GIdtnYTfB_OfNmkj58C5zvwyoiY.roa (hash: mrolhVBCf9ezcIiNdke1ILuseOXCo3lGnZtCw7CJdqk=)
                          9: JIWScFv9Kksz3-WjVTMxXPLjiWo.roa (hash: 9Ejcda+LEF9Prza7a6M4k8Cqx+Jsocz8uwzratsGHfs=)
                          10: T2zf4MlLIMSvzzuDsJMAjIOyKkY.roa (hash: ueRz8nTweEwyQ4f6p4yvV8towA7SPGMkaN88JD99IhM=)
                          11: WTBCbSxb7h1w4Up4KNg9SZTnE6c.roa (hash: zGDl99MvN6NddN0ACg6xKrKwSNupTCXGaQXZUdGsWZY=)
                          12: Wgn-Z3i6lXU4mVGYn9zEOu2Y5uo.roa (hash: KDlQZdCuo/nIV3/PuDzNC2v7AGRYnk63vIIL7+xFyqo=)
                          13: ZNVBvSaI1BNlFT5y4meV0Zbgnzw.roa (hash: bWlw2kG0F8Yo+irCKVO4en+85QCKnglxRBdSlkv67r0=)
                          14: ZmV3RrHyNbdlPpXWHxyJNKlqz_0.roa (hash: duiYNAfkU9vNSfSeoTIVT6MoGsXF5yCoHKwjI4a3RZo=)
                          15: bLACyeWnCQUwWZqE5WZ_BrmQU6Y.roa (hash: uwoE5/d36cX/Ks6beQm+PxMT5NEUJYwmYJZfciGwpzU=)
                          16: lSQaQo1pT929AIuNEO-jfbBj_uI.roa (hash: aky/WPIxzMhPYRkj4RXOkjGc0PhL0aXcIKo/I7TPgXM=)
                          17: lmjGoIkmtRARzMHJ3Iv6xZvWT5U.roa (hash: D1V3yIkbb8Fb2YGAP6nceG/MedRCxNzvPEgyVbvAN7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:d8:9d:55:eb:53:3f:8c:49:45:29:8d:57:bb:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Oct 19 22:01:24 2025 GMT
            Not After : Oct 20 22:01:24 2025 GMT
        Subject: CN=119d3fe1a353df134c5bb6064cade68de0779ece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b3:0b:72:95:77:ed:ea:15:ea:60:62:35:6a:
                    6d:4b:0f:e3:3c:b4:fb:a5:89:60:db:00:a6:23:53:
                    e9:c1:5b:b6:f6:f7:65:00:4b:f9:da:67:65:56:4c:
                    c8:f2:a7:d9:c7:43:36:97:2f:de:85:26:6b:11:75:
                    a4:e7:cd:99:b0:37:33:97:2a:ab:ba:f0:26:c8:ac:
                    1c:85:82:d3:7a:78:15:0b:7e:bd:c2:af:cc:fb:1c:
                    e6:5b:01:c1:9e:02:9f:2c:39:3c:b7:4a:8d:45:3a:
                    c1:8e:c7:d3:02:29:a9:1a:e0:a8:ab:fe:bd:99:e2:
                    84:3a:6c:01:c2:a1:a9:13:3b:39:9f:45:3f:6a:c9:
                    27:f0:8a:09:01:30:7f:da:52:de:5e:9c:46:e8:4d:
                    99:d3:a6:6c:68:9b:71:5a:57:0b:f6:15:d7:d1:dc:
                    40:16:b6:b6:b1:f1:aa:3f:cb:42:37:07:fc:48:dd:
                    61:ab:5a:c2:2d:31:55:bc:2c:02:08:c4:08:b6:47:
                    3f:ae:3f:d7:08:bc:dd:36:62:83:e2:02:b6:86:b5:
                    7b:13:8b:95:14:24:25:b9:39:45:1c:11:01:13:16:
                    66:aa:47:e6:49:91:9e:d8:86:4b:c7:19:63:7e:e5:
                    75:6a:60:2d:8d:7f:74:d1:e2:48:5b:62:65:d3:a2:
                    ac:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:9D:3F:E1:A3:53:DF:13:4C:5B:B6:06:4C:AD:E6:8D:E0:77:9E:CE
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:45:ec:2f:1d:d8:ab:04:11:9e:3e:57:e1:3e:31:d1:a7:74:
         ec:36:73:f8:75:5e:bf:87:45:87:0f:e0:b9:49:52:ef:f4:50:
         7c:92:3c:57:ab:ed:2b:cd:ee:b7:d9:0b:4b:7d:47:a8:1e:38:
         3f:f1:19:56:6b:43:f1:4c:71:04:d7:48:2f:77:a0:a2:4f:e9:
         a3:af:f1:84:83:80:e0:fb:76:d0:7b:eb:a8:cc:e1:8d:df:cd:
         94:31:02:61:65:a4:f0:15:87:63:b6:23:d6:27:c1:8c:3e:36:
         06:0c:a9:34:44:49:ec:91:7b:6c:87:83:8d:87:6a:f0:fd:f3:
         f9:63:00:ba:f6:e1:f9:d6:07:bc:0a:e3:b2:58:c4:8d:64:14:
         30:7d:ec:2d:c6:74:3b:e0:02:89:56:96:3e:7a:0d:36:e5:36:
         36:00:9e:70:8c:e2:a3:2f:c4:ff:5f:df:a9:1f:5b:49:b5:11:
         7f:52:cd:27:a4:34:d5:e5:64:d6:dc:9b:3d:b1:98:f6:3c:c3:
         3b:24:25:b0:13:c9:03:8d:e4:15:ec:0e:6a:f7:f7:b7:50:d9:
         6d:81:67:a5:75:9c:aa:60:c7:77:a5:1f:cb:7a:89:ff:da:f8:
         4e:f2:1d:f2:48:3c:93:8e:f7:48:4c:c8:d9:7b:b1:e2:98:7e:
         33:c1:b2:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fdidVetTP4xJRSmNV7t2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjUxMDE5MjIwMTI0WhcNMjUxMDIwMjIwMTI0WjAzMTEwLwYDVQQD
EygxMTlkM2ZlMWEzNTNkZjEzNGM1YmI2MDY0Y2FkZTY4ZGUwNzc5ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLMLcpV37eoV6mBiNWptSw/jPLT7
pYlg2wCmI1PpwVu29vdlAEv52mdlVkzI8qfZx0M2ly/ehSZrEXWk582ZsDczlyqr
uvAmyKwchYLTengVC369wq/M+xzmWwHBngKfLDk8t0qNRTrBjsfTAimpGuCoq/69
meKEOmwBwqGpEzs5n0U/askn8IoJATB/2lLeXpxG6E2Z06ZsaJtxWlcL9hXX0dxA
Fra2sfGqP8tCNwf8SN1hq1rCLTFVvCwCCMQItkc/rj/XCLzdNmKD4gK2hrV7E4uV
FCQluTlFHBEBExZmqkfmSZGe2IZLxxljfuV1amAtjX900eJIW2Jl06KskQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGdP+GjU98TTFu2Bkyt5o3gd57OMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm0XsLx3Y
qwQRnj5X4T4x0ad07DZz+HVev4dFhw/guUlS7/RQfJI8V6vtK83ut9kLS31HqB44
P/EZVmtD8UxxBNdIL3egok/po6/xhIOA4Pt20HvrqMzhjd/NlDECYWWk8BWHY7Yj
1ifBjD42BgypNERJ7JF7bIeDjYdq8P3z+WMAuvbh+dYHvArjsljEjWQUMH3sLcZ0
O+ACiVaWPnoNNuU2NgCecIzioy/E/1/fqR9bSbURf1LNJ6Q01eVk1tybPbGY9jzD
OyQlsBPJA43kFewOavf3t1DZbYFnpXWcqmDHd6Ufy3qJ/9r4TvId8kg8k473SEzI
2Xux4ph+M8GyBw==
-----END CERTIFICATE-----